earnme.club Open in urlscan Pro
157.90.71.190 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://earnme.club/nord-n1-from-oneplus/
Submission: On December 13 via manual (December 13th 2022, 1:36:12 am UTC) from IN — Scanned from DE

Summary HTTP 1837 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 126 IPs in 10 countries across 78 domains to perform 1837 HTTP transactions. The main IP is 157.90.71.190, located in Germany and belongs to HETZNER-AS, DE. The main domain is earnme.club.
TLS certificate: Issued by R3 on October 25th 2022. Valid for: 3 months.

This is the only time earnme.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	157.90.71.190 157.90.71.190	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:806::200a	() ()
1	2a06:98c1:312... 2a06:98c1:3121::3	() ()
27	2a00:1450:400... 2a00:1450:4001:827::2002	() ()
1	2a00:1450:400... 2a00:1450:4001:827::2008	() ()
1	2a02:26f0:480... 2a02:26f0:480:b::210:f1d7	() ()
1	2a00:1450:400... 2a00:1450:4001:82b::2003	() ()
48	13.224.189.94 13.224.189.94	16509 (AMAZON-02) (AMAZON-02)
1	192.241.157.60 192.241.157.60	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6810:84e5	() ()
3	52.222.178.36 52.222.178.36	16509 (AMAZON-02) (AMAZON-02)
1	88.221.169.49 88.221.169.49	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:480... 2a02:26f0:480:b::210:f1cc	() ()
4	35.172.123.180 35.172.123.180	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:32::36	() ()
6	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
2	185.89.208.11 185.89.208.11	29990 (ASN-APPNEX) (ASN-APPNEX)
3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
46	2a02:2638:1::1a 2a02:2638:1::1a	() ()
1 2	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
1 3	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1 145	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.185.180.243 18.185.180.243	16509 (AMAZON-02) (AMAZON-02)
46	2602:803:c003... 2602:803:c003:200::51	() ()
1	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
1	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
46	2606:4700:20:... 2606:4700:20::681a:b19	() ()
1	13.224.191.98 13.224.191.98	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	() ()
4	2a00:1450:400... 2a00:1450:4001:829::2002	() ()
9	2a00:1450:400... 2a00:1450:4001:82f::2001	() ()
1	2400:52e0:1e0... 2400:52e0:1e00::864:1	() ()
3	34.239.216.139 34.239.216.139	14618 (AMAZON-AES) (AMAZON-AES)
48 96	2a02:2638::1c 2a02:2638::1c	() ()
1	2600:1901:0:8... 2600:1901:0:8344::	() ()
49	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
1	54.156.207.182 54.156.207.182	14618 (AMAZON-AES) (AMAZON-AES)
3	3.248.128.187 3.248.128.187	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:590::2c79	() ()
1	2.19.44.144 2.19.44.144	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.225.78.128 13.225.78.128	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::ac43:266a	() ()
25	2a00:1450:400... 2a00:1450:4001:82b::2001	() ()
1	205.185.216.10 205.185.216.10	20446 (STACKPATH...) (STACKPATH-CDN)
16	2a00:1450:400... 2a00:1450:4001:82a::2002	() ()
58	2a00:1450:400... 2a00:1450:4001:801::2001	() ()
2	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6810:5514	() ()
63	2a02:2638::3 2a02:2638::3	() ()
1	2600:9000:21f... 2600:9000:21f3:5600:a:e047:752:5701	() ()
6 14	2a00:1450:400... 2a00:1450:4001:811::2004	() ()
1	34.198.17.16 34.198.17.16	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	() ()
1	2a02:2638::2 2a02:2638::2	() ()
2	2a02:2638:1::4 2a02:2638:1::4	() ()
72	185.86.138.16 185.86.138.16	201081 (SMARTADSE...) (SMARTADSERVER)
291	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
3	23.88.17.186 23.88.17.186	24940 (HETZNER-AS) (HETZNER-AS)
45	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	52.27.31.176 52.27.31.176	16509 (AMAZON-02) (AMAZON-02)
1	52.29.128.124 52.29.128.124	16509 (AMAZON-02) (AMAZON-02)
1 2	185.172.90.252 185.172.90.252	49981 (WORLDSTREAM) (WORLDSTREAM)
1 2	88.221.168.201 88.221.168.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:41d0:701... 2001:41d0:701:1000::2fb3	() ()
12	2a00:1450:400... 2a00:1450:4001:812::2002	() ()
3	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:9000:21f... 2600:9000:21f3:d000:1e:a43d:b640:93a1	() ()
54	2a00:1450:400... 2a00:1450:4001:80f::2002	() ()
1	44.240.137.201 44.240.137.201	16509 (AMAZON-02) (AMAZON-02)
5	2400:52e0:1e0... 2400:52e0:1e00::723:1	() ()
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba29	() ()
2	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
2	13.32.121.5 13.32.121.5	16509 (AMAZON-02) (AMAZON-02)
3	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
12	185.89.211.132 185.89.211.132	29990 (ASN-APPNEX) (ASN-APPNEX)
18	2a02:2638::c 2a02:2638::c	() ()
4	2a02:2638::21 2a02:2638::21	() ()
114	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
5 5	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
98	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2a02:26f0:350... 2a02:26f0:3500:12::1730:17c2	() ()
2	167.235.32.26 167.235.32.26	24940 (HETZNER-AS) (HETZNER-AS)
24	34.251.154.165 34.251.154.165	16509 (AMAZON-02) (AMAZON-02)
5 6	52.58.171.208 52.58.171.208	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
6 8	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2602:803:c003... 2602:803:c003:200::57	() ()
2	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
4 16	144.76.91.199 144.76.91.199	24940 (HETZNER-AS) (HETZNER-AS)
46	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
11	2a02:26f0:350... 2a02:26f0:3500:12::1730:17ba	() ()
11	185.86.138.124 185.86.138.124	201081 (SMARTADSE...) (SMARTADSERVER)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	184.24.4.64 184.24.4.64	16625 (AKAMAI-AS) (AKAMAI-AS)
44	217.79.188.11 217.79.188.11	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
44	217.79.188.54 217.79.188.54	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	54.239.38.253 54.239.38.253	16509 (AMAZON-02) (AMAZON-02)
6 8	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	() ()
2 4	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
1 2	2a05:d018:d29... 2a05:d018:d29:3602:bab2:eed8:8214:ca90	() ()
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3	162.55.236.224 162.55.236.224	24940 (HETZNER-AS) (HETZNER-AS)
37	2a00:1450:400... 2a00:1450:4001:831::2006	() ()
10	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:d000:8:455e:4a00:93a1	() ()
14	13.224.189.85 13.224.189.85	16509 (AMAZON-02) (AMAZON-02)
5	85.114.131.235 85.114.131.235	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
24	2606:4700:20:... 2606:4700:20::ac43:4a81	() ()
9	185.86.137.113 185.86.137.113	201081 (SMARTADSE...) (SMARTADSERVER)
2 4	23.67.134.223 23.67.134.223	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.85.15.23 185.85.15.23	200107 (KL-EXT) (KL-EXT)
1	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
1 5	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
10 12	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
8	46.4.41.145 46.4.41.145	24940 (HETZNER-AS) (HETZNER-AS)
4	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
1	104.18.36.94 104.18.36.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	52.213.183.212 52.213.183.212	16509 (AMAZON-02) (AMAZON-02)
1 3	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	37.157.3.20 37.157.3.20	198622 (ADFORM) (ADFORM)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.95.81.168 34.95.81.168	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.64.151.162 172.64.151.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1837	126

14 157.90.71.190 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.190.71.90.157.clients.your-server.de

earnme.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN- ()

cdn.adapex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN- ()

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:b::210:f1d7 (Frankfurt am Main, Germany)

ASN- ()

tg1.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 13.224.189.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-94.fra2.r.cloudfront.net

flashnetic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper

cat.hbwrapper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:84e5 (United States)

ASN- ()

cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.178.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-178-36.ham50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.169.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-49.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:b::210:f1cc (Frankfurt am Main, Germany)

ASN- ()

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.172.123.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-123-180.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN- ()

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

digikulture-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a02:2638:1::1a (France)

ASN- ()

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.85.234 (Schiphol, Netherlands) 1 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

145 185.89.210.90 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.180.243 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-180-243.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN- ()

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2606:4700:20::681a:b19 (United States)

ASN- ()

hb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.191.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-191-98.fra2.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN- ()

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN- ()

391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::864:1 (Slovenia)

ASN- ()

cdn.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.239.216.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-216-139.compute-1.amazonaws.com

track1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

96 2a02:2638::1c (France) 48 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:8344:: (Kansas City, United States)

ASN- ()

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.156.207.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-207-182.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.248.128.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-128-187.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:590::2c79 (Frankfurt am Main, Germany)

ASN- ()

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.44.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-44-144.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-128.fra2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:266a (United States)

ASN- ()

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN- ()

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

excellence-prebid.sfo2.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN- ()

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

63 2a02:2638::3 (France)

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:5600:a:e047:752:5701 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 6 redirects

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.17.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-17-16.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN- ()

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN- ()

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

291 37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.88.17.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.17.88.23.clients.your-server.de

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.27.31.176 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-31-176.us-west-2.compute.amazonaws.com

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.128.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-128-124.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.172.90.252 (Naaldwijk, Netherlands) 1 redirects

ASN49981 (WORLDSTREAM, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.168.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:701:1000::2fb3 (France)

ASN- ()

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:d000:1e:a43d:b640:93a1 (United States)

ASN- ()

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN- ()

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.137.201 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-137-201.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2400:52e0:1e00::723:1 (Slovenia)

ASN- ()

streaming.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN- ()

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-5.fra60.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.89.211.132 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:2638::c (France)

ASN- ()

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::21 (France)

ASN- ()

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

114 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.19.35.65 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

98 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:3500:12::1730:17c2 (Frankfurt am Main, Germany)

ASN- ()

ced-ns.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.32.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.26.32.235.167.clients.your-server.de

tm.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 34.251.154.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com

s.ads.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.58.171.208 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-171-208.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::57 (Amsterdam, Netherlands)

ASN- ()

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 144.76.91.199 (Germany) 4 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad18.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:3500:12::1730:17ba (Frankfurt am Main, Germany)

ASN- ()

apps.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.86.138.124 (France)

ASN201081 (SMARTADSERVER, FR)

itx5.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.4.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-4-64.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 217.79.188.54 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com

ad13.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

widget.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.239.38.253 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.139 (Frankfurt am Main, Germany) 6 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.155.104 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:bab2:eed8:8214:ca90 (Dublin, Ireland) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:d000:8:455e:4a00:93a1 (United States)

ASN- ()

cdn.besafe.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.224.189.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-85.fra2.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 85.114.131.235 (Tuttlingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21039.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:20::ac43:4a81 (United States)

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.86.137.113 (France)

ASN201081 (SMARTADSERVER, FR)

www8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.67.134.223 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-134-223.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.85.15.23 (Germany)

ASN200107 (KL-EXT, CH)

media.kaspersky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.99.165.19 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

hal900028.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 84.200.5.215 (Germany) 10 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 46.4.41.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.105.24 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.183.212 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-183-212.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.33.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.20 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.168 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com

euexchangesync.digitaleast.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
406	adform.net 1 redirects adx.adform.net — Cisco Umbrella Rank: 4774 track.adform.net — Cisco Umbrella Rank: 4163 s1.adform.net — Cisco Umbrella Rank: 9699 cm.adform.net — Cisco Umbrella Rank: 1537 c1.adform.net — Cisco Umbrella Rank: 639	3 MB
208	adnxs.com 1 redirects prebid.adnxs.com — Cisco Umbrella Rank: 1555 ib.adnxs.com — Cisco Umbrella Rank: 218 cdn.adnxs.com — Cisco Umbrella Rank: 1392 ams3-ib.adnxs.com — Cisco Umbrella Rank: 8220 acdn.adnxs.com — Cisco Umbrella Rank: 579	1 MB
198	criteo.com 48 redirects bidder.criteo.com — Cisco Umbrella Rank: 734 gum.criteo.com — Cisco Umbrella Rank: 399 mug.criteo.com — Cisco Umbrella Rank: 3032 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 22192 ads.eu.criteo.com — Cisco Umbrella Rank: 11394 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 14558 widget.nl.eu.criteo.com — Cisco Umbrella Rank: 26520	489 KB
159	rubiconproject.com 11 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 451 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 860 eus.rubiconproject.com — Cisco Umbrella Rank: 547 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 12880 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2189 pixel.rubiconproject.com — Cisco Umbrella Rank: 321 token.rubiconproject.com — Cisco Umbrella Rank: 551	840 KB
121	googlesyndication.com 391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 139 pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com 1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com 1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com	732 KB
116	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1508 s.ads.smartadserver.com — Cisco Umbrella Rank: 11713 itx5.smartadserver.com — Cisco Umbrella Rank: 28791 www8.smartadserver.com — Cisco Umbrella Rank: 6144	320 KB
88	adition.com imagesrv.adition.com — Cisco Umbrella Rank: 25641 ad13.adfarm1.adition.com — Cisco Umbrella Rank: 75771	771 KB
85	criteo.net static.criteo.net — Cisco Umbrella Rank: 662 pix.eu.criteo.net — Cisco Umbrella Rank: 11597 csm.eu.criteo.net — Cisco Umbrella Rank: 11957	1 MB
58	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297 ad.doubleclick.net — Cisco Umbrella Rank: 164	893 KB
48	flashnetic.com flashnetic.com — Cisco Umbrella Rank: 50946	163 KB
45	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6590	8 KB
45	adpone.com hb.adpone.com — Cisco Umbrella Rank: 23256	5 MB
37	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 269	1 MB
25	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 388	542 KB
24	ad4m.at ad4m.at — Cisco Umbrella Rank: 13213 as.ad4m.at — Cisco Umbrella Rank: 39598	112 KB
22	sascdn.com ced-ns.sascdn.com — Cisco Umbrella Rank: 2356 apps.sascdn.com — Cisco Umbrella Rank: 7554	133 KB
18	ad-srv.net 4 redirects tm.ad-srv.net — Cisco Umbrella Rank: 107223 ad.ad-srv.net — Cisco Umbrella Rank: 41632 ad18.ad-srv.net — Cisco Umbrella Rank: 309646	18 KB
18	google.com 6 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	3 KB
16	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	509 KB
14	trustarc.com choices.trustarc.com — Cisco Umbrella Rank: 714	49 KB
14	earnme.club earnme.club	186 KB
11	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 308 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 492 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1090 s.amazon-adsystem.com — Cisco Umbrella Rank: 276	55 KB
9	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 478 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 413 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 507	7 KB
9	yahoo.com 2 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 837 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 418 ups.analytics.yahoo.com — Cisco Umbrella Rank: 287	2 KB
8	o2online.de partner.o2online.de — Cisco Umbrella Rank: 119303	12 KB
8	telefonica-partner.de 6 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 102606	8 KB
7	bidswitch.net 5 redirects grid.bidswitch.net — Cisco Umbrella Rank: 853 x.bidswitch.net — Cisco Umbrella Rank: 290	2 KB
7	playstream.media tg1.playstream.media — Cisco Umbrella Rank: 47242 cdn.playstream.media — Cisco Umbrella Rank: 78269 streaming.playstream.media — Cisco Umbrella Rank: 55687	2 MB
6	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 55258 hal900028.redintelligence.net — Cisco Umbrella Rank: 496419	9 KB
6	richaudience.com shb.richaudience.com — Cisco Umbrella Rank: 4114 sync.richaudience.com — Cisco Umbrella Rank: 1837	1 KB
6	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 448 cdn.id5-sync.com — Cisco Umbrella Rank: 941	36 KB
6	aniview.com track1.aniview.com — Cisco Umbrella Rank: 1815 player.aniview.com — Cisco Umbrella Rank: 1824 go1.aniview.com — Cisco Umbrella Rank: 4914	118 KB
5	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 83326	56 KB
5	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 1435 tags.crwdcntrl.net — Cisco Umbrella Rank: 1211 bcp.crwdcntrl.net — Cisco Umbrella Rank: 880	21 KB
5	avplayer.com player.avplayer.com — Cisco Umbrella Rank: 8849 track1.avplayer.com — Cisco Umbrella Rank: 9913	131 KB
4	lead-alliance.net 4 redirects www.lead-alliance.net — Cisco Umbrella Rank: 100007	2 KB
4	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 16963	2 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 429 rtb0.doubleverify.com — Cisco Umbrella Rank: 664 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 21199	22 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 11832	1 KB
4	33across.com ssc.33across.com — Cisco Umbrella Rank: 1846 lexicon.33across.com — Cisco Umbrella Rank: 1720 ssc-cms.33across.com — Cisco Umbrella Rank: 855	586 B
4	gstatic.com fonts.gstatic.com www.gstatic.com	60 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 4153 a.ad.gt — Cisco Umbrella Rank: 3431	4 KB
3	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1119 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1332	1022 B
3	media.net 1 redirects prebid.media.net — Cisco Umbrella Rank: 1130 contextual.media.net — Cisco Umbrella Rank: 553 hbx.media.net — Cisco Umbrella Rank: 1210	10 KB
3	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 727	482 B
3	openx.net digikulture-d.openx.net — Cisco Umbrella Rank: 23980 u.openx.net — Cisco Umbrella Rank: 667	501 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	3 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 476	1 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 605 cdn.indexww.com — Cisco Umbrella Rank: 1503	2 KB
2	kaspersky.com media.kaspersky.com — Cisco Umbrella Rank: 199916	160 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 323	529 B
2	truste.com choices.truste.com — Cisco Umbrella Rank: 707	12 KB
2	sojern.com beacon.sojern.com — Cisco Umbrella Rank: 5129	330 B
2	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1470	1 KB
2	pubmatic.com 1 redirects ads.pubmatic.com — Cisco Umbrella Rank: 470	154 B
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 7181	849 B
2	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 858	318 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3983	361 B
2	teads.tv a.teads.tv — Cisco Umbrella Rank: 1403 at.teads.tv — Cisco Umbrella Rank: 5022	4 KB
1	digitaleast.mobi 1 redirects euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 30873	269 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 810	626 B
1	besafe.global cdn.besafe.global — Cisco Umbrella Rank: 12826	14 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 372	708 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 5106	525 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2182	477 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 447	730 B
1	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 889	155 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2380	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 396	1 KB
1	digitaloceanspaces.com excellence-prebid.sfo2.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 638406	229 KB
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 3074	11 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1179	17 KB
1	liadm.com idx.liadm.com — Cisco Umbrella Rank: 2367	426 B
1	cloudflare.com cloudflare.com — Cisco Umbrella Rank: 114	449 B
1	hbwrapper.com cat.hbwrapper.com — Cisco Umbrella Rank: 14892	256 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	75 KB
1	adapex.io cdn.adapex.io — Cisco Umbrella Rank: 22495	157 KB
0	rlcdn.com Failed api.rlcdn.com Failed
1837	78

	Domain	Requested by
218	track.adform.net	hb.adpone.com s1.adform.net ced-ns.sascdn.com flashnetic.com
145	ib.adnxs.com	1 redirects cdn.adapex.io hb.adpone.com excellence-prebid.sfo2.cdn.digitaloceanspaces.com acdn.adnxs.com earnme.club
114	s1.adform.net	hb.adpone.com track.adform.net s1.adform.net earnme.club
98	eus.rubiconproject.com	earnme.club eus.rubiconproject.com hb.adpone.com flashnetic.com cdn.adapex.io
96	gum.criteo.com	48 redirects static.criteo.net
72	prg.smartadserver.com	hb.adpone.com
68	adx.adform.net	hb.adpone.com s1.adform.net
63	static.criteo.net	securepubads.g.doubleclick.net cdn.adapex.io ads.eu.criteo.com static.criteo.net hb.adpone.com
58	tpc.googlesyndication.com	earnme.club securepubads.g.doubleclick.net 391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com 1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com 584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com tpc.googlesyndication.com 1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com cdn.ampproject.org googleads.g.doubleclick.net ad.doubleclick.net s0.2mdn.net
54	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com earnme.club pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net s0.2mdn.net
49	mug.criteo.com	earnme.club
48	flashnetic.com	earnme.club flashnetic.com
46	acdn.adnxs.com	flashnetic.com hb.adpone.com earnme.club cdn.adapex.io
46	fastlane.rubiconproject.com	cdn.adapex.io hb.adpone.com
46	bidder.criteo.com	cdn.adapex.io hb.adpone.com
45	prebid-eu.creativecdn.com	hb.adpone.com
45	hb.adpone.com	flashnetic.com
44	ad13.adfarm1.adition.com	s1.adform.net ad13.adfarm1.adition.com
44	imagesrv.adition.com	s1.adform.net flashnetic.com ad13.adfarm1.adition.com
37	s0.2mdn.net	googleads.g.doubleclick.net ad.doubleclick.net s0.2mdn.net earnme.club
27	securepubads.g.doubleclick.net	earnme.club securepubads.g.doubleclick.net flashnetic.com www.googletagservices.com 1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com 584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com 1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com
25	cdn.ampproject.org	securepubads.g.doubleclick.net 1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com 584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com 1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com
24	s.ads.smartadserver.com	earnme.club s.ads.smartadserver.com
18	pix.eu.criteo.net	ads.eu.criteo.com
16	ad4m.at	s1.adform.net ad4m.at
16	www.googletagservices.com	securepubads.g.doubleclick.net earnme.club 391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com googleads.g.doubleclick.net partner.o2online.de www.googletagservices.com s0.2mdn.net
14	choices.trustarc.com	choices.truste.com choices.trustarc.com earnme.club
14	www.google.com	6 redirects earnme.club 1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com 584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com tpc.googlesyndication.com 1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com
14	earnme.club	earnme.club
12	ams3-ib.adnxs.com	excellence-prebid.sfo2.cdn.digitaloceanspaces.com hb.adpone.com flashnetic.com cdn.adnxs.com earnme.club
11	itx5.smartadserver.com	ced-ns.sascdn.com
11	apps.sascdn.com	ced-ns.sascdn.com
11	ced-ns.sascdn.com	earnme.club
10	googleads4.g.doubleclick.net	googleads.g.doubleclick.net ad.doubleclick.net
9	www8.smartadserver.com	flashnetic.com earnme.club
9	googleads.g.doubleclick.net	earnme.club 391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com 1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com 584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com pagead2.googlesyndication.com 1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com
8	partner.o2online.de	as.ad4m.at www.telefonica-partner.de
8	www.telefonica-partner.de	6 redirects as.ad4m.at
8	as.ad4m.at	ad4m.at as.ad4m.at
8	ad18.ad-srv.net	ad.ad-srv.net
8	ad.ad-srv.net	4 redirects tm.ad-srv.net ad.ad-srv.net
8	cm.g.doubleclick.net	6 redirects eus.rubiconproject.com
6	x.bidswitch.net	5 redirects earnme.club
6	c2shb.pubgw.yahoo.com	cdn.adapex.io excellence-prebid.sfo2.cdn.digitaloceanspaces.com
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	hal900028.redintelligence.net	1 redirects flashnetic.com hal900028.redintelligence.net
5	cdn.contentspread.net	ad.ad-srv.net hal900028.redintelligence.net
5	cm.adform.net	flashnetic.com googleads.g.doubleclick.net
5	secure-assets.rubiconproject.com	5 redirects
5	streaming.playstream.media	player.avplayer.com
4	ad.doubleclick.net	www.googletagservices.com
4	www.lead-alliance.net	4 redirects
4	www.awin1.com	2 redirects ad.ad-srv.net
4	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com ssum-sec.casalemedia.com
4	token.rubiconproject.com	4 redirects
4	pixel.rubiconproject.com	2 redirects eus.rubiconproject.com
4	csm.eu.criteo.net	ads.eu.criteo.com
4	id5-sync.com	cdn.adapex.io cdn.id5-sync.com
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
4	track1.aniview.com	earnme.club player.aniview.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	sync.richaudience.com	earnme.club hb.adpone.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	cdn.adnxs.com	excellence-prebid.sfo2.cdn.digitaloceanspaces.com hb.adpone.com
3	cat.nl.eu.criteo.com	ads.eu.criteo.com flashnetic.com
3	shb.richaudience.com	hb.adpone.com
3	www.gstatic.com	earnme.club 391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com
3	track1.avplayer.com	earnme.club
3	391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	onetag-sys.com	1 redirects cdn.adapex.io
3	c.amazon-adsystem.com	cdn.adapex.io c.amazon-adsystem.com
3	fonts.googleapis.com	earnme.club 391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com
2	match.prod.bidr.io	2 redirects
2	u.openx.net	cdn.adapex.io
2	ssc-cms.33across.com	cdn.adapex.io
2	media.kaspersky.com	ad.ad-srv.net
2	match.adsrvr.org	eus.rubiconproject.com ssum-sec.casalemedia.com
2	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	tm.ad-srv.net	earnme.club
2	choices.truste.com	earnme.club excellence-prebid.sfo2.cdn.digitaloceanspaces.com
2	beacon.sojern.com	earnme.club excellence-prebid.sfo2.cdn.digitaloceanspaces.com
2	cdn.doubleverify.com	earnme.club cdn.doubleverify.com
2	1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	secure-gl.imrworldwide.com	ads.eu.criteo.com
2	ads.pubmatic.com	1 redirects earnme.club
2	pbjs.e-planning.net	1 redirects earnme.club
2	id.hadron.ad.gt	cdn.hadronid.net
2	bcp.crwdcntrl.net	tags.crwdcntrl.net
2	ads.eu.criteo.com	391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com hb.adpone.com
2	lb.eu-1-id5-sync.com	cdn.adapex.io cdn.id5-sync.com
2	cdn.id5-sync.com	earnme.club securepubads.g.doubleclick.net
2	tags.crwdcntrl.net	earnme.club securepubads.g.doubleclick.net
2	prebid.a-mo.net	1 redirects cdn.adapex.io
2	prebid.adnxs.com	cdn.adapex.io
2	region1.google-analytics.com	www.googletagmanager.com
2	player.avplayer.com	tg1.playstream.media player.avplayer.com
1	ups.analytics.yahoo.com	1 redirects
1	hbx.media.net	1 redirects
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	euexchangesync.digitaleast.mobi	1 redirects
1	um.simpli.fi	1 redirects
1	c1.adform.net	1 redirects
1	contextual.media.net	cdn.adapex.io
1	js-sec.indexww.com	cdn.adapex.io
1	hal9000.redintelligence.net	earnme.club
1	cdn.besafe.global	earnme.club
1	rtbc-eu3.doubleverify.com	cdn.doubleverify.com
1	px.ads.linkedin.com	eus.rubiconproject.com
1	widget.nl.eu.criteo.com	ads.eu.criteo.com
1	ad.yieldlab.net	googleads.g.doubleclick.net
1	pixel-eu.rubiconproject.com	eus.rubiconproject.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	beacon-ams3.rubiconproject.com	earnme.club
1	match.adsby.bidtheatre.com	1 redirects
1	sync.mathtag.com	1 redirects
1	a.ad.gt	cdn.hadronid.net
1	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
1	btlr.sharethrough.com	excellence-prebid.sfo2.cdn.digitaloceanspaces.com
1	rtb.fr.eu.criteo.com	earnme.club
1	go1.aniview.com	player.aniview.com
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	excellence-prebid.sfo2.cdn.digitaloceanspaces.com	securepubads.g.doubleclick.net
1	cdn.hadronid.net	earnme.club
1	secure.cdn.fastclick.net	earnme.club
1	player.aniview.com	player.avplayer.com
1	id.crwdcntrl.net	cdn.adapex.io
1	idx.liadm.com	cdn.adapex.io
1	lexicon.33across.com	cdn.adapex.io
1	cdn.playstream.media	earnme.club
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	at.teads.tv	a.teads.tv
1	ssc.33across.com	cdn.adapex.io
1	prebid.media.net	cdn.adapex.io
1	grid.bidswitch.net	cdn.adapex.io
1	htlb.casalemedia.com	cdn.adapex.io
1	digikulture-d.openx.net	cdn.adapex.io
1	a.teads.tv	cdn.adapex.io
1	cloudflare.com	cdn.adapex.io
1	cat.hbwrapper.com	cdn.adapex.io
1	fonts.gstatic.com	fonts.googleapis.com
1	tg1.playstream.media	earnme.club
1	www.googletagmanager.com	earnme.club
1	cdn.adapex.io	earnme.club
0	api.rlcdn.com Failed	cdn.adapex.io
1837	148

This site contains links to these domains. Also see Links.

Domain
wordpress.org
i
earn
rasik
mhthemes.com

Subject Issuer	Validity	Valid
www.earnme.club.tnlink.in R3	`2022-10-25` - `2023-01-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
wl.aniview.com R3	`2022-11-30` - `2023-02-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
flashnetic.com Amazon	`2022-07-10` - `2023-08-08`	a year	crt.sh
cat.hbwrapper.com R3	`2022-12-03` - `2023-03-03`	3 months	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
outstreamedia.com R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
*.aniview.com Amazon	`2022-12-06` - `2024-01-04`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2022-05-26` - `2023-06-26`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
*.a-mo.net R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2022-11-11` - `2023-02-09`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
cdn.playstream.media R3	`2022-11-17` - `2023-02-15`	3 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2022-10-24` - `2023-01-22`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.liadm.com Amazon	`2022-09-30` - `2023-10-29`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
*.hadronid.net GTS CA 1P5	`2022-10-16` - `2023-01-14`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.sfo2.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-05-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-07` - `2023-03-12`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.richaudience.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-03-10`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.hadron.stage.ad.gt Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.ad.gt Amazon	`2022-05-10` - `2023-06-08`	a year	crt.sh
streaming.playstream.media R3	`2022-11-17` - `2023-02-15`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-16` - `2023-01-16`	a year	crt.sh
*.truste.com Amazon	`2022-01-17` - `2023-02-15`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
*.sascdn.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-08` - `2023-09-11`	a year	crt.sh
ad-srv.net R3	`2022-12-12` - `2023-03-12`	3 months	crt.sh
ads.smartadserver.com R3	`2022-10-18` - `2023-01-16`	3 months	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G2	`2022-04-26` - `2023-05-28`	a year	crt.sh
*.adfarm1.adition.com AlphaSSL CA - SHA256 - G2	`2022-06-01` - `2023-07-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
cdn.besafe.global Amazon	`2022-05-26` - `2023-06-24`	a year	crt.sh
*.trustarc.com Amazon	`2022-05-17` - `2023-06-15`	a year	crt.sh
contentspread.net R3	`2022-10-10` - `2023-01-08`	3 months	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
redintelligence.net R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
www.telefonica-partner.de R3	`2022-11-01` - `2023-01-30`	3 months	crt.sh
partner.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2022-01-12` - `2023-01-20`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh

This page contains 330 frames:

Primary Page: https://earnme.club/nord-n1-from-oneplus/
Frame ID: F57984AEA3E4269938B220ABB242A18B
Requests: 120 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: BD39251CC5BA74D4B78B6716FA889DAA
Requests: 20 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=jroovvefi&e=1582957865563
Frame ID: 749FC3D6ADEF62DE55370F397303543E
Requests: 11 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=cyupjnth&e=1582957865563
Frame ID: 97D68EB82F202F55F36C16E6656C2DF2
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=qlggoqc&e=1582957865563
Frame ID: 3EE419A7D7683E007B8E235EA030FE30
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=djpdnvmk&e=1582957865563
Frame ID: AD3AEC71E758D3CA7B874860DE5A6E38
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=ogtsap&e=1582957865563
Frame ID: 542029BFE8F88AEAEB66497F523372A8
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=zophdtn&e=1582957865563
Frame ID: 5678CE12958EA90F9F33B2AF46292A85
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=bipodbdgfk&e=1582957865563
Frame ID: 287E19FB29E73D3C3E437F0E3132544F
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=yusjeyea&e=1582957865563
Frame ID: 683EAB62B2F3A9EA6C7CB617EFBC51CC
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=okqaizdly&e=1582957865563
Frame ID: 214C90B5C667574F21289CAF4675EF88
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=zvkvgpe&e=1582957865563
Frame ID: 3B76CDD43D471603A4BA053EE12C73E6
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=injfbw&e=1582957865563
Frame ID: E95867AAA41CE93DD53266C70163D7A4
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=hrcralsp&e=1582957865563
Frame ID: 8F79275B4B8DD3EF19F61935374E199B
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=wvgcabh&e=1582957865563
Frame ID: E96DE2808028E4D5B29C5B2BDDA547AD
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=prudmwjd&e=1582957865563
Frame ID: 3BAED73155BA41E7C2176AA2399E8A8A
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: C729A926F79F0DDB7F9897B97519753E
Requests: 20 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=rfgam&e=1011989061034
Frame ID: 9F1A643628987FA0C179866E2A2257D4
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=pxx&e=1011989061034
Frame ID: 407EE36FB0831677A51B0B0B82CB1425
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=nyszpkpy&e=1011989061034
Frame ID: 1BBF66627FC0F7E08C8F689E9C559C83
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=wfiayoaq&e=1011989061034
Frame ID: 1F555BADF7903917DCB0D77093DBEDAF
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=nagevtxugi&e=1011989061034
Frame ID: 02ECB1DDAD2E254E3B378BB1CEB8A72F
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=zghiaia&e=1011989061034
Frame ID: 8F562C6C3DFE6B2ADEEA0AAC2193E092
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=epztovze&e=1011989061034
Frame ID: E1F02564D359007E40B3A2A9F83A735C
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=eghxslsd&e=1011989061034
Frame ID: 89B2E7A4B4B1B0E31F46D79D3B08CE09
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=hsqgdrxxr&e=1011989061034
Frame ID: 6F35E2A19AAC990B3317D9DEEF04DF47
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=hjxvjsovg&e=1011989061034
Frame ID: 055F3F6F3652987AAC243D73BD615307
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=suqdsfso&e=1011989061034
Frame ID: 6863DAEB5F0454FE9105977D94C878AE
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=affvapki&e=1011989061034
Frame ID: 46C6BC3E5D712C37ED70D17C1590F013
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=yxdkoegzfc&e=1011989061034
Frame ID: 6B922C203A13CE97B1C977D4067A6652
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=vpwyiix&e=1011989061034
Frame ID: C88ED7F1ABBE78291885D1C4F72BABC0
Requests: 9 HTTP requests in this frame

Frame: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 006AB5B1CC036A5E42E1C6EDD6AE6EFC
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f
Frame ID: 391140127D9DDA900B7AC5F341876AB4
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 0987D61F84A83D1F7B7509B1FE123C5A
Requests: 20 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=wvuylzvfqgo&e=1070536818601
Frame ID: C8633CEFD50362D45B9F4543155D3719
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=lghutttacn&e=1070536818601
Frame ID: F999F094E7E525D4AC6058CE0BEE10AA
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=dumvrvp&e=1070536818601
Frame ID: 072366F3A1E08D681B494F52F2A27CD9
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=wfmup&e=1070536818601
Frame ID: 1DD41DF746FFBB37ED5F4CF3BD1C1CAE
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=vsspcpnud&e=1070536818601
Frame ID: 0430FCFF5D897F8F9A57005CE188C4AD
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=rnzvbshj&e=1070536818601
Frame ID: 95B962E5410C6BEDB1BF0CA6159FEE06
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=bkjnt&e=1070536818601
Frame ID: ADE73F84DC10697ED9E669304A86A6C7
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=givtwayo&e=1070536818601
Frame ID: 0B8D135FD18B69FDAE452B099306B229
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=kdonne&e=1070536818601
Frame ID: C84F57F6C5D0F96E6A5E59AC2F0C1A3F
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=xdelpmeap&e=1070536818601
Frame ID: 4212233CD40F6DD3D07276DB54E85114
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=ymlxdzvm&e=1070536818601
Frame ID: 947854B776898F5A7A97C69E02A075A6
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=eanxvgfq&e=1070536818601
Frame ID: B8D131A12E30636E7F761ABB3CC36227
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=ewhmhzviq&e=1070536818601
Frame ID: 71A22924237E63953D60739584FFAA6A
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=aectnvwvvj&e=1070536818601
Frame ID: C49D80020594072F1B7DC144CD44827A
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 881DAA147E06296B8DB385D6C70A2C05
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssVMQ9j7MXL0VAxhYfxTRHlxbnF4zJ1pA0JFD2fGjxZLyO8sSBWzQCyKKl5W-ocToIh78d7opARsggXxAfQNZKXZaCH28mQcMl06ZllMDQGPN3lDS_ZUu0nXFS-3vKOfEtU0K4JV4esAuwLbF6ohiPuMLtBpnDtJap1Y0u7qL-XDfzewrRCYNGFk7XXxSZJkLM_uyiN0jd0yQu-3-LFC2TTHeLDURdWtBTWh2zULd-CuAoDcQ0Q3gyGQB6z-P91P33TGh6EOWyqYcCA1rtEDdfYHNNJc3uQat6FMu7JSuqXCXgtjgLrpUjpjS4qNqe&sai=AMfl-YTKIWdYeuM9aernKgm5BKaqOvCtSATej4dL79TWMRTsWgVtl2_9ykFGf3MXUNqSJltL2wU93lrdnEqDswNGqulWgy8qDqz3fDt9_qsaIzgtHXCN_frotaOl62QwzA0tlgc0gdoEQQsQ0kPGoKzQSQ&sig=Cg0ArKJSzJQxqu_KVS-aEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 17506DECF03E8D8194B8E4E95853088B
Requests: 10 HTTP requests in this frame

Frame: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 71D1619031451C76C9C1C6CE6E93A4BA
Requests: 9 HTTP requests in this frame

Frame: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C15A6B78147561C6D59F943B66A9E984
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: DA656E9F43515EF322E5296F97DF4208
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3EFE6B4EAA0A704990CF439A8837A2D2
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5fW8wAHQS8H_YuGAAOB8P_Z0IMEFwlQtVeF3w&u=%7CkVKMpfqrrqO5l%2FbnR5OmgG3MWLxYCB24O4kxTHv3EEQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUPBa3NAHE2R7UkHs8W9LKGFiupl-4WaKonQR4pdiGo3JXBYlZa4AYtUd1wTmSQyvbviztPjU4QbV854cLA2xRgCkr220cf-CSKypwbxskw8Ht1Ksbtl946sDSJb0h1LCon45MuynQpZ3DHtfmalmJl1cYLD8-MftS_n-QaOnwCu08G1Nc8NcprJKgrwcl8XPpMMBoIATxjYtw6JA0pqm92_rocdQ0TnJUV52wzGtkyxkQZLQdydZXJJHf_fQyzgd4WA6CHJDQOdORJd05nKDIGOaHLMQui9y5TylYFURvJlEpH6v0MjD3Ud99idZhtBDw5ggdUmsxlMdunHSVfk_6frT6dhPtyfDafEpWxweZfMYyD_GZh6XpENg7W_EPdRMah61cXXT_1ojdyvoiLzpypiYcPKJNC_lDmDaEBMvyAYypYfFNHhy83yme5hL1N0Jk5McPImnPEZrsXlm4mkVfhOzIIcA_bgcyskRWa24vrN1zD1gwroz0MbOrHprTOXthGGb37DAYXiIRKa-KaNBegHwnE4cx1ngN7lFInPX5UDb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0zEg89aXY6-CHYaX9u8P8IOOoAjJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk5NTk3MzA3NTQwMzgwMjbIAQmpAhS5qsqwr7E-4AIAqAMBqgTmAU_Qtj7x_qJmDleVcDXH-IzvL09p7uGSHSm0O--gUoLYrmzAl_heH3MtYJDL7Pg_V59x6l8PM-91t0LYNP4nP-XC4hIVZ-nH0leoaTjkm1l0WknC7UOPhzX2nymXS5JwvKuY99EeTaogzTXHAZsS5ulBRMnZ1ikxdU-Rb5jhzJdCU9XaKbkEh0bNchwloNcUbwBxdCe0SCypiEbt0PNB51VgSBNeJkX7Mgcm_2P52X518FMK_Q2kfTd9l75tPwBD-bcOqTMPc565gUQfSWvv8G7E3EZmHgArwUMimiaSqMZk1t8luEFs4AQBgAat-ZybyYjM1oUBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tNjIxNjUxOTk0MTQxMDkwMPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3R3HrpIie2PgC4jWFW367eFXvjQg%26client%3Dca-pub-9959730754038026%26adurl%3D
Frame ID: C416A61814243B2D83B70CC9981FD7CD
Requests: 21 HTTP requests in this frame

Frame: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 00EA2BC62A1FE38BFEBAB106AFE91193
Requests: 1 HTTP requests in this frame

Frame: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 136DE56EA8D9FE949FC09A36D5FC5594
Requests: 1 HTTP requests in this frame

Frame: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 841F7B8C9236F961718135675613B8EE
Requests: 1 HTTP requests in this frame

Frame: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 0C00F5EAFA92198F4A8F87DA0CB7D9E5
Requests: 16 HTTP requests in this frame

Frame: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 44954A50A9C859E1F86A1C046131B4F8
Requests: 16 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=earnme.club
Frame ID: 27D2AB1CA068639AB0CA628BBE47ECFF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BC51F8B8557AB812733EFC2B3D230C0A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dvbs_src.js?ctx=13361095&cmp=28876501&plc=351842702&sid=884521&dvregion=0&unit=300x250
Frame ID: 08BBC5622CD967256424D1274BBB8625
Requests: 26 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=el6TqoVMDqZhu6YCf0OCJ3XiGiqIotY4Mcx-asIOX4sYcfaF87gK5Bmhi8XDu_Q20YD3o_e-16P37_NXUdN2SYcjqzBAwiw0fVzRPfRjYWrJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesfB28gUDijSksOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ylQVxy0h3Id42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Qb_6smX1KGRxv1DSGA0RdMnZUVJHm7U4IN672X_Kv1WTGb5GQxU-uwRQTAIouGwYCOUdQWx7eaBE3qgsOAQNWc438McD3LeUID9jTA9wD4ksfMEX5By_Xskui0bMBUl7HUn5BwdnFtagO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 501E066D9EDE3B7583EB2A17ACFD5EFD
Requests: 14 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=pIjprdQVl3zmDdyNw3cSGVE9X2KlB0r2sGmOhVE9WTXtSsdvslkUhBmhi8XDu_Q2v4-xzsvQ6hkCHauhkDM2VaeOlRnmmlEp7rd2-UIinG_JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesekeP2M9dIFcsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=R4iX0eHrCix42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SVcsUw786y-LUGyr7jp1eKPfy0h_IB6gZ1KpI_22cKeyO4RsFn-ucpMMxhFn7iFYh6fNzOvM7seG3m-HTxGA4Vmg7Klcu1N_wD9jTA9wD4ksfMEX5By_Xskui0bMBUl7FkbBjxSa4glQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 7DA71AFEB508102BE237C43FA9DB373F
Requests: 14 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=nedVi83Wsns5y_gHEO1oOq2iFWU34Wb0FFyZcKivfaWB9bPyIGiXx5EOAGbjPBIsM8PBq0CnifYq7vt4QMBDCjmRFfAV0C7HLuBRMnyq9gjJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesau_9YhHhNXcsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=7r-M8NIg3DJ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R8u3pKImRyrNrSwHb7qBseiWKRw4Z--Wz7ZsWXqITBbWdghNpsPngDQCn2rUiYgvpaYnqm_YHRyarYFuYefveqnS4j0MvbFrsD9jTA9wD4ksfMEX5By_Xskui0bMBUl7HZ5-dnmF1x8gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: A30DC51EF236558FDF9434DCD2A01D94
Requests: 14 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=52776760;rtbwp=3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0;rtbdata=MU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=PH8G59wFgDN42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOLhkwluhosDW-sa8r9BNc91SWT-osaCa81NXGjqFeI9q1nBVAfOGIcw-7m_R-v-Hf1WtMcTT1wXfuIDuAq15YdMCjIRl_x6BFED9jTA9wD4ksfMEX5By_Xskui0bMBUl7HtZSuXXq4oFQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 5226E37A0F27F9FB98D828081165E2CC
Requests: 12 HTTP requests in this frame

Frame: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: BFF625924EE0A601EA110A5AFA5C2018
Requests: 16 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=52776760;rtbwp=3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0;rtbdata=dvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=elQDvTaP-AJ42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOLNEl5eNwM_qxc1BeWi0xHh6reDgpWa5OhQZYntkz8hwjz5TzQ1MQEpCYeQl0TGzfaAyvSK0jPBpd7H0I2JLBFbVmmXAuRovJwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7E6lhanwaplcwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 137E37E56FFEDCE25A21828AF984D128
Requests: 12 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=ttNmYRvTsQunmS9emcxVN389yDirH5ObxDPw0vN6APreduWji-OQ-FAnoZODnFtPMwMF4_14hWwQsMNaN-onzKNBAZmtQXAYCD6t9pjcdoDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesN2kt0MFgTmosOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=1eVq6w26WOt42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SsN0tmH01sEYB613wE_-Y-sAmyZS3LqHAbdyRaGIQzblH01y219wsKseyBH4HYZS_mgO4blMDzigVgcKltZ74kUCGMpxWpEuwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7E0at5TinmFoAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 99E51AA1677500707B53C9DC0B8CD365
Requests: 14 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=pIjprdQVl3ySv3BQcZTyESFpyzIuExD9-IDL9rSQP86zgixjPE8clp7RJsIFLDe-QYDD5jX1V7eRz_nKojNWsGzyMunvTlGSwpE1mocy1wDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesXTw643e2q1EsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Ltz3FkLvzLh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-S0RQRDqt_Eq7UUDdWkpBFDbtTSpoMPBEgaEb7ErZtSV1SuCS7WvxI55oQQjqC0lfp04fv_0Q-eVAQ4X8xU_Pst72Ljv0LdVPwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7GvPRwYsYeIGAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 17AE50F6EDF31437A5BC1819446DB585
Requests: 14 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=TJ4qHFkmLj2xjbj_DSPSdv8uxOp4VadipWElZEXNR7CdflIx-j2gb9O6EqB0BAToBRxu1Oeyvg54EdaJDVWTOG9WF_Ms9DQUf2ZiUkc-_kbJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckess0drL8uHixwsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=9YFKyQKqGg142u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Tcjp1sSc42N6eThQihijlLiIXmNNq0KJDWPl13EhPjIUDZcRt17VZZ2khpvyYMYQaeCsfwlZDVLkujONcrnBbL7torgEaogysD9jTA9wD4ksfMEX5By_Xskui0bMBUl7ElVsqJlgaQcwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 267465FF3FEF87150E8DF4E6084CC07B
Requests: 14 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6kB3crmDNKsA1erjN7kBQz-9bdwi6BnBrBdr4bZSs1vPg-k-3Jylr01REz67sdhw2B0rW3xYz1ou2lf76kIC3K3AWcvoosZedRDZMebUfw3JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckess0drL8uHixwsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=o4EgYW9ieAx42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T4BpsGlAektJIkg-SUbE-OGMdrOqyImI8rt4YmCK4s2yPVhEL-LO5gL2ObMjJ1XrrY-QE_NL3A1opHUONa_ylky3yCGs4fa_ED9jTA9wD4ksfMEX5By_Xskui0bMBUl7Egn83A8QeQtAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 9E9418652F5F0B2029DB4ADE92175986
Requests: 14 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6hySndOYzXWS__Fe_uvTDI3j5kggto7jPBI6_rGR9pErFycflZbI5Rmhi8XDu_Q26_iPSMtem97q8ZB0JSq1PUwu_OYHo1IF5Q_0LNFeFg7JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes2EdVqHNfd24sOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ozE4JXCaPuJ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-QB2lcHWVxukSHu7NqUA70v0RdBuZDhu6YYXIQd1e4BpXim3rfB42YWCtU8SE1K4YVshrdQM8Njt5pcBFDwgB108KGiHuRmzpYD9jTA9wD4ksfMEX5By_Xskui0bMBUl7Gt2o9QaDvyxgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: D00A8BF0687C18C5F5C4B740EA2A1F5A
Requests: 14 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6kB3crmDNKv4UBGNctTrpXUmOCVbLVYNxJU5JkiVqYUqoL8sPvzXLX2yRoDgrbSgFMtimstrpkHJQjdlPoMfCL5jDvSgfUrnROzIeBYU_NTJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesGUYtvN61XXQsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=vO7qQg4mkfh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-RfLdgNVu4qoPXplxquaSyMSnTRLePsZCwkmR36zPijdQxQvpuVynoRRO84aN3a-tUWeO2WfnWUxBWjWLle26hkPP--1FqfI34D9jTA9wD4ksfMEX5By_Xskui0bMBUl7FAoEqcFNfc9AO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 91732312FB3E863E5A42CF3A57766808
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1EB416629CFA09AF7FA863218B6811AB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A38A161BA7A52ED1C601530D0D9D327F
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 1C240C0CAF94F62844CC8921281A2603
Requests: 11 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: 1522F4AAF25D40DDBE23FB9C9CFAA7F5
Requests: 2 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=hPzTdJMDKIg5v0ENd9o6GfZW2bmGw8clO7ZzS9YLmI1Ugl5JxTR721MM0KY5cE_zN5_ob0fZOSewJMpg2V_QxBh1LMHJJ3lk0d0u2-xKx-PJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckescO8H3y7CrUEsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=azPcNvHoVYN42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-S2YUzo2hZul2buPF5JxMQxJZjiMIjDL5JuSQgE3WHzUbtLxij1L2_lg3-Jn6gKd3sv8blS7G1yaQ9jgx4TmFbhz5sK05aOAaS487kQPD7qPMfMEX5By_Xskui0bMBUl7FvKCtKAhuvEwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: D4D7EC53A74EA11BCE172CB167E56098
Requests: 15 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=el6TqoVMDqYb7tNGlrpsfcRcs9ioKD-xUF5UzR3KyZddEAOw4zEnZIPGMD3VRZ1RF5edEVELpTqn125GOSg9QiT3XpZPf5rk_r6OL9_eogfJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesasoVfeTdcMIsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=-HNN12Wpgbd42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-TiyfUUBa-J7ThpJC9mpUBzRLc3XDHBE8UUumzOKOyZrjfJX6OCxjnQTdNS5DnsFFjRtGvEG9tWa-6-tUwHafRpOQNq5iNkiCAD9jTA9wD4ksfMEX5By_Xskui0bMBUl7ERHjUBrsVxsAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 0994CB7C23F4DE3A2F819EF845DCDF6D
Requests: 11 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=52776760;rtbwp=3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0;rtbdata=dvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=NR6vD3u_96l42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOIZsskq0Op52_Lv187g21ptkhM1KAnYn6VX6KkkC2M17Ih1FcgCC3jJPPt1G4hHWK5vcMiNaLAME6wJt5VpXOvY_IAdJ_tTSlq487kQPD7qPMfMEX5By_Xskui0bMBUl7H_UuGAc_PQbAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 26509E998AEE263D0E30B49126624235
Requests: 12 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=Y7sXdZWOOc-P4tg2rjcZDuV-vAoFg3rR6e5SnFOtbCUCzDYGSodiszRRtJvKKd9iQSrVwV_t9ZSyYnsiak5Wz7IlTwkxmgzbF8nJWJEd0rDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesPx0qJA48hjMsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=goNnsaK182l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T1RyGl5oNeOhLxdbyy5PSNhDUcUOV71ticeZrBkDzKA8GhcRuV4j5-T673vrAXZlSjHIebGTl9-_82Tw25g_wcNcNg2XJOgyC487kQPD7qPMfMEX5By_Xskui0bMBUl7GEW8GBzoZmDQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: C52D0944F91533FE8ACEC6114868AAFB
Requests: 14 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=52776760;rtbwp=3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0;rtbdata=E6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Qoj6L5KxVT942u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOIUquuRB6dDAK3m21jRn1toLUhj0OruplRydjVB2b1Bbn0XgsEEHJOfilXC83Ln8ApD7Ie2G3HfFH7cXH6RtSU_nfEg0iTdYXkD9jTA9wD4ksfMEX5By_Xskui0bMBUl7Fjv4RNbzNKFQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: A3722422587E33E0B03FF832C3D4236F
Requests: 9 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=el6TqoVMDqYxl0wbZ7BTsjDPbCsHC3IuGyi96-iBEXiuGCq_BnXAyVAnoZODnFtPbcnv062g4GWlmXc3im9CjgvvoiRcP8PVuzVMIBRTO13JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesqB15WDlK0ZIsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=NzdvgD9gYJF42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SXOYPggT9YK4oafCEGqmAP39D7MSfrVkeeHqXI7BZTla6tzJEWFgODgIMAiDHzoAnrGU6O_bacNgzVhbT58Z3bjvRZ0QPlrLa487kQPD7qPMfMEX5By_Xskui0bMBUl7FrKxSbT51v4QO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 056F5B33C192124819069F5D9FFB2D09
Requests: 14 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=nedVi83WsnvuwYG4pwN7wWQfmiISvqpxHJgnhBNEdMF-bIBZuq023dO6EqB0BATo8rexdUz48iFv3-m0nIg9zbxZStwh7Ig57Z88je1ZJrHJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes_HwUFDsxAJYsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZnZyU2CeQMZ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Smz6DiN2xBdd-YgH7ky7JZlUnhqCF6xwOl--QfGPSG_OzfaDIhLmsXlBWf7lXpubTAmCQC1ruH5CSwHNsjD6RfWHGPRR9qDwq487kQPD7qPMfMEX5By_Xskui0bMBUl7GIomjd2CVv1AO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: A3A3922034B7F4FBD03514726D371CB4
Requests: 14 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=USZo8a-cS5k3HSapHNWz6KzboUFQG3yp0;rtbdata=Bn6VM2oCxshsJBJGaugXNeYj2aOaBq3B6L83QIj17HYYOBhAj_cAZTRRtJvKKd9iybm0rP3h1kj2DfAOsQzDQiEQN453GDQEUaFRSbckBQvJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesTbeAlC6eDDFAgpBh3_9PptmhJaxM7bDE7nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=dwM4mnrZthYWcRYtgUbgFKBG_kd7sUIQyQbNzqOyWmxMr4hLISKiONol5kSYxyp8wBT8A18WkWQdSihwuRFs2dLzik8OS_MJdLENeERtvyAFI1e6n61PJYj7Z_ssjYeSohcY6vbxqK860R6LeeqNBqShCn1yzlSyuTNlEnA-3LJnn_WO9d-tmQj9D2es57yWsM7lnDxo7-oXOqVKttkMPA2;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 90A46F23181A9D67AF71806522F0C44D
Requests: 15 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=A8iMOn7YAicxKiJTDezZ5f2f3J0MGoLi5odfww-H8VUNjxCDM4_Y3ecxbCA7OgRLTCm29U1ofij6vZ1rUVCusjBQC4jNBJYm2tncKUcnSd7JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesMYvWYadD4kssOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=yDsomYhG62l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R_ukBu4ag5a3bSvRg4jBp3H7xptAqVGZWPJI3fcArP757eVzc-64HRpCtgLd1wnBr6667J5fy7qX4nt2-FdKcpP4u3jTwHNpS487kQPD7qPMfMEX5By_Xskui0bMBUl7E3W_BpddaodwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 9EA9CDC0A35D5EC08D479A1AF7485D4C
Requests: 14 HTTP requests in this frame

Frame: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAACCuR9E_MFdxcAqnjD8W9rTDX5OVP75-96a2J9QqXg18asgO4Wb41pdjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA0iaD9wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaJeAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyOUD8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTI5%2Fbn%3D97054%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1887888668
Frame ID: 66E6DED1028C721CEC339AF59BE077EC
Requests: 6 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=nedVi83WsnvrGTbicvU4oaYPmAsr313ySWYaKhB4SylRkGsSQ0eu8U1REz67sdhwk_NyztNUtlOOiS_yYpnDhiYOaG4vBPm6DF2OhZGJg0DJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckeseCfl9291i0MsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=X8t-36h9nYR42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-QqHFCVDKYQGwdS1gx69IWBPnaSym6moQzLK1bfyl92rNIMheK2qV1G8ZXE8_p-CgxcqC6ZP3_v8UgO4kbKKRHjiVaigPj8CtC487kQPD7qPMfMEX5By_Xskui0bMBUl7GT4sDDTmQgWQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 69D1DA35B2971FDCDDCC6A153F8D7983
Requests: 14 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6kB3crmDNKsWM8u-B9O9gTvyK1tL95FjWESo1RIi1k1UV91viSPRx1AnoZODnFtPmQka40KdyHm1YZZo3kUXGXLmq2F7k582Bw8SFJsAcSHJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes9B64T1zb0aAsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=u0V96RrWX6h42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SmLsoGx7NKPFojyZHjkG7c8tjiCYe453KNRb8TcQu-OG6ZerffyPdz3MpirWevacmVKBsZMbsSOnpPbsBybqHO7pcn6Y5yVtS487kQPD7qPMfMEX5By_Xskui0bMBUl7GPSLnBsB6GAQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 44398C8440FE0D2EA620A3377BDEDFA6
Requests: 14 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=pIjprdQVl3zDnit8BXfkBXYFMvGzwv68tn77L2WYW9wZKuSWxLVPfZEOAGbjPBIsxULr_X-qKlkJZAsOfr-2Bj__zz8Adx5q1qHOUHFUD2TJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckestweyTTgh3e8sOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Dmeys1PED1l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-RIOqTe9eBjKWHdsY6M5eKU_h8Dz-v8sHEJj7v1c9EkUxVlpk7jyXHcPGLpIY9-897TiTRhr_v3p2RvwN4xUKSL5ufGupi-kGC487kQPD7qPMfMEX5By_Xskui0bMBUl7EHSfKiolvV7AO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: E89B14E444025B03B8C7D2ABFE290EDB
Requests: 11 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=R0qCEcXgZSFFrKo8oEky-e-cIFDb3Zlwn4hQAqJ1GQaPEWqxVMPxa5EOAGbjPBIsN2bTBkk7hALfxo9hzdclO-ad-MTVp0wbEjHbWULcdyLJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckestweyTTgh3e8sOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=PIEuGyvXXXh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R748V44QkG42at0E0NF5uYd_mQ5ZOjeBjJe-BeaBGXU7Cz3WbHU3lGTmN4lJGFn7vL-NmpDJUJzoaBwP4h80iECQvqLRQMmiO487kQPD7qPMfMEX5By_Xskui0bMBUl7ELsPf8meMzvwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: A8868C33B21A2A03DFD2369F0AC66AFA
Requests: 11 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=Bn6VM2oCxsh3PPOV55lLABHLO7eOUZZCdGVG0m3hGQtWJobxScKznTZ9JNJrNRQT0Tg6Oi8JbQmNNUYEthR8m9Kn_0N8GggcRCl4QzTGvk3JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes-oud5M6wThksOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=qSa5lKNbOYR42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T-U_4_PkKvOAEn0u8UCDXJcaV2rIZ-uYMHSIOSGTPhw-_4r12wTmMaTvNa4PdpnBAhk3WoatXs9tf_t1_4lF9gBIAz7fY1yPq487kQPD7qPMfMEX5By_Xskui0bMBUl7FFlxhuOX0aOAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 3F000BC2EC27292D6F0667C8C5D9995A
Requests: 14 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6kB3crmDNKuGLn04XPWPSErVV_ckqU9qLXJo5HLbTjX3VHuUvcUEydO6EqB0BATowXdz7qlQPQl2MzsghNnt236CkpKrt8FNcc6ug0h1ahjJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckeseWavUdsDT2MsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=C2p2hd2b5HV42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-TVgJBnfLkelLdyFlH6jrbbuNkQ1OEvk30OKK-aMiMtio8D7f9ddppjZUl_FOyH8hGPxu22c7tBtoypF-O_Ox7iCFZ7L1zmW1y487kQPD7qPMfMEX5By_Xskui0bMBUl7FkqXhNhponOQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: BFE3328E204B7831271AD1D0CAE255F5
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A3BE9CDAB2103FE0A2C174EACA2EBCEB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 93715AE7A0862D720B107637F7EC3EA4
Requests: 2 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: D4785F6D9452B0F61BE530A2624AA104
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1A4150BBDF5A04E37B43F229A38FB3F1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 09012024ECD26C4004120A4A6E098156
Requests: 2 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: 375F86F5931C0E1E3F93028C7AA684C4
Requests: 2 HTTP requests in this frame

Frame: https://s.ads.smartadserver.com/2/884833/analytics.js?dt=8848331610101564891000&di=https%3a%2f%2fearnme.club&ui=2051167177128181596&md=1&ap=&sr=smartadserver.com&pp=1999&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46
Frame ID: E5005619A0353FF0E967A8D2AA55F2AA
Requests: 27 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: 78CD36D1C00D7B2A5859B5BBA76D600C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 7851988AFDEFEB95DA0082B125B701CE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: FB29BC5E93635D584C0CCA06EB4F2643
Requests: 2 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: 47B9BB7295566EAE8F58658357AC5132
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 27E350E4CF79AA7B1B9DDE4F035B4145
Requests: 2 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: 35302A16CC3E6FAEAEE040CF4D7FDF5E
Requests: 2 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: 113FB06DFDD0B92AA71ED61C0E4AB9FA
Requests: 2 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=59973788;rtbwp=VLPvAtWBS0AEFrZmp8rZv6zboUFQG3yp0;rtbdata=el6TqoVMDqZMvNrwuwj5L_gh-Krp2vjHtNVHQU4OBy0ISjrEtFpOfDZ9JNJrNRQTHWyHopwZA_vGeKpNH8fNV_6Q018Q_0xzIfeN7JC-XW7J04_xY4TIsqaR6UG2tCLk4xzBRbCjWP1VphNr_nErroI1dDrbif0SU4yEcxci_DWb1Jfou_okYKQckU2Fb4eYRmggcV4l69A5sq1GjnARB3zmVI9sa37EHsgSY50jif5CfsRTXA7rNEBXtIMbdIQoK6795bbid_rgluaqRTTtSEcn7z1MzRlCf7gpsbU7-dDPOHlrY1s6p8N4iOtIBxgX0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=d1Lp7PzCglF42u1ywTJ-2lrE5z_TqIuLhMXjfvPR-5DT_Xu5LeVuf7EkOMSwEW3PscLnfLql09UNU04UiohQU3Zr4kbBOP_qk6uZHsZLLLoxHA33UP0PH2mnAbalgP-j8j9zlpS2mQZuKM90GWTYi8Y_Zsa4g9hCnzYymPlhv7zTmUy7WOFjysfMEX5By_Xskui0bMBUl7Eykz4k76ChXwO8_7rsP1jj0;pui=CQ8Cld2Xq9xLwkVBlejJG2bM8sBoZ15gTaKerHfRIMPer1pltXZUmg2;
Frame ID: 3455B909B01246EADEE95331A4F0497A
Requests: 16 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CZobVXcS32zw%2BzVVIYyoALW%2B7sq%2FGIREUIouQGDROyeQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euz2zXG016h4ss1qSQBXzdDyqbIT7YE0AiSdgf9dtdOtaIYY0ffDTUYbTvwZ50M_kGaO7IObsR6ErJmovV5dwzb1RlYMmCBblbkERSE-GgP65nu1ktF5qVW0lv7LHF3Nvf3JOzM1Gs12d7n6vQCcOZAaW0rTm21KBDc8yf8Xw7Z9Sv16ULx_mGxDaIj5KJTYVjzxcQ6udS6EB905anNWNyZAjO_hF50m614Eysef3jLXts3HoyFzcPi_Gj9vnzQvIjXi0m1F-vAL7ASXhHyPFRKMtwTPlCbnoOfq_NsBzJ_91VoiNYnBXi-3FypkGacXAPddHsUfoBYmtWUCPqnuFH1SboXwpyus_siBz0TD9bo1SjmEq-qJqAkHDHsSPaIYJghp9GA44c-KrDDk5Ro8CY1oCt6C8i_TbDInkthuoy0MAj3hN1mrETwiEurWJ3Sr1sSNIpk2B7CBILjfLuLfcFYgWwIoYRewi3MMOGyKl8RU1o6-SKhS6N-M7xZOgN-wv3S5FxDHC4iWw2fSWurgIq4Y8wN5Fcj2RC4AquA5M_adIb
Frame ID: FD3A78F600781C15A2B7FABF6F7569E9
Requests: 21 HTTP requests in this frame

Frame: https://cat.nl.eu.criteo.com/tpd?dd=GRH3BF8xZSUyRjg3ejZOdjEyRyUyRmJxemRWZXFhTGFxVDVsWThuaWxBc0lDU0s4SWtvQzZRa3lWd3JaZlAlMkJZZ1htWE81dVBuM2o4czhScWxlMjBraW0lMkJYJTJGR05VY3pzR0hlWGNabkdrQ3Q3bzFycGRYRVJZRTR6bDMza2dUTFVZOW1jeXJiNk9QQ1J6UkxMJTJGd0xwTThEYlVoanE4MWFEWTh1MDNNQXZHUWRhQnpMaTJ5WnZLa1YlMkJYbjEybFdiR0VoOWVrVDlwTGJoQTdtWEg2NWJEWm5DN0lPN21IclRvcW11OGhOcUFOVDFpUmx2Zm9xSGNJS3BiWEZaaDF5Rm1xUlpVRVBmZlZ2aldQS3VSV29uJTJGOG0xJTJCckpvSTc5MGl3amg5emx5NExyeENKbERxdkwwNXlTTjVmNzdwR00lMkI2MkVjSEYzR2xNaHc1eGtsMlFtUmhXQTl2MHpvSE5vZklwcFJ4SUo4M1AyNE9Vd0JrOVBiTTlGN3UzWHpWa050V1lBZDZoazZIdiUyRjhVcEJsczh6RGJXckp1cmlyNjYyMkplU3ZsOFJDenJhdEJCeUgwdm53ZW9qQ2RFZjBlNGliZkw5ZUVsMWpZRm5ibDZsNkx6ZVlxMUVBYWUwR2xDNGZETjJ4V3RsUXB0d2dOQWNZa3BNWlRMa2NYRHU2R1YlMkJNc3cxWFNyJTJGS0I0
Frame ID: 5969D334E5E3DFDC6BD5E7849870CA8D
Requests: 1 HTTP requests in this frame

Frame: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAAOCjcM0_MFdxcAqnjD8W9rTDX5OVPxKoJlOa5EQSXg18asgO4Wb51pdjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAPycl4gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521tRb8dwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0D8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96588%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1969683613
Frame ID: 016C145FAAEE3905367885043307DC01
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 284740C26D8D609FCA9C353889377F6F
Requests: 2 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: A8312B25E24A20B8091EF6AB900C416C
Requests: 1 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: A81248489970B426A8849549DDE2E2DB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKaz1ZIDEIzy-JMDGNKs9tsBMAE&v=APEucNVE3nNJv76rjqha0DXNVNpM9SIz2nrkG6jqsIUHZlO1LkRyezZe6h7fB4229BOfFr5WB72R2LkPUhr_mzRV3anRqqjpQqkl3MzHaz3nKk8Vexzvk2AhXfEVnRrAZgqGc__KsQD-3xQndsmMVnauENOTVPw2wCXt_Cfn4hqzs1NfYZ_Umyo
Frame ID: 8FF145BF996471899A8290A5BF0933DC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 271ABD56822FB726C080F6039AA23D57
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: E68EFF04DAC867D13EDCBE78F8B88C23
Requests: 2 HTTP requests in this frame

Frame: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Frame ID: FC4454FC2C824755072160D3E2C28982
Requests: 2 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsuqdsfso%26e%3D1011989061034&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAACCuR9E_MFdxcAqnjD8W9rTDX5OVP75-96a2J9QqXg18asgO4Wb41pdjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA0iaD9wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaJeAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyOUD8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTI5%2Fbn%3D97054%2Fclickenc%3D&uidRedirect=1
Frame ID: E01C71246CAB02C2091A2B085DECCC1E
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: C8E45689B39BE739AD842D5E5D7A5F0A
Requests: 3 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%228d804ce4-3758-4a91-8524-a131f44c5364%22%2c%22adomain%22%3a%22firmen.tv%22%2c%22page%22%3a%221639337%22%2c%22format%22%3a%2271867%22%2c%22crid%22%3a%2257892097%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222791953%22%2c%22adid%22%3a%2257892097%22%2c%22hash%22%3a%22-364700674608024840%22%7d
Frame ID: 6D88F678B216B8D103B124CAC3CCA41F
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=57892097;rtbwp=em2hP2KdrNeVFKJt-SXORM1zN0I1FqtF6Un-3A;rtbdata=w0gPlZmJKclf-oZP3yqTXtQnEJBpSwWI6S9GNls4EwOTNpx5Gr9VOxvIjdl7RKVdepWnkqbwvCvWzEt_cZvUKzsxOjnXeJux9CPSSKjEKpvJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRo_amOpC4z-tGdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrfiU0ly5wEI78N4iOtIBxgX0
Frame ID: E46C7E0F3CBD662C0B1FE3A2A3DFC665
Requests: 10 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%2245726875-77a6-4cfa-bb73-cec6988c70f2%22%2c%22adomain%22%3a%22beratung.de%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2257914107%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222796514%22%2c%22adid%22%3a%2257914107%22%2c%22hash%22%3a%227119620357779641960%22%7d
Frame ID: 4DF7A5268719E8423DDB16BAE756A943
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=57914107;rtbwp=t6U2F2EWMU9ythgf51MWyGiIKjg1hTtwFVALSA;rtbdata=C8pQXsG6MGInaXEP9JmiFOVBFqH3xFVvas7a2nU_-OmzEqcjlxIRvraIVzTFqXjpuPNnD07tIllqiwC5SzjbT01S3DLbpjOTtKRn7DZziLHJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_zQ3UQQloec8mpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1
Frame ID: 8BC7632C6E4A31C5D8510DDF119FEE58
Requests: 10 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22dfc41772-f53e-48d8-aa34-25f8b588fb9a%22%2c%22adomain%22%3a%22beratung.de%22%2c%22page%22%3a%221643378%22%2c%22format%22%3a%2271867%22%2c%22crid%22%3a%2256680285%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222734923%22%2c%22adid%22%3a%2256680285%22%2c%22hash%22%3a%22-5756273547007671342%22%7d
Frame ID: FB794F29431841AF4C9B1F49F3724491
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=56680285;rtbwp=zUi57vGt5nKTHPsQ2bnybJKuVObYMBE5yw3PRw;rtbdata=-0zUFzE6t5t_IRPvTPxcZ-H-auXvF8cnTJPvBNmSDLYFkqBCj8BOyISaE_Zh8bPLjp2cf6dT8KZuimXNwQpa6R7qBcHyD6lM6Jk7-YbVvWLJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRrbPiSuQrZ68GdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrevnFFEaS7agsN4iOtIBxgX0
Frame ID: 2A6C9F5E94FF18CADF11A7FA605657A7
Requests: 10 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkdonne%26e%3D1070536818601&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAAOCjcM0_MFdxcAqnjD8W9rTDX5OVPxKoJlOa5EQSXg18asgO4Wb51pdjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAPycl4gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521tRb8dwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0D8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96588%2Fclickenc%3D&uidRedirect=1
Frame ID: DA23DB888C97D79AE8B0FF9BD1913A58
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: A8121FBE91186C8C8D0A264C37F8B368
Requests: 3 HTTP requests in this frame

Frame: https://widget.nl.eu.criteo.com/dis/dis.aspx?pu=189812&cb=6397d6fa7732e33f64e566b9d46a6dc6&r=https%3a%2f%2fflashnetic.com%2f
Frame ID: 43AF5BD03ABF857CB4F619807C83B71B
Requests: 1 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22d79ba4d2-2302-451a-afc9-797067e9222d%22%2c%22adomain%22%3a%22firmen.tv%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2257892097%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222791953%22%2c%22adid%22%3a%2257892097%22%2c%22hash%22%3a%22-364700674608024840%22%7d
Frame ID: 3ED4607C0A8E5B54E7D41ED41A43D706
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=57892097;rtbwp=boiAhbMWi2EyOmpRE12kgGrAPs1Fvmio11s9UA;rtbdata=QbDIfGAuKeEH1MQ_220M9ATb70SElGa9xV07ZZotB6z5rq9aZskuf-wGnqiburzajWx22vlVDWhvY5J2i7tqw32INWQAw618_HLhW4zVJHTJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_TjbJk6k5dowmpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1
Frame ID: 0550D057836CBD6AAAEE2D0F070B2F83
Requests: 10 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22fc937f9d-cf74-4661-a627-4331887373f0%22%2c%22adomain%22%3a%22firmen.tv%22%2c%22page%22%3a%221643378%22%2c%22format%22%3a%2271867%22%2c%22crid%22%3a%2257891877%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222791953%22%2c%22adid%22%3a%2257891877%22%2c%22hash%22%3a%22-8011877618419582598%22%7d
Frame ID: DDCAFD73EBBD91E06AA79A8E6530F136
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=57891877;rtbwp=YwLdZAffQSZ5UvQAn7j9749_L0n8PiuFtuRhlQ;rtbdata=zY97pVFQ0ISsvTdgIq9K-4WFDKWnWIXE4uL-QZRU4Cjc6Oo_p3L3bRjZZe9Yka9bbRyukJPQQYHkZ-rOAW3qDtftHXqtEgqI5CpeuK_ZSzPJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRkgzbYpeynkqGdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrfiU0ly5wEI78N4iOtIBxgX0
Frame ID: 4D6FF34BEC5429DAFA03023EA47CCBDD
Requests: 8 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%2296047b2e-0f4c-4ff4-a6cf-0b4a212e86de%22%2c%22adomain%22%3a%22beratung.de%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2256680285%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222734923%22%2c%22adid%22%3a%2256680285%22%2c%22hash%22%3a%22-5756273547007671342%22%7d
Frame ID: 861C55BB8C0663689EE21F4D95BC6317
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=56680285;rtbwp=vXgnwwQaEhSLbrKOIVyWtolpchFwPv_3-oI_bA;rtbdata=RjLxfiHQw_jn7xi34bmqsy3c7UBwKD7QOm4MkqbVaBA-smWuS6dadgWa4mCAamGjiCR-qtG58IVvItvqXyf6-hMpVG1pj7EseXOI19JDVgrJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_mMRNgj-rLtUmpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1
Frame ID: 7711374F71CDC2BAC48DF6F29245E35F
Requests: 10 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22115c2d96-ca39-4af7-bd70-80df00929f72%22%2c%22adomain%22%3a%22beratung.de%22%2c%22page%22%3a%221643378%22%2c%22format%22%3a%2271867%22%2c%22crid%22%3a%2257914107%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222796514%22%2c%22adid%22%3a%2257914107%22%2c%22hash%22%3a%227119620357779641960%22%7d
Frame ID: BC82BABD9ECE6A4267FF3734D73D6D88
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=57914107;rtbwp=HRV1L2z-HaNNQo2Apx0fqOYVnSw5dp_BT75gOA;rtbdata=C2bzdA4hVWzs9trUd7zLVWNFZOanHEf4M9UGUdmrwiwY4O4CnIdG40KNea_3_9qz-4sMx71iAGuKOTwk41EmjrzEY2yzrFxVgtMcHaC8kqTJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRpueZ4dcGCvgGdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrevnFFEaS7agsN4iOtIBxgX0
Frame ID: FEDE4340C371646D6FD33107E7404EDF
Requests: 8 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%227425eac6-6529-429c-bfd6-89bea630f6ad%22%2c%22adomain%22%3a%22beratung.de%22%2c%22page%22%3a%221643378%22%2c%22format%22%3a%2271867%22%2c%22crid%22%3a%2257914107%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222796514%22%2c%22adid%22%3a%2257914107%22%2c%22hash%22%3a%227119620357779641960%22%7d
Frame ID: 95B7A86FDD6E18EF566BA0319ED039B0
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=57914107;rtbwp=nWwrKoCBlz6HGt-U83xIK71BzXRAhF7GE6q8_Q;rtbdata=xiHm6YAi-vVmr_3gZKRm98o9mQGY2QuHISffqLP7hA4tKTyUe4hs4hOKuvwmQ4wO_s_x9blzkuGytvWJqDnzen-16bq5Ws4PbvDITuqjyFbJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRrtdS2MB8-ROGdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrcEoKrUDHIGNMN4iOtIBxgX0
Frame ID: 15E861E076DE7E0611D3D677707D6141
Requests: 10 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%2293cac6ce-079e-44b3-8344-f7c394fd0c98%22%2c%22adomain%22%3a%22beratung.de%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2257914107%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222796514%22%2c%22adid%22%3a%2257914107%22%2c%22hash%22%3a%227119620357779641960%22%7d
Frame ID: C86DF0BE263C12885778490A0AA0106F
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=57914107;rtbwp=CjkTFq2MfMBS5qqFQ7YbLmtTm_xCLhNaVswVWA;rtbdata=ke90qzTFtgwUEGpwB2OIqC4RsVuxr1GI3JBvhZb6xGvOc7CsNg_ScpQ6P-edhvCJURcl37Kesj0aunzkbEvh61f1DkI7YuDkw3ZguOXyGLrJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_EpdKVVJPub9h8aTD3DHXZeu8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1
Frame ID: 76B2258A6FD39A8DE74E030FF25858CF
Requests: 10 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22f6f9f84a-18a5-4ec5-9727-76d7129ca1d8%22%2c%22adomain%22%3a%22iwd-marketing.de%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2256129379%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222717825%22%2c%22adid%22%3a%2256129379%22%2c%22hash%22%3a%228242811467456899294%22%7d
Frame ID: E6882D4A7079CC68802A31BBC05A846C
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=56129379;rtbwp=e4NwOcW29uF7feEByOXVe6J0jcoeHMvkpZFDJQ;rtbdata=wne0tGld-9ln1ew8_xv8abSxUM8Ag-rBFx-TXaKZ6P-6lPtbCRI087HxLXDO7UtQZaJ2yecpWLs_8jAC91urPWwneLafaP4DLmkf3M6pIyHJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_wEqmWq2V8i5h8aTD3DHXZUaZE5fSFo-peTqcoE3up6MpcWlM66LloJcp1C8rulQawVlJQDJVhiYuouAqghP3omnlVwJhAxQOQeEimShqzcc1
Frame ID: C6F8A4B1D6B5D10C2109698FA933EE61
Requests: 10 HTTP requests in this frame

Frame: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22141412d3-3bd5-43a6-99c0-2361f0aebaea%22%2c%22adomain%22%3a%22firmen.tv%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2254901439%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222665998%22%2c%22adid%22%3a%2254901439%22%2c%22hash%22%3a%225095588509565445259%22%7d
Frame ID: F79E255E53B4F33C2DAA16948592037F
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=54901439;rtbwp=q5a_MJdgwArOEnF-cs_Mf-K0uQ2FiQ1xeo6mxg;rtbdata=aJKsiFVwk3mzCj2t8fHuYsKt-_ZI8256HlPvdGq1jL9jjnZSQn0X6VRzmorgIzdabsOEUD14wmr3F-MMmKRb7Z9K_U2srmWWp561Scw3SK7JdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_oZCp-QDaIvImpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQapFFk3vNLoIIuouAqghP3omAC5HLFvl7DQeEimShqzcc1
Frame ID: D7EDFAA9EF1821F8612731613B186E2B
Requests: 10 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=91be23a18b3eDu_b6bObJyZjNmgjNYA3VGAjpQA0zHIYy8mY_Hml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=47471400004385301467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fp9bgiwqovj0u8i5%3Ftprde%3D&uidRedirect=1
Frame ID: 95396EA1F124373112257C4EEBEBF8BD
Requests: 6 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=6d9163666083fUDs4va84H7b7q9LtUmggOZ3DyPJ8qdLBT55zuIeJGi_QMOieXJYh89-NcSnNhB8i1jx7Uxnzhn2qAR94NRvI1vsgHlNw4blJEJJ1xS9SQOmpqzEp3BaUiGgea3hwilTJJLOTlOxcknGDNsfgWhTaVpnQob3SruDRvNBfomSTNr&subid=44605000004385401467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fpbtqwpcg7ki48v1%3Ftprde%3D&uidRedirect=1
Frame ID: 003CBF1BDA1C597813BFAC83C938E3CE
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 23591F018118B3E3E69D606FA449738D
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 44596011226FD17709C5FCFE647754ED
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10726&pub_id=1805345
Frame ID: 85E24692CF89647482449F36CC863717
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 71118FD605BE60E814C74B7FCA7DC4A7
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: BD29C98BE269738EBB2FEE5150C8823C
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2F58D70C06871E3F1005CFF1648A1E3C
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6E71588D383F1AED3F5C8385E3CD776B
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 94738EA2BD85B9DCFB6A2826B5282409
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 67408C20D02096429EDE46BA7BF00C69
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 9FE39A832B4F462D36188030C6477B43
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5136BB5A6D801859A97A3082C99CEF4A
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8CA1A357DDF2F321D402C764EC5AD845
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6E528D9CE807AF0DCFA463F90FDC75B7
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D4AA442E0193550A84E7F43E4FF57A4E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C47CE12CED2D20A798E57F562210A650
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 236019CC1D142B099782822B778B2020
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0D760A67E3F250426AE78FC2EB1C5EF3
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 757200BD0719F17F1EA1E7EB9ABCCF68
Requests: 2 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=62487700004385601649441012172018
Frame ID: 133E72AF867F7C80D57746180AC307AF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F5628BA997F3140445943BC801E468BE
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: ACA675A9DAC7107EB0B53A1F910C704C
Requests: 3 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=24697600004385701649441012172018
Frame ID: CACC7536839D86C4285AF6FD9F204932
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D51CE9B883502AC35660A2D67BB4C0F3
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 16ADB48EF5A5A985DBC46050F5FF9659
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 8E47215C209A753950C188FA44119DD2
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6EC9DE5DDFA5A395287B1CD4001CCAC0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 041779B740416A8756643A3A2457A539
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A3239B65FA6782AC967158143E1AC442
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C876281196E6781177D00A1FC6B9D49E
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: BFC9329D4FED4022A6D41AD918022643
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 38524B7B80AD9F4BBFBBDF49C039A436
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AB9338C1B94723726897EE771B7FD17B
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 041A9434CB31D20E5861118D5883753F
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C15F9F1A6D95E164B04C9DF00F08DA97
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EA487012B12CF2794EA0D6E834A136EE
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 96F902C3B3A60B5E7066E828B5433BF5
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4E57F8CD7BF1A148450EEDE6C0D4005E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8277C120F2D6DD54202BF83CEEC23459
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 74BB675E0C44F7C780BC5B11C666B2EC
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FA06AEC10947EC94F7EF9318335C6098
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CD06BBF09FBC8523E770830F719D076C
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 39745837D3D2FA6D4A39A1529098728E
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 68DC6DD6C411262408A2119069E643BE
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FB3E57F169CC205C6473621B85771BAA
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CA1DC052B7AE4DE50120E6C838D5C444
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 323AADCC48053BA81C8E0D24A9D40632
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5F6E1C229D8689E79A3DEF3C0E15903C
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F475EA150E9EF7B24D6EB6655FA2D354
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2719763B26DA3DD742FBF12E9FF40F75
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 82594145D2E930CC7DBAC0F1B80AAE76
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 15595F1C5BA47D5F9ED6B48E327F1EBE
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A85521D32137CDBD0B43011E472033C9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F11BA0EDA64C0BD829E4D431D3EA5EC7
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CF1C2F79BBB2D60A9CD46A0BE16797F8
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CD95E33C52AD52B5622D197AC73E1A83
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FEAF84640F3192D9F14A1CF382A89611
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E3AE1D1EE4439BD7DB026C9C3E39E8DA
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2454F0B4E9198B92E3D011B145A4B05D
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3327C56B22E19E7B54BACDFCE1CA9897
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 922E8B3EF3165EB5949FB92393F37F8A
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 9CBCE146FF1B8F1320F3641380BD1B7D
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 224306562CF5D794A8CA18B324B96381
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 28995E77AE64B21F477B542F3522FA89
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 29E536ADC65DC8E7C5CB503F5EF13CF9
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3D3802F01B14592EC73E1A09FB287D93
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 57EA8EA66B2E164AE11BC02A90A0AE4E
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 796205401782A7ED8619A98005E386ED
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 61D47866DE587924181440D95A4AD406
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2A97C1903329A24D0CE4A9918AFBC712
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 364C4F0B5F8368860E2889203358193A
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 85631BFC9F68F5F17D3F9E6E5F8DF9E9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0861F8D84DEB48D7F6F2F3F22A17720A
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C4160B4884126916368AAA08831B726E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9F17C1540610DFBAD50C54DDFB5DED56
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 08477B72856D86CA0B1E0FABE8DCF10A
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C436971185F946B4D9900651308C1F87
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 51586218EC684F3EF89E6D2B9DC400EE
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 08F0379CA924B89FFB0C7BB2C91D7143
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: BF97DD9AFC00C39B884D806DC73014B1
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A837356140A07B5E56470C37EE360F62
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: E89874CA1CFCEE2BB067046F3B8EF135
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 69BFDB90B724358B92F4B3E859419776
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F88C43E5A14D9A9CAF7C6053AD565C8E
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 01CDEED5D9CBB4DD66BD125D6C8A5450
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 83B243B5A516DB2628C34469EE932D4D
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0266A16EAC2B4BCBF717FC0B621C14BA
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D07436D6F24423F30E663B2555C65BE9
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1DEAC798D2D8210B35EDDEF6D13AC1BB
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5704AFC5F043279D5C4B1E30E3703C13
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 56767304E486DF427C89BDF738A11496
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 12A4C564E8332C0B5272A7F03967AA69
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 21FE2D42D75E1536BB203FC2D0DD48C3
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5693CD6905197CD4DFC3D9FB4F034271
Requests: 2 HTTP requests in this frame

Frame: blob://https://flashnetic.com/d3c449a4-2405-42a8-8e84-85aea7bc3512
Frame ID: 7CC2993C40E44CE9B51BECDA2D714F33
Requests: 1 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=60212100005016506516379012172028&a=82eaf16c
Frame ID: 11E69774578C3FD952EF124AC41E55E1
Requests: 5 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 56439A44098A049B0BB17BB4B0FB51D9
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=18986&b=ADXHYfqf7RwsAHwtkuktMMEURS4T88CeVX&f=Mx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4&c=300&d=250&e=&g=8498e484cd414191471c7cb4e55e4940%2F8223107598856800668&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359917&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 87AC6A3CFBDD9EA003BFFA38D9FD6205
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=18986&b=ADXHYfqf7RwsAHwtkuktMMEURS4T88CeVX&f=Mx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4&c=300&d=250&e=&g=e0dae009920a10858fb13537cee28412%2F7960912867692032531&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359917&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 43109D080BDCB017B1B3D5CD226006ED
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=35659&b=131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3&f=wAkUdfjfdb6UEHmtwuEC447HzSATJJUz2p&c=300&d=250&e=&g=42d4f0f94a7533e0d3ab55ee2ecd0bd9%2F874961684115658629&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359918&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: 9B11870DC473A52F9679655766206B31
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=35659&b=131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3&f=wAkUdfjfdb6UEHmtwuEC447HzSATJJUz2p&c=300&d=250&e=&g=edbd718e1e3d723ee2c051080b660f94%2F3303225659553864476&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359920&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Frame ID: DA89EE3465A775F0BF9285A2FDF5BAEA
Requests: 3 HTTP requests in this frame

Frame: https://partner.o2online.de/o2/?nw=lea1&affiliate=117679&partnerid=12218&s_id=117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView&camp=channel13&size=300x250&clicktag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D&clickTag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D
Frame ID: 39EB8C6283F4DC56567A841A0B06E102
Requests: 3 HTTP requests in this frame

Frame: https://partner.o2online.de/o2/?nw=lea1&affiliate=117679&partnerid=12218&s_id=117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView&camp=channel13&size=300x250&clicktag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D&clickTag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D
Frame ID: D7587B1454DE2F89793A20C2C7BF7935
Requests: 3 HTTP requests in this frame

Frame: https://partner.o2online.de/o2/?nw=lea1&affiliate=117693&partnerid=12218&s_id=117693V1226162749FSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView&camp=channel12&size=300x250&clicktag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hq7h3rswdaen46skpfbnw2zrz53n6k1w80kbfty5k614rf6hhphfeep7dp99hm6ax9yegn4vaydarbxcgad6hw70mhz7gcmemptvvy3bfrexfgw18p0nn0sssyczedcz3nrexfy1tzkrq0vdsas9mb1y5j4w833wtkkb61fw0j5q2ekm0gdrxmmsdk69vvf1wc0t4xbch3gkt13cvn8h4pch65vadndq7c7mdjnhn81nnzb36hcz3beeebpsvg%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117693C1226162749F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26deepurl%3D&clickTag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hq7h3rswdaen46skpfbnw2zrz53n6k1w80kbfty5k614rf6hhphfeep7dp99hm6ax9yegn4vaydarbxcgad6hw70mhz7gcmemptvvy3bfrexfgw18p0nn0sssyczedcz3nrexfy1tzkrq0vdsas9mb1y5j4w833wtkkb61fw0j5q2ekm0gdrxmmsdk69vvf1wc0t4xbch3gkt13cvn8h4pch65vadndq7c7mdjnhn81nnzb36hcz3beeebpsvg%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117693C1226162749F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26deepurl%3D
Frame ID: 4DCBE1A70051F023691058D5B904E8FE
Requests: 3 HTTP requests in this frame

Frame: https://partner.o2online.de/o2/?nw=lea1&affiliate=117693&partnerid=12218&s_id=117693V1226162749FSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView&camp=channel12&size=300x250&clicktag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kvwc9y39hda1c6808e8g8n1fwt0sc90nk8bwg6e7wrsfwn561h89dfdtz5kkq5e8df4nftb2ygg7r5pvrgrcb4agf1qf0zb9dnrakajdg308e92kwtzb9mdtppgggy10eq0st34yf5hha8rr8kbrxscpew1y420q681zr47qn1jgm475sxcq43cdgd6pzsecchntte2cwgxq19wpq03j554m58psbd016z2xfexznf7kexebwfmp19kddbmdn4d%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117693C1226162749F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26deepurl%3D&clickTag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kvwc9y39hda1c6808e8g8n1fwt0sc90nk8bwg6e7wrsfwn561h89dfdtz5kkq5e8df4nftb2ygg7r5pvrgrcb4agf1qf0zb9dnrakajdg308e92kwtzb9mdtppgggy10eq0st34yf5hha8rr8kbrxscpew1y420q681zr47qn1jgm475sxcq43cdgd6pzsecchntte2cwgxq19wpq03j554m58psbd016z2xfexznf7kexebwfmp19kddbmdn4d%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117693C1226162749F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26deepurl%3D
Frame ID: 00B65A97DA2BF8C76E65BE189A04B5FC
Requests: 3 HTTP requests in this frame

Frame: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117693&s_id=2022121302360079452111047X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&gdpr_consent=&gdpr=0&cons=0&spid=2022121302360079452111047X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&wfid=117693&partnerid=12218
Frame ID: D5DBCEA98F966CE8D8D9CA45BD8F8132
Requests: 1 HTTP requests in this frame

Frame: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117693&s_id=2022121302360079452111049X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&gdpr_consent=&gdpr=0&cons=0&spid=2022121302360079452111049X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&wfid=117693&partnerid=12218
Frame ID: B095F5E1963626C10242EF6BC42EBA07
Requests: 1 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B25220131.294007390;dc_ver=92.271;sz=300x250;u_sd=1;kw=AFF_la_117679_12218_-;mco=AFF_la_117679_-;pid=O2_AFF_POV_EXA_15008;dc_adk=2707832954;ord=a458o4;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3Dhttps%253A%252F%252Fpartner.o2online.de%252Fa%252F%253Fi%253Dclick%2526client%253Do2%2526camp%253Dlpurl%2526tcamp%253Dchannel13%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117679C1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxCiew%2526affiliate%253D117679%2526lpurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=4,https%3A%2F%2Fearnme.club$2,,,,https%3A%2F%2Fpartner.o2online.de%2Fo2%2F%3Fnw%3Dlea1%26affiliate%3D117679%26partnerid%3D12218%26s_id%3D117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26camp%3Dchannel13%26size%3D300x250%26clicktag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D$0;xdt=1;crlt=ukszgKEsdB;stc=1;chaa=1;sttr=179;prcl=s
Frame ID: 3C399401926019E4A2059A3A728FF4B3
Requests: 8 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B25220131.294007420;dc_ver=92.271;sz=300x250;u_sd=1;kw=AFF_la_117693_12218_-;mco=AFF_la_117693_-;pid=O2_AFF_POV_EXA_15008;dc_adk=1795295360;ord=k62i28;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hq7h3rswdaen46skpfbnw2zrz53n6k1w80kbfty5k614rf6hhphfeep7dp99hm6ax9yegn4vaydarbxcgad6hw70mhz7gcmemptvvy3bfrexfgw18p0nn0sssyczedcz3nrexfy1tzkrq0vdsas9mb1y5j4w833wtkkb61fw0j5q2ekm0gdrxmmsdk69vvf1wc0t4xbch3gkt13cvn8h4pch65vadndq7c7mdjnhn81nnzb36hcz3beeebpsvg%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117693C1226162749F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26deepurl%3Dhttps%253A%252F%252Fpartner.o2online.de%252Fa%252F%253Fi%253Dclick%2526client%253Do2%2526camp%253Dlpurl%2526tcamp%253Dchannel12%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117693C1226162749FSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxCiew%2526affiliate%253D117693%2526lpurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=4,https%3A%2F%2Fearnme.club$2,,,,https%3A%2F%2Fpartner.o2online.de%2Fo2%2F%3Fnw%3Dlea1%26affiliate%3D117693%26partnerid%3D12218%26s_id%3D117693V1226162749FSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26camp%3Dchannel12%26size%3D300x250%26clicktag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1hq7h3rswdaen46skpfbnw2zrz53n6k1w80kbfty5k614rf6hhphfeep7dp99hm6ax9yegn4vaydarbxcgad6hw70mhz7gcmemptvvy3bfrexfgw18p0nn0sssyczedcz3nrexfy1tzkrq0vdsas9mb1y5j4w833wtkkb61fw0j5q2ekm0gdrxmmsdk69vvf1wc0t4xbch3gkt13cvn8h4pch65vadndq7c7mdjnhn81nnzb36hcz3beeebpsvg%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117693C1226162749F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1hq7h3rswdaen46skpfbnw2zrz53n6k1w80kbfty5k614rf6hhphfeep7dp99hm6ax9yegn4vaydarbxcgad6hw70mhz7gcmemptvvy3bfrexfgw18p0nn0sssyczedcz3nrexfy1tzkrq0vdsas9mb1y5j4w833wtkkb61fw0j5q2ekm0gdrxmmsdk69vvf1wc0t4xbch3gkt13cvn8h4pch65vadndq7c7mdjnhn81nnzb36hcz3beeebpsvg%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117693C1226162749F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%2526deepurl%253D$0;xdt=1;crlt=ukszgKEsdB;stc=1;chaa=1;sttr=212;prcl=s
Frame ID: 6BBF172181146834F7381ED15C6A0C1F
Requests: 8 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B25220131.294007390;dc_ver=92.271;sz=300x250;u_sd=1;kw=AFF_la_117679_12218_-;mco=AFF_la_117679_-;pid=O2_AFF_POV_EXA_15008;dc_adk=66784750;ord=7elf5n;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3Dhttps%253A%252F%252Fpartner.o2online.de%252Fa%252F%253Fi%253Dclick%2526client%253Do2%2526camp%253Dlpurl%2526tcamp%253Dchannel13%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117679C1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxCiew%2526affiliate%253D117679%2526lpurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=4,https%3A%2F%2Fearnme.club$2,,,,https%3A%2F%2Fpartner.o2online.de%2Fo2%2F%3Fnw%3Dlea1%26affiliate%3D117679%26partnerid%3D12218%26s_id%3D117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26camp%3Dchannel13%26size%3D300x250%26clicktag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D$0;xdt=1;crlt=ukszgKEsdB;stc=1;chaa=1;sttr=250;prcl=s
Frame ID: 3EB4712D9CFBF350D07032D6F27B0977
Requests: 7 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B25220131.294007420;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;kw=AFF_la_117693_12218_-;mco=AFF_la_117693_-;pid=O2_AFF_POV_EXA_15008;dc_adk=3648992709;ord=shy6p1;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kvwc9y39hda1c6808e8g8n1fwt0sc90nk8bwg6e7wrsfwn561h89dfdtz5kkq5e8df4nftb2ygg7r5pvrgrcb4agf1qf0zb9dnrakajdg308e92kwtzb9mdtppgggy10eq0st34yf5hha8rr8kbrxscpew1y420q681zr47qn1jgm475sxcq43cdgd6pzsecchntte2cwgxq19wpq03j554m58psbd016z2xfexznf7kexebwfmp19kddbmdn4d%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117693C1226162749F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26deepurl%3Dhttps%253A%252F%252Fpartner.o2online.de%252Fa%252F%253Fi%253Dclick%2526client%253Do2%2526camp%253Dlpurl%2526tcamp%253Dchannel12%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117693C1226162749FSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxCiew%2526affiliate%253D117693%2526lpurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=4,https%3A%2F%2Fearnme.club$2,,,,https%3A%2F%2Fpartner.o2online.de%2Fo2%2F%3Fnw%3Dlea1%26affiliate%3D117693%26partnerid%3D12218%26s_id%3D117693V1226162749FSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26camp%3Dchannel12%26size%3D300x250%26clicktag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1kvwc9y39hda1c6808e8g8n1fwt0sc90nk8bwg6e7wrsfwn561h89dfdtz5kkq5e8df4nftb2ygg7r5pvrgrcb4agf1qf0zb9dnrakajdg308e92kwtzb9mdtppgggy10eq0st34yf5hha8rr8kbrxscpew1y420q681zr47qn1jgm475sxcq43cdgd6pzsecchntte2cwgxq19wpq03j554m58psbd016z2xfexznf7kexebwfmp19kddbmdn4d%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117693C1226162749F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1kvwc9y39hda1c6808e8g8n1fwt0sc90nk8bwg6e7wrsfwn561h89dfdtz5kkq5e8df4nftb2ygg7r5pvrgrcb4agf1qf0zb9dnrakajdg308e92kwtzb9mdtppgggy10eq0st34yf5hha8rr8kbrxscpew1y420q681zr47qn1jgm475sxcq43cdgd6pzsecchntte2cwgxq19wpq03j554m58psbd016z2xfexznf7kexebwfmp19kddbmdn4d%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117693C1226162749F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%2526deepurl%253D$0;xdt=1;crlt=ukszgKEsdB;stc=1;chaa=1;sttr=282;prcl=s
Frame ID: 95B27C7C099B0E3C0B811DE5682DAE0D
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 636E37DCF681479E130666DB9A0F0AF5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 973F40AACA5A47E8C239D23F8B8B415B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 80825D54CBF1219AC89DD75EFAB99CC0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 516895E377D2E2171535F5431D7C3FB2
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: A282F1EE4C79C8496F399613DCAA39F6
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=J4U1ZiaAbP&t=1&renderingType=2&ev=01_247
Frame ID: C45B777718EB0DBF9A96AE1980AC6B52
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=sbFMV9EiX9&t=1&renderingType=2&ev=01_247
Frame ID: 418676A97B1CE42902CB611E67D00062
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=JTHdIJ0YHV&t=1&renderingType=2&ev=01_247
Frame ID: 0C7E4FBFCF81DDD85A8BFD5433C5D144
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=E2CT7Eh6fK&t=1&renderingType=2&ev=01_247
Frame ID: 712E9E4E71663CD5DB4EBD02B00E1197
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: ED44A28CD50C806B28DEEBCF6EE1FC53
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: F23B42C66A90C074CB49481A1616C653
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: EC20DB67D577D9164833104CF9F19EC9
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: C963807DDD5D2985B6761CE765EF4CE7
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: A0472CC085223FCFBF3404B1A7820552
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 01DDB533E1DE98F19CB2A7A99F85A563
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 7F27BD2DD3CD6B6713749A530A888AE4
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: C0453CD799C8AEA95364B5EF03CBD222
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: A5692BF559639E5ECAE3B41A780C0FEB
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Frame ID: 14A0E94A26B0116167B68272105686B8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: A90A1309B38E3E365CF304CEACD147F8
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 11DD0D3688C1329476EB5BB67AA29BC6
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: A21EF66772B8B4B0FBF8F8AA8756EF0F
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 3468C40A26E415E2DA14D220EDE05F62
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: D70B7A7FD5025AB467E65D9A413DF523
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: A2B61A56F95B4E8043A88009C8A449AE
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: EAE12DF8221ACF2EADDF4981B7AB4D3E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 12BEBB1B2EF31B2E95449E6E2E83A863
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 0E1A2BD68D39243D0B2CAA73E8DF5A0D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 4DD8D7B50173CB30814A5CDC87E0CBCE
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 38DC459E6D99A2CDFF49DA4B1E282C50
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: AD9EFCEF224C4CD8461085ED481E0E01
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dYto7aKmqr7io0rkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 68524AE1C45A4B9476A8A8E18098B178
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 62227B502A972B1EF3092497B85BE48C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8C27C65C0F8F08B3878EBA388B8E0475
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQWX43D&prvid=2034%2C2033%2C2030%2C112%2C233%2C2028%2C2027%2C159%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C294%2C251%2C175%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C70%2C77%2C2023%2C2022%2C141%2C262%2C222%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: ECB5F15033B13F42D6FB5254D9804085
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1670895347625
Frame ID: CE4A5290E7DE36F8EB8657E0AA3A05B8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: 2799F7169E12F003F1D6F657410AA1B1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js
Frame ID: E324CE479B67F8FD470AA2C72581F715
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: C8CFF08086B53445CAB967F64D78CB04
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 95B8E9420BDE92A8211A1E1BE0E4334C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 50C0F6CE7DF6BD04A4F54FB7E2653C2D
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 99764504AAC93B4FE34A2251EE57EF01
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: B6671E923EC95E0B193B19BA012DA817
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: E6670AA3DABA49EFE4BF1ACB2C224688
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 6CC6E2AE22FAE53F379ABE48D27337B8
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: D7304CD9F93F4F873971D11AAEBFF160
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 3BA00656298A837F6B7EB136DE5EE9E7
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 3BB65AB7B561691F66D67DA340111C02
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 1DB9571C6700E4C5E195286D82468368
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 7DFA926F064421BA3C5775B0DD5BAB81
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 7B16F8DAE910661F709EC9D984AEA2F5
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: A19FD206FD496420EA09156F8052F300
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 31FFEAECA7CDBF84F93532A768F58980
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: C3612160982C338119162C17959A15D3
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: A4AE74535C76E44ABDAFA44556D39E74
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 96CAB681FAB947E52F2A17FC25D875EF
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 371C4ECC40ED75E2DC98DC474C10E913
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: EFB7067782EF5DF120558E5862045264
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 629EC8A0D8376BFE0FA8645BCFB003B3
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 9CDE3252E58C0334232CA320F3BA1C65
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: EB770BEC67BA30DFD0D82790EEEF69EC
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 70C7364406B1B6889459AE275592568E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: C120D990ABFACCF186FD9BD08A58078A
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: A68B4C3D2E9A285CDF8BE780E7EF0A12
Requests: 2 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
Frame ID: 6785353121F599B6CB9DB60F8831A494
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: B368FF50A02BB5AFD37D15007CE54320
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 3E64A02D3B7743F9ADC2E5C2D92D3E10
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 8E66B72D3D76E96076DED57397E19BC9
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: C9B6E726DBFEB9112E6E0D4DDBA074A7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 88F29E437C0767C54C65251B6C07EE10
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C0CB139FFA40EDCF0717201FF8927B3B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NORD N1 from ONEPLUS – Tech One

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

1837
Requests

95 %
HTTPS

34 %
IPv6

78
Domains

148
Subdomains

126
IPs

10
Countries

21098 kB
Transfer

54832 kB
Size

57
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: WordPress.org

Search URL Search Domain Scan URL

URL: http://i%20have%20no%20websites%20bro/
Title: Sarbash

Search URL Search Domain Scan URL

URL: http://earn%20me.%20com/
Title: Saminda

Search URL Search Domain Scan URL

URL: http://rasik%20reo/
Title: Rasik

Search URL Search Domain Scan URL

URL: https://mhthemes.com/themes/mh-magazine/?utm_source=customer&utm_medium=link&utm_campaign=MH+Magazine+Lite
Title: MH Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 106

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=roBDY3xQSUt1LzE5OGJINFhXSFVCY1R2aDZaTmdkcjF2R3lTbE43dks4MTlSVFNidnl3TktFeDBhNVprRG5uRXFLUGx3NFg4bEhqdE91QWNBSnhvVUlQemIwR1BuaHlOMEFoODZ3bFJDVEZXTW54WnZpbk1LRnJGdm1HdFRVQnBENHRMeCtFWVlhQytKeGhRcTd2UEJhS2RaRGdlYUVmYkY5dThSUjNYdllKZENLQmFjY0JDalIzVUd6Smwxd1BiRzZiMjdLN015c2pBMUU0eE13RGdFYTVWOFBYendtOURCOVBBUldyOFRRbk9IblhZPXw&cppv=2

Request Chain 243

https://pbjs.e-planning.net/pbjs/1/27fa6/1/earnme.club/ROS?rnd=0.8860696076424621&e=300x250_0%3A300x250&ur=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&pbv=7.10.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F HTTP 302
https://pbjs.e-planning.net/hb/1/27fa6/1/earnme.club/ROS?ct=1&r=pbjs&rnd=0.8860696076424621&e=300x250_0%3A300x250&ur=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&pbv=7.10.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F

Request Chain 246

https://ads.pubmatic.com/AdServer/js/pwt/157742/7600 HTTP 301
https://ads.pubmatic.com/AdServer/js/pwt/157742/7600/

Request Chain 265

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 368

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 593

https://gum.criteo.com/sid/json?origin=publishertagids&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=T5JoJ193NCUyRm01Q1duRFJwNzJuald0WDk5RW5JbGtOS0lrMFN6RnRPV2VBJTJCUEtKd1JuampsciUyRk9aOWZBOWMlMkI1bjZEJTJGVHBybXRvSkl1R3J2azlwWTlBV1UyQ2s0SjFNb1VWbG1ZYmxSNjFDMlRxQWs0SXpxZFRybGYlMkZIUnVEcWJZUEI2Mw&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=8rqFnXxkdWFQcFZpVEJiWXhlNlpDZWRDNldGNHZJTW90MitPbDh4SnNRaTJPVVJPVTZnd3NqQ0dzMVlFV0pxZUowRjU1aDlCRm92dU5TSjFERXdMcW8vMDRVbWxzYysxazFLakY0d0xWUDZEb0dDeXVOYzc3bUlPN01EaTBkdjQ2cG9hR1M3anpKY2s1UzJWL0Fxa09WSm9mcmsvUXlkYkpxNFdtL1FQSEN1bEI1S0R5VkppamlVeTRIanM0bTliYnppbldPNnNsRnNoYWxsWHUzK00wZm5PaWNrTkFmYlFBVGM3RXBOVnpQdkNocWJ3YS91RjhYWTVmMkZmZmJtcmwwNnY5S3BxZWhvQjQvODJqZ1pGb2lRZkFGUT09fA&cppv=2

Request Chain 660

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 730

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 732

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 745

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 749

https://x.bidswitch.net/sync?ssp=adform HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=adform HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dadform%26bsw_param%3D214d1d33-2082-45c3-a55b-0a34460818d7&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=1eab6397-d6fc-4c00-b8ed-d02392677828&expires=30&ssp=adform&bsw_param=214d1d33-2082-45c3-a55b-0a34460818d7&gdpr=&gdpr_consent= HTTP 302
https://cm.adform.net/pixel?adform_pid=3&adform_pc=214d1d33-2082-45c3-a55b-0a34460818d7&adform_v=1

Request Chain 750

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc HTTP 302
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEHwSCrhKgnG9N8jMseLA-UA&google_cver=1&adform_v=1

Request Chain 751

https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID HTTP 302
https://cm.adform.net/pixel?adform_pid=16&adform_pc=7413222715571309918

Request Chain 752

https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID HTTP 302
https://cm.adform.net/pixel?adform_pid=18&adform_pc=83dc95dd-0663-4c62-9c29-50b2e51c8f96

Request Chain 760

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 768

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Request Chain 772

https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsuqdsfso%26e%3D1011989061034&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAACCuR9E_MFdxcAqnjD8W9rTDX5OVP75-96a2J9QqXg18asgO4Wb41pdjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA0iaD9wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaJeAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyOUD8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTI5%2Fbn%3D97054%2Fclickenc%3D HTTP 302
https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsuqdsfso%26e%3D1011989061034&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAACCuR9E_MFdxcAqnjD8W9rTDX5OVP75-96a2J9QqXg18asgO4Wb41pdjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA0iaD9wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaJeAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyOUD8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTI5%2Fbn%3D97054%2Fclickenc%3D&uidRedirect=1

Request Chain 795

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 796

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 812

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEIEUJQoyEt8d2wxvGa7rZbs&google_cver=1

Request Chain 813

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEHwSCrhKgnG9N8jMseLA-UA&google_cver=1&adform_v=1

Request Chain 837

https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkdonne%26e%3D1070536818601&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAAOCjcM0_MFdxcAqnjD8W9rTDX5OVPxKoJlOa5EQSXg18asgO4Wb51pdjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAPycl4gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521tRb8dwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0D8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96588%2Fclickenc%3D HTTP 302
https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkdonne%26e%3D1070536818601&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAAOCjcM0_MFdxcAqnjD8W9rTDX5OVPxKoJlOa5EQSXg18asgO4Wb51pdjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAPycl4gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521tRb8dwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0D8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96588%2Fclickenc%3D&uidRedirect=1

Request Chain 841

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8LVaw3piQ5aBX-vACMZ1vg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8LVaw3piQ5aBX-vACMZ1vg

Request Chain 842

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTI0ZjYyNWExMjcyMTkzNjVkZTQ1NTk5ZjUyMWQ3NGEzNzgxNWE2Mw

Request Chain 843

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDY6Qh9Lo4xgPUAmMlVW32E&google_cver=1

Request Chain 844

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBLJY5AH-20-1P9G

Request Chain 845

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0u6c5rXoQkGgZz_tk1cUsw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0u6c5rXoQkGgZz_tk1cUsw

Request Chain 846

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJMSlk1QUgtMjAtMVA5Rw==

Request Chain 847

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/Gbdwqrbf7f5fp06EDeHYxMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xJpbu0tE2oIV.4uWljEigZ76nSbDVXG7JNh5tA--~A

Request Chain 858

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 918

https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=91be23a18b3eDu_b6bObJyZjNmgjNYA3VGAjpQA0zHIYy8mY_Hml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=47471400004385301467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fp9bgiwqovj0u8i5%3Ftprde%3D HTTP 302
https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=91be23a18b3eDu_b6bObJyZjNmgjNYA3VGAjpQA0zHIYy8mY_Hml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=47471400004385301467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fp9bgiwqovj0u8i5%3Ftprde%3D&uidRedirect=1

Request Chain 922

https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=6d9163666083fUDs4va84H7b7q9LtUmggOZ3DyPJ8qdLBT55zuIeJGi_QMOieXJYh89-NcSnNhB8i1jx7Uxnzhn2qAR94NRvI1vsgHlNw4blJEJJ1xS9SQOmpqzEp3BaUiGgea3hwilTJJLOTlOxcknGDNsfgWhTaVpnQob3SruDRvNBfomSTNr&subid=44605000004385401467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fpbtqwpcg7ki48v1%3Ftprde%3D HTTP 302
https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=6d9163666083fUDs4va84H7b7q9LtUmggOZ3DyPJ8qdLBT55zuIeJGi_QMOieXJYh89-NcSnNhB8i1jx7Uxnzhn2qAR94NRvI1vsgHlNw4blJEJJ1xS9SQOmpqzEp3BaUiGgea3hwilTJJLOTlOxcknGDNsfgWhTaVpnQob3SruDRvNBfomSTNr&subid=44605000004385401467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fpbtqwpcg7ki48v1%3Ftprde%3D&uidRedirect=1

Request Chain 1030

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=62487700004385601649441012172018 HTTP 302
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Request Chain 1031

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=24697600004385701649441012172018 HTTP 302
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Request Chain 1230

https://hal900028.redintelligence.net/request.php?zone=pqzrxe8e8mo6&nw=20&renderingType=javascript&namespace=bc4ca182fb&subid=&uid=4b515ad4e2084cc8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59973788%3Bcrtbwp%3DVLPvAtWBS0AEFrZmp8rZv6zboUFQG3yp0%3Bcrtbdata%3Del6TqoVMDqZMvNrwuwj5L_gh-Krp2vjHtNVHQU4OBy0ISjrEtFpOfDZ9JNJrNRQTHWyHopwZA_vGeKpNH8fNV_6Q018Q_0xzIfeN7JC-XW7J04_xY4TIsqaR6UG2tCLk4xzBRbCjWP1VphNr_nErroI1dDrbif0SU4yEcxci_DWb1Jfou_okYKQckU2Fb4eYRmggcV4l69A5sq1GjnARB3zmVI9sa37EHsgSY50jif5CfsRTXA7rNEBXtIMbdIQoK6795bbid_rgluaqRTTtSEcn7z1MzRlCf7gpsbU7-dDPOHlrY1s6p8N4iOtIBxgX0%3Badfibeg%3D0%3Bcdata%3Dw4dvV37RC5jHzBF-Qcv17MUK2Ev4JdCCZBrCtyEJFfhIqc7mShbaKCvZhEBkHI_cJoG9QWsDzBm8ZcGBfLEkiIcHQlbOzyC-oA9GDAzbgHQUFcc9yyPa6f_N7jxntrfLKD7TfxtG7NK45A-XK6WXskhpQmAcObdLZZbJq9TKcO8RgUF6X2Vc7ux-HTmi7qoSu1k8x6sQHqBR5DwK4QH1P74T_gpltIHigY13xyyqrUC58pexOKUkp1NoKZVSwNYk29IDoYxbtNjMD_rxmhFoK6e56xLXwttjMTOyvXFTZ4Zrq__X0J06qK4WrCE8ovGnFXfYpHQ_QbJholTa4zbQ2SUMpk3TK1lRZkf6sn78ktV621fHe56zhCUMpk3TK1lRsjokatFr4Q9B4SKZKGrNxw2%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dbkjnt%26e%3D1070536818601&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&random=6399196249581&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900028.redintelligence.net/request.php?zone=pqzrxe8e8mo6&nw=20&renderingType=javascript&namespace=bc4ca182fb&subid=&uid=4b515ad4e2084cc8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59973788%3Bcrtbwp%3DVLPvAtWBS0AEFrZmp8rZv6zboUFQG3yp0%3Bcrtbdata%3Del6TqoVMDqZMvNrwuwj5L_gh-Krp2vjHtNVHQU4OBy0ISjrEtFpOfDZ9JNJrNRQTHWyHopwZA_vGeKpNH8fNV_6Q018Q_0xzIfeN7JC-XW7J04_xY4TIsqaR6UG2tCLk4xzBRbCjWP1VphNr_nErroI1dDrbif0SU4yEcxci_DWb1Jfou_okYKQckU2Fb4eYRmggcV4l69A5sq1GjnARB3zmVI9sa37EHsgSY50jif5CfsRTXA7rNEBXtIMbdIQoK6795bbid_rgluaqRTTtSEcn7z1MzRlCf7gpsbU7-dDPOHlrY1s6p8N4iOtIBxgX0%3Badfibeg%3D0%3Bcdata%3Dw4dvV37RC5jHzBF-Qcv17MUK2Ev4JdCCZBrCtyEJFfhIqc7mShbaKCvZhEBkHI_cJoG9QWsDzBm8ZcGBfLEkiIcHQlbOzyC-oA9GDAzbgHQUFcc9yyPa6f_N7jxntrfLKD7TfxtG7NK45A-XK6WXskhpQmAcObdLZZbJq9TKcO8RgUF6X2Vc7ux-HTmi7qoSu1k8x6sQHqBR5DwK4QH1P74T_gpltIHigY13xyyqrUC58pexOKUkp1NoKZVSwNYk29IDoYxbtNjMD_rxmhFoK6e56xLXwttjMTOyvXFTZ4Zrq__X0J06qK4WrCE8ovGnFXfYpHQ_QbJholTa4zbQ2SUMpk3TK1lRZkf6sn78ktV621fHe56zhCUMpk3TK1lRsjokatFr4Q9B4SKZKGrNxw2%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dbkjnt%26e%3D1070536818601&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&random=6399196249581&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 1415

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022121302360079452111041X117679V1226132702MSoneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&gdpr_consent=&gdpr=0&cons=0&spid=2022121302360079452111041X117679V1226132702MSoneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&wfid=117679&partnerid=12218

Request Chain 1417

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022121302360079452111043X117679V1226132702MSoneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&gdpr_consent=&gdpr=0&cons=0&spid=2022121302360079452111043X117679V1226132702MSoneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&wfid=117679&partnerid=12218

Request Chain 1423

https://www.telefonica-partner.de/tb.php?t=117679V1226162771F&click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253D&subid=oneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/o2/?nw=lea1&affiliate=117679&partnerid=12218&s_id=117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView&camp=channel13&size=300x250&clicktag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D&clickTag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D

Request Chain 1425

https://www.telefonica-partner.de/tb.php?t=117679V1226162771F&click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253D&subid=oneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/o2/?nw=lea1&affiliate=117679&partnerid=12218&s_id=117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView&camp=channel13&size=300x250&clicktag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D&clickTag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D

Request Chain 1431

https://www.telefonica-partner.de/tpv.php?t=117693V1226132702M&subid=oneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117693V1226132702M&subid=oneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117693&s_id=2022121302360079452111047X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&gdpr_consent=&gdpr=0&cons=0&spid=2022121302360079452111047X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&wfid=117693&partnerid=12218

Request Chain 1432

https://www.telefonica-partner.de/tpv.php?t=117693V1226132702M&subid=oneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117693V1226132702M&subid=oneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117693&s_id=2022121302360079452111049X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&gdpr_consent=&gdpr=0&cons=0&spid=2022121302360079452111049X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&wfid=117693&partnerid=12218

Request Chain 1579

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=0&topUrl=earnme.club&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=XSMbDXxXZ3dycy9nZGlib2lsM3JnSVR2WldhNEswNCt3SlpuY3g4cE1BQ2NlSmFmUGtUemRCbFRRd0NKMkZkbnk3bTFQODJjQWVZczNyNnB4OGlUdDlnZUFUb2JCZFlvSmlZZG43WC9lQlpIdHVWUXAvbVpSTXpQN2xKc3lPN2F3LzlKdUJKMk9sQTJWcUptM2ZzRVV1UCtoUW13c09GeHU2UEZrKzJ4cFBYTDdvRG5jcXRsZHZ6RUJVL1NLczV4Mmk2NkM5NUoycndydkNoRzNKUFhkRzd4YmlQN1kwYnRuSGt3SkpPZzcrNE1HUE4rM0xjZm11RnJKTHA3Ny94UzFneXBKYVNEUTE1eUdpWFJqcEhtTGZYQ0t1d2FSWUFNTkdacnpsSmZIeElRRkpFST18&cppv=2

Request Chain 1586

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=0&topUrl=earnme.club&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=iOt-B3w4c09lVDZvMFl5YllQeGtSVHJEM3M5WWg4WWN0eVBxQWc4aUgweEcyMHllSmhIbyt4eU9pQ1g3b0NkWGx1MnFBVnViNk45RnA4WW0zdmgwQU1kVUkyUkhDSFE1d0lqU01PMTRjNks3ME5HOXFubWlkT05SS3dUM3hIWForZkFNRWV1T2RzRUFTUXBtWUJHK3RWS1dOUXNKYWRidGVwWUl3OEY1NTRtVGpjZ05RRXhzRlRIZXlaRFpUS0ZkTzFhZEw1aFo2Z056MHVyN3dVYWRvWldPVW9HOTRNSi8vcTVSZmFjZE1TbGlpb0NRdFJZb2lkZkdCWVV1WWtZNWtDZDZRdEwxRndQZFV0R0JaOUVjSUtvYy8vcHEwTjk2OHVuZGpac002Vjc0MlZ4cz18&cppv=2

Request Chain 1608

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=0&topUrl=earnme.club&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=0kzJqXxhMVJqNnhIRUgwNlNhODl2M3l2OTdMSnVlYWRmSGFwRjRRYjFkeit0Y2VVNXdTeTBnTnVBK01mR21RVzdZL1k2c055cEpKZnVESmxXblFlNDVuVW5YYllBRFhvK1JjaHZyQi9peVRqR1NVUE5kU29tV1FJeDkxT1V1SDJjUlFyTkw0K1d1WVAyS3JYblBEejFVQ2xvemZ4QVZKRnFadXY0bHp0MWNuMWJsSXh4K3BCZlNHQ0loa3VBQkwzRjYvRHVFc045Q1YrZ3h1eTArWVBDK0hxNzV5NkhBeVdWYlNLNGwzczQ4UEZBdXpkZWNpam80Rnl3VG9rTEZOY0JIREdDV1dnQUVnZHRQNmsrYXVWT2lIeXdLanUwWVV1T2tmSHJxU3RUdXVCTG5Fdz18&cppv=2

Request Chain 1609

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=0&topUrl=earnme.club&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=0ZcIA3w4R0o5cGZESEdzR2wwOXVndGdNT2txMHVGU3oycjFQMG9WcXZEMkRweFdQaFJkMkk2ZVlodjlDby96aFVGM3B3Um1QemsrUHNBNnRjRytwdVMxR21uSVE3MVRjTzVOeENTZHVKL1JGdTNkK2pCNXdiZjFnYVQzZ1hKYWE4WnA1R0l2MHNVZFovbmlxQ1VRbmRRYWpqbE9QOHdFM1Ayd1VCTlYzek5zaGdJYk55Ty9QU1o1dVZxK05QcGJsNWNFTW83M3hiN3ozd2JCSjVpTkJPZDFmRG53Z0ZKYU0wOEdXOUtWZ1E4MHZJUGJUcEtkM0crL3hqb0ZYMThVU25LM3NneGlZOUVOT2tGeHl0Y1hvNExHalZrNU5wOGVIRGhyQTFETUhXRXRwUzRBOD18&cppv=2

Request Chain 1620

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=1ogcql9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0JYV05rbzdNWktCeWZSRnJMUUZ0a3cyM2tiVlBFa2VUSVpETWk4Y2ltV1NXRkFkYnVsSVJjUk4yZHoyTVJrZ25iRnlLMFpFa0JLcERBMVJ0UFg0VTdQZXJMMGwwJTJGTnNuNHZ6ZnElMkZaUnhuQ2hrYmdWb0NkS0FNSm9ZeDFzSjkyYXclM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ezxNeHwvKzliTTJNZDRJWHh6aUt4ZXdLMkdOMVpXOG9ERldaT1NzOHRRZVhNRldCTEg1cjFpSVV5dGdDOUZ6ZkZDVlJ0SnRTS2h0ZG5pOG5VczAzaTNZTzNrQ1RFcGNPNGxITGFTVFZwbmQ4VVB0QUpuQk45bWpZZ3RDK2FXRklIaDYyakoyWDBHQ2YzRXBLSWhMZ29FTklUSDkwN3liZnlPZlZiT29mQlVrbmFsVXVBeXJEQ2pqTkFRdFVoelNXV3RkTmM0Z09IRmNqZElBV2VDTEdDN1pNMTdieFZMRTFTTFZuVlIrY3NPelJzQkVMWHJrenU2Tm0yVnFYU1pabXJXUGdYakEzUDVrbERFQ2JNaHRtZDhGbW1COXhJL0crRmx5RWZPQmsxNVdpd0hEaz18&cppv=2

Request Chain 1623

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=1ogcql9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0JYV05rbzdNWktCeWZSRnJMUUZ0a3cyM2tiVlBFa2VUSVpETWk4Y2ltV1NXRkFkYnVsSVJjUk4yZHoyTVJrZ25iRnlLMFpFa0JLcERBMVJ0UFg0VTdQZXJMMGwwJTJGTnNuNHZ6ZnElMkZaUnhuQ2hrYmdWb0NkS0FNSm9ZeDFzSjkyYXclM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=-XZ_5nxxdWVFRXJ5SjhFa0VTeWFlYmRUOFpXVDdEYjVzQjdpYW1lV1NlNFVqTVJKcmxsdmVSQ2RmYkZheWVJa0VjT3RUenpIMG1wTFVTMVIrcnVPQUlNeGoyVTdVSHJ3ZVdFSTBYdEhML0FLWEIrYUM1UGtXRHV3UVpJVnpFU3BiQ3F3L2lVVklYRUNZUjYreUdZNUp3bFJzSEs3QU9Xc084ZzRFLzhvaWtLTjgxVG1mZU4yY01YeFBMd0lkQ2xrN3FCaU9oKzFKRGN1eVNUTTMrQVY4bC9qVFlXQlZjVlNQbkFuaXp4eW1zY1FxSUdORkcrL0hqbk1DeFNvKzRJb0s5bklmaXNBOGVLd2dvVDNIZFJ6aFQ2Zmw2YlQvMnhFeXFqZmtNTHg5S0JQMGIyRT18&cppv=2

Request Chain 1624

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=26bc8b51-5cd4-41ad-ba2d-671531c2d5ff&gdpr=&gdpr_consent=&us_privacy=

Request Chain 1625

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=1ogcql9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0JYV05rbzdNWktCeWZSRnJMUUZ0a3cyM2tiVlBFa2VUSVpETWk4Y2ltV1NXRkFkYnVsSVJjUk4yZHoyTVJrZ25iRnlLMFpFa0JLcERBMVJ0UFg0VTdQZXJMMGwwJTJGTnNuNHZ6ZnElMkZaUnhuQ2hrYmdWb0NkS0FNSm9ZeDFzSjkyYXclM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=x8oHaHxGQmQ3N3VxQjBwKzFuTEVrYVZsR1Jwek0rQUNJdlJvUHQ5QU5lbWhUVXdFWnc4RmhuVTBSYVJjTXBVOFNzdnBwUXdrTTRCZHB6MHBoWnY1Z1JFYkdVeUovRFlIRjRsTnlWeTRoMHNBSWhlbTFzSlUxd25XRWZOUUNGeTgrZ1RSemROZ0wxR2EzeXVrbnhVMitqditkKzdIb2FWVElEVWl0WlNURm92cEZtbUpWaGNqNGlwc2thZDhQZjEyTWtHQjBhdWZRWHd6RVduWU1uUXhOTWMwRkpTNmhhTWJGdnhsdGszSkNlZ2JTeHdWN2ZqQW9GYlNvTWtySm5CTnFxT3ovcjZBOHBmTzhCVmc0K3FPYklENWxFRGlHd2NETVpuVk5VUitOTUtJclArcz18&cppv=2

Request Chain 1626

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=1ogcql9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0JYV05rbzdNWktCeWZSRnJMUUZ0a3cyM2tiVlBFa2VUSVpETWk4Y2ltV1NXRkFkYnVsSVJjUk4yZHoyTVJrZ25iRnlLMFpFa0JLcERBMVJ0UFg0VTdQZXJMMGwwJTJGTnNuNHZ6ZnElMkZaUnhuQ2hrYmdWb0NkS0FNSm9ZeDFzSjkyYXclM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=wHfOn3xubEJweUg4YzBVNnV0TjBXMnhPUkdhUHVLTTgrVkhFaCtKem5PdkE4K0szK3ZudzdFZ0Z3Z2JUejRiVUl2cnF5QmlBUnNjNWFMT1IvTDAwMDdSQnVTYU1PV1hUZnlwNnRFNElQUlE2SjRkNFI3cmxLQWRZaWZRRUdscE43a3V0a2dER3A4b0dLbWRiS2h6RDh1bFBFWXRKanB6ejV0VmN4MU9kdWd1dFJPY3c1VnhBdENjUGgxWXRLTFZNbGpTRjRONW5sTE91SkcwVGp3VUZ4ZmtwYzBiK1h5TDVZK2R6U1dUZDZMcEFGVjhaVXYrczVTamkydGo1RC8zN3RaV0wzV0thb0V1SE05aWJ4bGs2cjl3c3huenUxNnpnWUR2SlFsR1ZkcGcrWmhuOD18&cppv=2

Request Chain 1627

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=1ogcql9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0JYV05rbzdNWktCeWZSRnJMUUZ0a3cyM2tiVlBFa2VUSVpETWk4Y2ltV1NXRkFkYnVsSVJjUk4yZHoyTVJrZ25iRnlLMFpFa0JLcERBMVJ0UFg0VTdQZXJMMGwwJTJGTnNuNHZ6ZnElMkZaUnhuQ2hrYmdWb0NkS0FNSm9ZeDFzSjkyYXclM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=tZ5kcXwvcThEM3UzaVlvL1EzdG9ESUd5QWk3NFh3elRYK051Q3pLZ29zOVdCZXRPZ0VWN2lqaHkrb0VZWnp1bGJMYjRQendpNm9YUk9VS214YjMwQWhqUTRuR1UyOHo0Si94OXd3c1RseGFQaGVBbGdHQzA5UEpaUWNaelRNcGpaajkxanpWV215WGdxK0pYQ1JyKzlwZWpJMy8zcHladTc0R2dNajF4Wkh5RFB0d2daLy9LK0JDTXorZWQxbEE1TEY5Y3Y0Y2NuQUlLenpDZW9Ka21ETkJKZys5S09CZmJnYityY2xTandUSldJdEZqditDOVdaWHFhZFdLUmJGMWFTMGJNSG14YU9nS1ZicURtZFJiazlOSDlSVHBMaXZHYVlTaFNwcFZvSTN4MmlwMD18&cppv=2

Request Chain 1693

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=9LlwKl9mQ0FEYk1GJTJCV21qRlpMdHBUZFRPa2FLZGtPQzBhMkVjcWRGWFlMQ2NoSnR6RkRaekNLR21RbjVpa3NXa1NPVDB4UjBOU0JwVXBJWExObGFpZFAyODI5aCUyRjYlMkYlMkJ0a1hUJTJCeUxxMEFpY2FNeW03NEg4Sm9CWHAwQ1Zra1Q4VERKT0N4Q3lUeU15UUZUQ0JLNlR2U1h4UnpRJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=vcXtyHxkVkp0U3kzL0VFVER0cmJ3SnNldzNBS0xDWXVqY2hXS0l4aTU0V0NqVE02TVh3U0lxcU9aMjFpVktBbmgrU011VzkxWExIN0hSRkRzbGoySHRrYzhDcURzaTdialpqVk56em9QQnpDM29VT1hqWHhDUGRQK0MvOGxyVzBodDFUZFVCSmdEZWRoVGR3RTBlODM0VHF0dDJXZlZvYUtSclZHQ3FpVFhUYVloNXVMQ0lXcVpSK01zVXBwK01XUFpZMDJYc09zMmVSRnZXb0NVT08zdWVxOWZ5bVhDZ3BnWXF2WExmcFQ0bXZSK1ZOY0RWdlpsMXc0NXJ0UHFibTRSMG44eDk0QUVDZXBuZTNDSkZwV3J2cjExL0hPeEcxN0lFb0JHbno4Z1laK1B4WT18&cppv=2

Request Chain 1703

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=9LlwKl9mQ0FEYk1GJTJCV21qRlpMdHBUZFRPa2FLZGtPQzBhMkVjcWRGWFlMQ2NoSnR6RkRaekNLR21RbjVpa3NXa1NPVDB4UjBOU0JwVXBJWExObGFpZFAyODI5aCUyRjYlMkYlMkJ0a1hUJTJCeUxxMEFpY2FNeW03NEg4Sm9CWHAwQ1Zra1Q4VERKT0N4Q3lUeU15UUZUQ0JLNlR2U1h4UnpRJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=E8qziHxlbklkNzN1UXpJWEFORC93N1JQaUpnbG45UEpqb2t3bkVFREVFWmRIdElNbGx6WEJmRkpSZ1l5Ulo1amlCK2xCZ2JrK3Q1L05PVTRyMW1reWNwTlFwR2lWNFMzOEg0YjVTeUpndlMvTENvSkpKK0FYOU04Q1dBTTRGakpJWUh2WHgvOTIwNHdTbisxUHAzMFAvUFNuNThzUXB3aVhFdkkycXMwTU84UDl0NktSUDlpMCtHM0cxeTEvbWtkSVpNU29Xb3JES0VaUXdnVTdjaWhTUEkyTFp4VXhZWmNqOHdNMDNpUi81YjVJYzlzSW10eVliU2J0WEVjVEc4VFNNenVHSmQ3SGdRdGt0NXFqK0t2RzJoSTBOd0RCUlNleGUyY2hUWjBkcml2L3BnQT18&cppv=2

Request Chain 1704

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=9LlwKl9mQ0FEYk1GJTJCV21qRlpMdHBUZFRPa2FLZGtPQzBhMkVjcWRGWFlMQ2NoSnR6RkRaekNLR21RbjVpa3NXa1NPVDB4UjBOU0JwVXBJWExObGFpZFAyODI5aCUyRjYlMkYlMkJ0a1hUJTJCeUxxMEFpY2FNeW03NEg4Sm9CWHAwQ1Zra1Q4VERKT0N4Q3lUeU15UUZUQ0JLNlR2U1h4UnpRJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=kG_gjHxiZmducjI1MS9WR0Y2R3VRZ3AvTkpKaEhFWHE0TXpyNjVNVU94dVNkTnk4V3d1dFFJT3RvcWl5OW5mSHZSVUJPWC94YXV6MVNqUkREeW5TeXBrWE5IREF1ZjVLU2xJMzdqWjh6WitwTk4yR3dZeGxsZ0VtdE9jbWJzdzhzYkIxaHZXT2d0dXVCdkJsM0NVTXhSRC9KMVJ0SkZnbGEwQmlYbXNkVzZnUWpLSXZzY0dwc2ZFSUNUTU1xSE00L2lPWVJzVkdqMTYwaHB1NnBGdU9GdGdFVnluN3Rxa1JlR25YZHF4V2tod0wyNU8wZnVFaTFVOUQvanc2dVhuUnM5bGhIclhJaHZwUVFYNzI0U3RZSVB2TzJwQjVoa01LOEVmZGk5bVRqRVJLZkduYz18&cppv=2

Request Chain 1713

https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=themediagrid&gdpr=&gdpr_consent=&us_privacy= HTTP 303
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=themediagrid&gdpr=&gdpr_consent=&us_privacy=&_bee_ppp=1 HTTP 303
https://x.bidswitch.net/sync?dsp_id=269&expires=5&user_id=AAB6YE7HL64AACCkCfh0iA&ssp=themediagrid

Request Chain 1715

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=9LlwKl9mQ0FEYk1GJTJCV21qRlpMdHBUZFRPa2FLZGtPQzBhMkVjcWRGWFlMQ2NoSnR6RkRaekNLR21RbjVpa3NXa1NPVDB4UjBOU0JwVXBJWExObGFpZFAyODI5aCUyRjYlMkYlMkJ0a1hUJTJCeUxxMEFpY2FNeW03NEg4Sm9CWHAwQ1Zra1Q4VERKT0N4Q3lUeU15UUZUQ0JLNlR2U1h4UnpRJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=5uMrgHx6dS9QeGlBR1VyWFB0eEF3enRBajFabEFncVJTRnJVYUMyOStGT09WRTVvU2R6M0g0dUpSWTBNcjJreVlwNlBFcGVqbm1sN1BUV2hPUmdYMm5HMkpkZmp0UGE2b0RyZU05azVJRXRkNXkwMFhJL2lkcEdaa0dla250MDQ5TDc4ZjdFUXdMeFkyajA2NTF1cjBuVGNFMTVzclBEaGc1NlhRTFB4YithRVpCcXJmWlA3cFZpNUNWaDkxSDJ4MW8xbTNaUDRiUHJnVWQvY2twYjBmS3VpaXRTRnhOek82dFltdUFtcXpGMzBFNXdjTUNaTEsyMUlNSWJ5UFdsTmYxV0VLbzlsN2l5a2RGWkE0WDdicjduQVdWcFBIbEF5cy9HTFo2NEZyUFdESEMxZz18&cppv=2

Request Chain 1718

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=lfUOWl9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0E1NiUyRlpUYmNpOWVUMWRHb28lMkZoMk9DZER6SGF5dUFiYWV2Z0JvY3RoYnhpc2FIVjRmbXc2NUJGamtHaml3Vzg3YiUyQlQ0M0x6czdUZVB1c25kb0NVeGpMMVBLa1AwMlFqaEtleTBEaVJUYjNwakFHM3BqWVNYU0pNdzhjMiUyRiUyRm1oblElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=xVe6jnx3WUZJQ0V4eDhKUWJybEh5L1BneU41VmJCNXk5c2ZyaUFQdDdXMEdheFd6OTRrVG5SY2hWeXVmRjBkTUZYS0ZNRlRkc1pzL2hYSDkwS3hoL0wyZHVMQStBZU1VUVJGSDVWSzl2TitkKzYrYmRTbHlWMnBxUzdxTEZEd1lXc2dBS2xGQjhqWWpEL1hXbTE1QUF0WWFYa292U1ZKYnpDYnJFcnYrS25ZSGluTEhwaHJ2bEFvMXpZOWNBTVA1bDdFQmNWQjQ5QUxSbDNueTlzZW1GWDlLSUZmQy81YlZyR3ZnbWNLUlpPb3hFb0tRY29DMVFHV3oyWU4vQktGdEs3YWJFbGo1VnRPRVZQWTZaeGh0ZUVqR0FPMG9CeFl3S0ZrUVFucUpNSTcyRDJOaz18&cppv=2

Request Chain 1728

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=gs65ll9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0JVNXglMkI2aWtpWm51SGxtb3RueGpoUGxyUno4T3JIN3BEejh2ZHJuZmx6ZWozZlU2dW9KUEZJN2Z4TmR1bTM1V0lEemE2a25rWHdRcWpYSmw2UXNtRzE3bmQ5NGZlM2d0Y3lPJTJCUXJNS3BVbkJtd3lGJTJCdldZUU5saDZmTEZtSkswZyUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=uk9GEXxjY1QxN0w2V0dkMmNneFF0S2ZYVjQwSkJVbnN2T2x2RkRnOU1rcWVEV3l6bEFyRGJWOTdJZGFDRkJnK1lOcUVtM1YwN1MwY25mYTNoTEliSWwzb05lN3I2Vi9tTFZMVm5NYzdFTmNyQTZmQ3ZjV21MbUlSazZHRUE3cnFVVHhPN1E4dDR1cHNGMUNOUWNxTVc2WXhPOHhHOVZmVjJpRmhBSVp4Qmxma1c1V2NnWmRpemg1SXdGZ3pJeUFXSS9DL0w2cnJNbGZnNEJ2alQ3dk5KQXUxUDJXb2NGblRhOHFTVVpmWTVHV3JmNkZVL3pEWHZSUmJhMHpGdWh2QzB6K1JVa0p3VEowQXp6SnFqR0RIN3dGV1JSd1UzcWR5VlhWTWl6VUlZUms5L0tWWT18&cppv=2

Request Chain 1729

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=m4pbSl9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0VjVnFtUU5FJTJCUjZuYlJqRHNubzRKNEVmNGdEdVYlMkZ0cWxmbmMxbCUyRmdzbVFpUjglMkJ0ZkJHRklnek1GYVVrak9TS0pka2NzNGNiYmU4RllKSXV3YmRpYVVvdFpRNlJmVzZmaDFaelhzWkxOczZDdlBaZTdRWHZJeDVuWks0N08lMkZzclElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Ds6yUHxkRDJtQmRwOHN4cXplWS9vcDI0TUhtMmd3NHliTUhhbENqL0hPa1l1YXRQYUV6ZXhMOEZqb3dVYXpPWWhyY3d0UU5OSUJWY2U5ak5vU0dwdEhUQlh6V1Yvb21jSkx5TmdOeFdLcS82Vk9Tb2FSTnhvaTRLSHJyTTBPMkdmYUhMNXdrQ3Zuem04ZHBzbDVjbnZWc1R3NS83aDVtS3UxU2dUUVd1aWEydVlQR3d6bER1c0NXZUtQT0t1bW8xUVZyQThsMTlEU1hjSmlhWjBMb1J5aVNuS1BVekIwcWVJekdCK2MvZFJnRXpJNkFoV0lsSmxZbjZqMXhjckc3R2tQYjZieEpFWDdGM2lNeVZNVW9KTGNUREI2dno0ekZMM1hORmxhTDY2NnkwNTBZRT18&cppv=2

Request Chain 1731

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0UlMwWjQlMkZuVllJb3MlMkY4eHlhT21hbFklMkJXRjE1JTJGTEU3V0FnRGd0R1FtbDgwMmwyemFzZG9DeW14OEhVbG1PNlVuUEFaZnFXV296NHpUZWZXdGxNSCUyRnFnRHcyNFV1VGplQlBBWjFKMVElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=QtK8yXxaTkY5UzFNTDJyb3o0QUJIa0VaeHdTam5lWkdNQmp5Q2JxSDlJNE4xOVJzbHBKWFo0TVdpWU0rUkl4cllCUnRieFBRK0JXckJ5RjFoc2x4U1doSzdXYURINGVDbGE3K2ZGdURWRXdkU1FCOThjL2crdzRmc2doTXJVdlVTT2llMm81Wnp1S1BjclN3V3I1ZW94Wml1OVRxL3p4WWtYNlhuWXJOdkY2M2I3dDJlS0c5aTVOdDlrYy9NMmxRWDU2R0Q2cG0vV2txTEQwYlI2cU16L042ZGVSTlVJaUNFck04Y3M1SHhEeVRoeWpLc0lFTGtMTmJtSEFORnNRVjhsMi9MTTl3NUF6ZWxLb1lFbHcrdWJ4VzlQUDlFZ0dCR1ljS21ra3F0Vkc5REgxMD18&cppv=2

Request Chain 1735

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0UlMwWjQlMkZuVllJb3MlMkY4eHlhT21hbFklMkJXRjE1JTJGTEU3V0FnRGd0R1FtbDgwMmwyemFzZG9DeW14OEhVbG1PNlVuUEFaZnFXV296NHpUZWZXdGxNSCUyRnFnRHcyNFV1VGplQlBBWjFKMVElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=jMDn0nxOTjNqSlIxR0krNUVGRk0vRytUdEx1L0dMUWVmMVd6Z2ZPemRtb1krTzBxMjIzNFZNV2d3blNrTUJyR055aHorL3l1RjRsTCt3K2llWVIzNGNvQ0g5Y245ZUQrT0llREZBeW5CK0JJMHMzT1Fid1QyS0RlbWllekkvUitoSkJlNFJOYTNBSmZudTR6dm52RWFjalBMUzNlNmZ1SFdWS2EyWDJlQkFNU1ptU3BuM0JFdDF0NC9ldDMwK1JmSUR1R2lHL1dYTWQxZmt1d3g4NDZKZlFTOE9aM2lvaDY1cUNleHVLaFJHd0tsS3Rjelg0WWp0TVFTYU5KTndLeE9QTVorTHoyMStReFloQzcyM0czdm1LYXN0MG5HR1JKL3h5UXlXNHlxZ3YvenlPZz18&cppv=2

Request Chain 1746

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 1747

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0UlMwWjQlMkZuVllJb3MlMkY4eHlhT21hbFklMkJXRjE1JTJGTEU3V0FnRGd0R1FtbDgwMmwyemFzZG9DeW14OEhVbG1PNlVuUEFaZnFXV296NHpUZWZXdGxNSCUyRnFnRHcyNFV1VGplQlBBWjFKMVElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=1RvRHnwwL3FVb3Y2NDdiNEhBNzFGdUppdytma1VRei9qOWFIaWY2cmVqTm1aU3BLVDVGTEhhbWl3RUsyNm9PYXFrUDMvOEJFbXNBdEtwd1doYlBVd3dUQ3NuSS81WElLZkZKaWtpTjJObE1qcGg2cnRneFhzN1R2TXdwQTVLcUp6aFp1UFQyemZrbGVKaUVjaG5NMlg0bGw0a2M4QjB3VWU5ZkdsNjVaR0Y3WXRiU2lMdW9FbHgwelJKU0Z6Nk1hZElJWHZWNklNLysvMW1ZTFNjQURqaU9FaWJLOFE4aHJyd0lXWVJJdHptWHJyajc5Ykx0Q2pkVnFlTDg5WHBSWW5tN3dwM3hlRzZ5Ykk2TWJ2anQwenFXS0E2ckZVejJOSTlJWC9KcCs4bGgydFp1az18&cppv=2

Request Chain 1748

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0UlMwWjQlMkZuVllJb3MlMkY4eHlhT21hbFklMkJXRjE1JTJGTEU3V0FnRGd0R1FtbDgwMmwyemFzZG9DeW14OEhVbG1PNlVuUEFaZnFXV296NHpUZWZXdGxNSCUyRnFnRHcyNFV1VGplQlBBWjFKMVElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=wtZnYHxtaG5wNzhKK21PVVA4RUczNEo4UlAwb28vekxXYURwSFEzTkFzTzJNU05nNUtid3diQ1ArMVNvVmNzSGJtcTA0VXpRYkVEaHJSYWlrU2h6cGR4MFJTemhmWm53TW1HTVdoYzFLMVBjSDlvWnRZTFNDV3RDbmlKaU5CS1VzYmpBNDYyNWtlR01Dbm5GY3VTTUowVEZwUTlGTDNoVGt4N2VlR1NteFVtVm82bXlLWHh4cVVPR0FvQng4MEpWd2d0VjNDbkZlSnIxTTQvY1VESzJQTTBDNzJOOFZhckU5d3NZWWM4SEFiUHBGVTRmNW1uK0xiWEZleUF2emt3QVY4c1hIL0M3TFZGVFBUbHRZTUhKZnZzWWN4U2VRYjRFcjFnODY1LzZFYUVxbWdGMD18&cppv=2

Request Chain 1749

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0UlMwWjQlMkZuVllJb3MlMkY4eHlhT21hbFklMkJXRjE1JTJGTEU3V0FnRGd0R1FtbDgwMmwyemFzZG9DeW14OEhVbG1PNlVuUEFaZnFXV296NHpUZWZXdGxNSCUyRnFnRHcyNFV1VGplQlBBWjFKMVElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=j6a5qXxEUkI0U0xmc2ZJeW1SZ09MbXlCNzFmRjlPbHZlbTVNMXJuSkxoNllxZ2Rnd3llOVFZYWVjVFlJdTNLRkFYanBhQWpzdGM3emhoTGFxTzl2bnFhZHErYzNnQ2V0NG9vMG80ODZIeldwVzRPSTBxYllkeUhuOXYzdlJTVUFKS0hoL1g0dXgzd0JwV3ppRENVVFJiNFp6alhrQVpiM3NQRjAwRU1qTDVYaTNxdnBCMGZ1TTh4cTNmR2pDQVNxNEF5RnFkVFFFODl6M0lJT0N6TGt0T3doUmROQ21sMFhyZGYyVjlJK3g3ZnB2SUdjeW9wS2pIa2w4Ykp1YVBhQXpZYUNCNGoyWHpkSHNxVmR2VUVGVW9GQk9GRzI1bERRVTJ0ZGNRTkNRVWhta2ZTTT18&cppv=2

Request Chain 1750

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0UlMwWjQlMkZuVllJb3MlMkY4eHlhT21hbFklMkJXRjE1JTJGTEU3V0FnRGd0R1FtbDgwMmwyemFzZG9DeW14OEhVbG1PNlVuUEFaZnFXV296NHpUZWZXdGxNSCUyRnFnRHcyNFV1VGplQlBBWjFKMVElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=AH-ot3xXNHBiWm44dnlxeTN0a01sYUJlTlVjWU83eG9FKzZhWUlJbW5neURsZlZBdVRFNFlDaUg1dkREeUNpeExBaXp2cDlrbTd6K2Z1Y3FReXRXWkdlMlJiNFhoVkgzMkJtV3ZycFFPN00yckc4bDdpQnZXbmhBRHZEN0taL1dQQ3UxM3h4dU9wK1IxdGtBRTVuVThwVWk0T2krYkg0UjFhRTdMSkNGQ21LemJzTlpzS25vMTRaSERwUE5wODNLU0JZR1pHcExPN0kyeE1GTkNMZmE0YVlFTVdsOFJQWks1OGllSXhGWTNtb2NKTWNlVjJEUldqQVprVFhPNWxOTFlMMXl1UjlZVnNhcjlqSUxZS2NuUURIMUVMOVVtYXF2ZkVBM0dYaEdrOVpldFM5Zz18&cppv=2

Request Chain 1753

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0UlMwWjQlMkZuVllJb3MlMkY4eHlhT21hbFklMkJXRjE1JTJGTEU3V0FnRGd0R1FtbDgwMmwyemFzZG9DeW14OEhVbG1PNlVuUEFaZnFXV296NHpUZWZXdGxNSCUyRnFnRHcyNFV1VGplQlBBWjFKMVElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=k4WqBnxIaytxY3lHVnp1d3FDNTlnK3BTN2tjelpCZHpzcW4xMTROOEhEN1d6dEpkeDJxMEhqSG5sRjdXRG1SR2JlQUo1aThDYXN1OFZCSWZ5UXd1WEFYemJXbU55Zk1FcndYUUJZbGcvaUFUUGVWaWRHaGJtalduNjhoeUZpT0FzTGJZcUozNDdTa0ZxRmp5dndYdzRraXYzaHlsUktOQWlJZ3Z5MkloUWlyUkM3cjVCQ3JhQUJPQW9Vc1FKNHNJRWN2R1FNSE1HdGpiS0V1TGxKMFFxRHdYNVc3WE1hS0VYUmluVVFxaVFtRHV4cFlxNjdQbVhLdzZxNHM0N2gvVE1GSzNETHg2bkZOVnJ6cG1DdHVBbXV0eHZNN0hLWHI0c0g2a2pDaXUzWENnYU5Saz18&cppv=2

Request Chain 1755

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0UlMwWjQlMkZuVllJb3MlMkY4eHlhT21hbFklMkJXRjE1JTJGTEU3V0FnRGd0R1FtbDgwMmwyemFzZG9DeW14OEhVbG1PNlVuUEFaZnFXV296NHpUZWZXdGxNSCUyRnFnRHcyNFV1VGplQlBBWjFKMVElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=GpsR0nxUcHFZTjdWMW5xblR5Y2tXMExtaEFhYmI1V0NvV0p1V3dLQWxocGphVHRoakZrbGdGVDRKQTZ5S3FqbmtoR0tsK2lxUDIraENxYzNVVGZKenNjV2JCVkQrRlM4bEZFS2NtSnlMd0IveGlPWHdaaFBYVHlYR0FuOEN0cXFyNGFMTHZRTkl6VXhiVUMvWTk5S0hPSThWZW9Mb2tXKzR4VjlvSWU4cFhveU91dW9Ib0ovZXdGL0lHZ1ZhWnRBYmgzZVlrUFIvRldCT1E5eUJQRkd6WGRPTFBXdHFVZHd0WUZKdjM3Szdaa3dUZzBUZUp3RUxXVFQ4L1pxd1FiT0NReGlOZU5BK1JNSE8rdm1ua0k0a0IrOERTZithWTdpVnZvWFpJTDFLUnJlSjFCaz18&cppv=2

Request Chain 1756

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0UlMwWjQlMkZuVllJb3MlMkY4eHlhT21hbFklMkJXRjE1JTJGTEU3V0FnRGd0R1FtbDgwMmwyemFzZG9DeW14OEhVbG1PNlVuUEFaZnFXV296NHpUZWZXdGxNSCUyRnFnRHcyNFV1VGplQlBBWjFKMVElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ba6manxRS2tpQ1pxR2R2dXNQTUFKc2dUeTFKdllPVjFHbWZEN1ZCL2doemphZjdWWUVmOUk2bXpWd2NaNFo2SmRDWHpCSy9FVGdvcWtqL1NjM1lJZHZXQ0dRTmY1Q2F6Ums5M1k4VVJSMTZ1UE5FYUYreEdXdHlKMnRDVWd6LzdCdks1dEE0cUsvL0lTVXVyS1ZtdVQ2MWRRTTYrL3RVc3kzcitQRm0rOFp6UTZVMXBoRGs3QjJsTVJLUk0rd3FmbHNRVkdJL0JXVnh0ZXlZOGM2QlZ1K0JpOG8zVW4vYkh2LzM3OTR3cjQzV21Fa05mU1RMR0szL2RrK2VGNjVxNjJlTnJ3RUpVQzJUazlVT0YwdlFnckRCTUFLNEhPaDliQjdBWks1aXpSQ0RJUFFPMD18&cppv=2

Request Chain 1758

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0UlMwWjQlMkZuVllJb3MlMkY4eHlhT21hbFklMkJXRjE1JTJGTEU3V0FnRGd0R1FtbDgwMmwyemFzZG9DeW14OEhVbG1PNlVuUEFaZnFXV296NHpUZWZXdGxNSCUyRnFnRHcyNFV1VGplQlBBWjFKMVElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=pu7gqXxyV0prOXlha0l4L3JJMXUyQ0V3WkxDRTlzd2RsUzZxcXpJcXY3M0ExRFNVMzhCaXVMNThWNmQxNlErQjF1WkxVdnhVM0NnOFV2SElSelp1Qjg4NUoxV0RxaHZGRmdwRVkyejUrZWN0ajVXRzBVb2lDeWVCdVprZUtqbGZBeHpVcDYyKzZpSFR4TG1tTGo2NElRNjJpZzRBZ0V1S1NxWHNwTCs1eHlFZWZMZnVVUWJEZ2lHMml1cWdtN2grN1Irei96TXJNOEhDWURFT2dxeDNNc3d2QWpQK1RJb0RoL3Qrei9ndjczbmVhL2lhTkc4cXJTQmFTQWx3eE4zTmhQSkMwaDhCOWVvQWdkVlZVSWVQS1JjNFNHaEI2NHhPZ3B2NXJWMEpxYjhsYnY0ST18&cppv=2

Request Chain 1759

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0UlMwWjQlMkZuVllJb3MlMkY4eHlhT21hbFklMkJXRjE1JTJGTEU3V0FnRGd0R1FtbDgwMmwyemFzZG9DeW14OEhVbG1PNlVuUEFaZnFXV296NHpUZWZXdGxNSCUyRnFnRHcyNFV1VGplQlBBWjFKMVElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=sB-Tt3xNem5OUmhWNU5PazlwZW1xaTJ4V1RaSklsRm13OXRmdmlubjBpM1ZYOTZ2VjVOS1JNanpmdnF2YnFCK2pzOXdVU2QwN3NGSTF4Q1NLd1ZqV1BINkc0R295ZnBOVzlvWjBkc1daWWFUU1Y1MlZ5d2E3M21kbmNOVEJvTVNBcDlEQnppQW5kdEJXWE1qNW1yWHFxdmFlWWZleWZaWjhEckg3RHI0bkFhYi9Ld3BFMnF1QVJ0ZkpyNTJna3JMN00rYU1SOWJES3R5SERYUVd0eXlIYlhTb2xWRFRvZlErTjJxRkV2d2F6bFBabHZwSHpvdHJ4WVdWMzRHZkFIRHVNUml5NWF1eFBNZkVCVnpJQUF2YWFYT296ZjNwQzdyK2ZsUjhRcG15b004MzhCUT18&cppv=2

Request Chain 1760

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0UlMwWjQlMkZuVllJb3MlMkY4eHlhT21hbFklMkJXRjE1JTJGTEU3V0FnRGd0R1FtbDgwMmwyemFzZG9DeW14OEhVbG1PNlVuUEFaZnFXV296NHpUZWZXdGxNSCUyRnFnRHcyNFV1VGplQlBBWjFKMVElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=1V6_uXxGRmtmbWVyN3c4YTVOazBpUmtJNXFEWlRlOVcrSkFEM0ZSMjRFbVhMMUhvQ2FIZ3JScWsrNnNoT053RHZUOGtaM1pDOGpEMDlvaEd1b0VuTTVzSnVmeUZiNlRPUG9UeHNLeFRjT0xhUmc2bjVtU0NjUkpZaGl3UGNGaVROdnlsNzVOUlFDZkoxMkFYZExUWVBKSHhiZSsvcm50ZWhyTGxNZzhZLzRuenFYWUNxanlMWmY5QWdMcmJnUktzbFRWVWlrWldCMEd5TDZMYzJqS2d6WWVpUDUrVXUxWDh5WjRyNWtpWWVrSDhsZlpscFkxcWRaOHRuZzU4dnFiRFhkaXZMMlB3eC9Zb3BlUW9mNFNMWkUrdklWKzRodXN2NDgvcEtBWG92cmp5RVRZcz18&cppv=2

Request Chain 1761

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5fXA4Ycaq61IQ4SLlsT7QAABI0AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDOa_FvZ3qI6Obxzac_ebqE&google_cver=1

Request Chain 1764

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5fXA4Ycaq61IQ4SLlsT7QAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKGZK1aHOZjSicjS7ikyGqQ&google_cver=1

Request Chain 1765

https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8059699510355671993&expiration=1672104964

Request Chain 1766

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=5B1C36C64D1F4B9683777DBDC544E630

Request Chain 1767

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=3b227e51-1ff8-4589-a9d6-65a457c0b188

Request Chain 1786

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=214d1d33-2082-45c3-a55b-0a34460818d7

Request Chain 1794

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=VVm7m19mQ0FEYk1GJTJCV21qRlpMdHBUZFRPa1M5NXYlMkJCcW1Ha2dkOGxtS0huYVhJQlpTaWR4ZCUyQjdYUW9WbnZFUWdoZHR2RlEyeUpjcXFjSGN3MjZvOFRnaHlGZnBjTHFzVW01VkdkJTJCeWZCY1Bha2k1Yk5ORWtWb2ZtYUFGcVB1TjJHM3Q0R3dHTTVCaFVLJTJCRGFGaHUlMkJYbUt6MGclM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=_QeKXnxOZEJkRml1dHNBRS9Iai9iQmx4NWoxYUZVcE1aR2FqL01wUVM0a0RpU2xBU0krZmczZ0Q2ZU0yNDlDWkZGaUt6ekUxanJPNUFuZHBGbmc0MGxmVlJ1QjQzeTNyM0w4SEIwYTc0QmI4WUZsQ0k4VVF1NzhsQ3NUcE4zdW1GWkwxdngvKzZlR1pDZ2EzRmpDUjJnbFIrb0doWTZxNmRxTS9IZ2YvYWc3TWhINDFLVFdReElpZW0zeXN0dGRvTzU5ZUFSNFdxWFlOV1VKSVZWMko0V0lFMjNFM2VjS3JqdXpycEdpMjlZcDc3Z3R4NWRxU2xKUFZtSzVEeFhKakRKRUFnVno1Q1g4S2dYQW4vamp4Q09KZVlLaENlK3VNMis4RmdEZ1lYRFBxVDhNbz18&cppv=2

Request Chain 1798

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=VVm7m19mQ0FEYk1GJTJCV21qRlpMdHBUZFRPa1M5NXYlMkJCcW1Ha2dkOGxtS0huYVhJQlpTaWR4ZCUyQjdYUW9WbnZFUWdoZHR2RlEyeUpjcXFjSGN3MjZvOFRnaHlGZnBjTHFzVW01VkdkJTJCeWZCY1Bha2k1Yk5ORWtWb2ZtYUFGcVB1TjJHM3Q0R3dHTTVCaFVLJTJCRGFGaHUlMkJYbUt6MGclM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=EbkfJXxJbStaaG1ZYk45OFJNTkUvdTRIYlh2WUlUWVduYUFJSXJwQTRtSVpoQVdvZ3lNUThDbm5kRTUxYU5WRnRIZS92UUtCUXJYa3VvSzNzaWJ0cVMrYTRQOG5LZ2VyaVlVaHdIbXdWT1ZmTEJrWm85ZlVSR3FnUG0xaHRseDNYZjFZNER5SWEzelEzQjJvQ0gveEpGVjVoTW9Cb0VwVGViV3pOOUlHVEkyZkxGeW94LzY1THZkR0tIU2lmVGR4Mm1PM2szSlhVOURNRDhhcGZsejRpQlBjazZrSkJSdWViSThuM1hFZmRNMnd6cWY3c0ZxeXQ2b0VTQ2E4K1pWT0ZrQ2JkVGl1a0ZhelNoN2lHdUd1VzN0Qjd0end1c3gwZjEvV1lxMFNNbjFIQnJJQT18&cppv=2

Request Chain 1799

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=-YMyn19mQ0FEYk1GJTJCV21qRlpMdHBUZFRPa1YxYjhkOWh4bUhmSFUyZkpkQ3kzZGFmYzdXTTclMkJFSkhZSXo2OVhzY1dKemhPc2pXOXFWVHpBbEhXJTJCVXRONE04cmFNMnhvJTJCWEU0R0NGZVd4aFJGY241bUZncjhLV0FjbzM2QnhpdlptZHJIa1JucUtwek5tOFZIVm4lMkJsYlJ1VW1RJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=o_hBF3xMdVRlbE5LakUxdWlqTzVHcGl6bnBzZUZOM2xnUDloa09TMkJKeFlDQ2llVWtJZlY5VWpFRXUrSUZMTnVwYis1Q1hFdE9paHJ5d0dyOXZvbWNBb1h0R0NYRkdvSEhaWGxpT3lERFI4R01mbkFuUU11V2FsMW9TRmlXdTNCRWY0dHQzc0lVMFROUGhMd3ptd25uOFJXNHd2T1hTY3ZPZENVdy92ejh6QW9VZXUydUV6VUprSjN2TW5qTmtXayttbVA2V1JUSkFXTU5TUzhuekx5MU1UZHgrVm9aVmRaaTNaOFNuQzVHckJwMVNjaUkxQ2ZmTGdnZEk5MFRKcUdUR2ZWNDNIMEFJcE5GOWdEVXJ6Y3dUSkxub1VBN2xiN2w0NDRCQ3RzN1NPMmUwbz18&cppv=2

Request Chain 1801

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=-YMyn19mQ0FEYk1GJTJCV21qRlpMdHBUZFRPa1YxYjhkOWh4bUhmSFUyZkpkQ3kzZGFmYzdXTTclMkJFSkhZSXo2OVhzY1dKemhPc2pXOXFWVHpBbEhXJTJCVXRONE04cmFNMnhvJTJCWEU0R0NGZVd4aFJGY241bUZncjhLV0FjbzM2QnhpdlptZHJIa1JucUtwek5tOFZIVm4lMkJsYlJ1VW1RJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=FGwauXw1eURZNkg3NEJJRkpzdTcwWSttQTRmSXNYOXMyYjBxSzc3UWpCOU9rUkcxeEpjTEdlVWs2bjUrOVFqcjBTbXBMRFl5Ly9SYmtFWE84c3hmd0I2UkpDYmttR1RUMGxZTFpSdS94emdFV2ZrWEptV25VbGh6YlJUNm55clAyN2tnYXZXaGlVS1QxNi9VOENyaUJLZzYvTjNnL204aENEbnphanVKeVhZMkpFV05ZdFRwY1pVSnlhYm1IVGZ2MVQyeUZiUUQwSHRJNFp4c3VVSlV1SVd4VE1YMy9lUFY3RTZRdTZYVE1XTHdRZzRMYm1nci9wYVpnazBudW1PdWovOUdBb1lPc2tPWFY3bEdBTjZSMG5HQmUxTjMyOWptQ1p3bG1raEtjZWs5RVpXYz18&cppv=2

Request Chain 1802

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=39PUOF9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV05kdUxuaXFTREU4emNNUTNjM3FzMDl6WE5qTUI5TUtSdWRlcDhYYjVXejQ4dUp0eVdWZEh3eFp2RWprRDRpWVBiMUFidG9RbG9xMmljM3ZidyUyRlR4RzlGb2xYJTJGOHg0aDdHTFNGd0UzTHNCdmVKaEhZdzNpOW01Uk85bklZVTdja0ElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=mcsbGnxDS1pqTTZIRzZHWUNPN2t0bERWeVVaN3N1c0VJVDUycDBFNVVpWDc2QW1OMlJyWmJSRGN1eXcrdVJ5WmJva2prQUxlVk44eGtpKzc5K1BrdHd6eTJiQzd3aDFSYnZRamtUcFRlMWZOUllmRGdCelllZ2FNQ2oxMmdheXhaU2FUb3F6OUp4Qk5sMy9KTmNFU1B2RzNIZmtuL0RYVFpJMi9oQjlEOWJmeis3a1I2UkMyVisxZmduTW80RDVxQTRTMlRmdG52ZExVWm0vMlVMN1hKbmF6dFpuVlBrQ1luVGJqNFNxWlc4eGJFU0JzVlZ3R0FEYW5GL1BzZkZnQm8rU2Fid2ZwM0piYnBTVDhNUHBnbmFlV1czNjBRbjUwOFNUZDB5NE1YTjJQOTNKVT18&cppv=2

Request Chain 1805

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=o9yosV9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV1BiZzlXUGlaT0QlMkJxRDglMkIlMkJPa3hQJTJGNUJDYWdjVUYlMkJLbzZXS2g0JTJGMG1TOGoycjU3UUc5OUVoTVA4TVBzTTh6dW1QUzR4RzdhbWxIZUxUemM5RnIxME1CWGxiTyUyRmFpR3U0b1U4V3A4NzFBenpvQ2wyJTJCSnZDdWxaS2s5d3diaFVzZ0ElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=fCHknXx1L09RT3FJd2xVK0tvOG0zblc1a3llRjBORzVkZUd2bGQzQ3VrSGxpaGxualBONHZaWDhJamszNzE2cG1kQytHSXpBOEJqR3hkTEVDeTU1Y3BEaGpKczVYQlBuYjdrS1lCajlKbU5wNmVlUVVSdzMrNjZZV01uVEliWWFrWERPb05YcVZSbmdFTy96bTF6ODVoMXdXOCtMZ1h0NEZSbTdFWFQ3bml2aDlBaVV4VjhBd1dINFFPWXNrTkh1NnpYcThjem9qQzVmY3oyZXRvRnFTYkllTEVWck1hV1Q0Y2VGOXhndWRMOHc0M2FNZXlMUTN5YmU5OTJqa3NoREd2QW56NGV5WTNHc3Nsd0psVHJ2azRraERnWnVTK0ZNU1ZxQldVUmxVTEYwNlN1cz18&cppv=2

Request Chain 1806

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=o9yosV9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV1BiZzlXUGlaT0QlMkJxRDglMkIlMkJPa3hQJTJGNUJDYWdjVUYlMkJLbzZXS2g0JTJGMG1TOGoycjU3UUc5OUVoTVA4TVBzTTh6dW1QUzR4RzdhbWxIZUxUemM5RnIxME1CWGxiTyUyRmFpR3U0b1U4V3A4NzFBenpvQ2wyJTJCSnZDdWxaS2s5d3diaFVzZ0ElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=o5whbnx1OEhZVHBFcXhKSHBtUjM4SlZ3L1VUc29SYmhiWXJPQ1dMdlpnay8xUjdGdXhXb0FZelNNaTlUclpkOEtiWUZYbG1zRm9JUE9nUG9qZDhrOWt0M1NkY1ZhU0xZZUJ0UXF3UUJFdVdnMjRhNFBESlpEdnh6cVFDSmI2WWxUUGNKeVhXQmFJQ2lRSzNNUzNUajFsbEpkNk1qMTB3a1QrWStudzNYZzYybkJhVFJnanNHMzJyaEJaNXJOTlVySjZJSnRJYWpMamp6MjVqS0lCZ3R2NVE2R0xNcE96UG91US9QZ0s3djhNSDE5K1gwc1E5WkNEK1FHd3dITlVhZkhicUNXRGtxOUtYb2pZQkYxQndqNVRqcmo0UkJ6dkh0dlEvRVBIalNHT3NLYVlpcz18&cppv=2

Request Chain 1807

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=o9yosV9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV1BiZzlXUGlaT0QlMkJxRDglMkIlMkJPa3hQJTJGNUJDYWdjVUYlMkJLbzZXS2g0JTJGMG1TOGoycjU3UUc5OUVoTVA4TVBzTTh6dW1QUzR4RzdhbWxIZUxUemM5RnIxME1CWGxiTyUyRmFpR3U0b1U4V3A4NzFBenpvQ2wyJTJCSnZDdWxaS2s5d3diaFVzZ0ElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=hkR1KnxqOU1pYTZ0NHRGN25KRlFtd1lXTjhpY2tZVmJKZEJNcEYrNWV2NVlJVTVpMk9DUkFKU09RWTB4SGpuMUZZMXJBM0dwSVBhQkhWeUZOMkVteHY3TFZNR1VLcWtIUVg4YkpGZUJRUkRVS0FDdk9BWDU3NklzTjNuaS9RU0k4UnVSMWk4VDB6L0dXVFBFTDRYWHNURnBNZm5rRXJCcEpOOEx5TnVrRzZER0hvVm94aytDNGJ6Kysza3pxMWJIYXRqcktmTVNsZHNBdE9UYWRlQXlsVU5UcjAyS214V2dvYzRYYWlBaTI5cDEzbTZaa1IwSG5RZE1TaGJKaE1qSVN3aW9xRUhTN1l0cHBXSHloMUdrWjliWWNpY1NDaXoyY3VuTVBNeVpoclR6QmVPVT18&cppv=2

Request Chain 1808

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=0000EEA

Request Chain 1809

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=o9yosV9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV1BiZzlXUGlaT0QlMkJxRDglMkIlMkJPa3hQJTJGNUJDYWdjVUYlMkJLbzZXS2g0JTJGMG1TOGoycjU3UUc5OUVoTVA4TVBzTTh6dW1QUzR4RzdhbWxIZUxUemM5RnIxME1CWGxiTyUyRmFpR3U0b1U4V3A4NzFBenpvQ2wyJTJCSnZDdWxaS2s5d3diaFVzZ0ElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=6JKnPHwxMUlBK2Q2a0NocmV6bkpCcnh2VmR2M0NaRitWTTFMa3Y5WnUrdkJDa3JlOGtydXZnaHBTcGwxZ3QrNWJhRHdqOVlPWXljZnZGQXF4QnltWVc4elRMNHZlSHdQL05ZVWxiWmVoaDdvOFBnRHJ1MjdmNHBJa3NiMWxCcmNsTDdvZkMzMEFQTmxvcmJZTkJpYlRUUlAzMWNVa0FYUTJ0QXgwYmx0Z2lpa1JBdm1vV3A2bmtMa3AvQUkzcTM3cG8rUEJ5N2JVaGRXdzJQU3greXd6QXJpdThteG1lVDNWQWYvMzd3QVIyMjBiRDRTUWhIUmkwYUdaNS9Sd0NhRXc3aHltQlR1T3prUlN1bmV4elBKNWV4ZTQ3VDBibEhVaFFTNG9xVlFkOHhBYTdMND18&cppv=2

Request Chain 1810

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=o9yosV9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV1BiZzlXUGlaT0QlMkJxRDglMkIlMkJPa3hQJTJGNUJDYWdjVUYlMkJLbzZXS2g0JTJGMG1TOGoycjU3UUc5OUVoTVA4TVBzTTh6dW1QUzR4RzdhbWxIZUxUemM5RnIxME1CWGxiTyUyRmFpR3U0b1U4V3A4NzFBenpvQ2wyJTJCSnZDdWxaS2s5d3diaFVzZ0ElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=hD8ydnxDRFRYVFo0RS82TU5ibGV4cEpTMnM4eERUU20wMlhwalgycXJuMnVmanEvZEpGdEtJNDFmV3lKempieTRYQU9XcGdxZFlGYkhGRVJXVDdTdXY0YkRLek5ySUdHUmdvaXBqcm43U3d2SXRXbjZBaTFLbVlJMmdlWGVDYlhGdnp4TkNjdnZqUlJpenJJRTd0aVdtcUpYanVKQmQ0UTdFTVFZa2lISUZSRGV3ZTU4YVlMaG8xYWJtSUd3WXhFL2tTNFI2UjAyZ2phcXY1UXpFdWVxSUtyRlJSS2s0T2JzZktuWklsZFVER3YrOVdtT3VJQy9vWjZidURSWEpEZkJxQXAwZHhXVUVEeGU2RldvL0VhbXBJUXZhb0FsYVdKNXJWYlhoL0l6bGp0dWxaVT18&cppv=2

Request Chain 1811

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=o9yosV9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV1BiZzlXUGlaT0QlMkJxRDglMkIlMkJPa3hQJTJGNUJDYWdjVUYlMkJLbzZXS2g0JTJGMG1TOGoycjU3UUc5OUVoTVA4TVBzTTh6dW1QUzR4RzdhbWxIZUxUemM5RnIxME1CWGxiTyUyRmFpR3U0b1U4V3A4NzFBenpvQ2wyJTJCSnZDdWxaS2s5d3diaFVzZ0ElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=qDQkjHxucXhQV2J0ZGFuMmM4UStWUG00a1BRSjR3eEZPRC9BUER1TXg5V1pIbkRHOFI0UXJrdnNFeFV2VDFUM21UcitCK3JyM1ZZY0E3eFFnRFFrODI0TGYyN0kzVVhwZ2FhaEIyNTU2NUovNldsTTg2d3IzVktFQ3B0Ty9pT3hCMlBIRnBSRFlwMzhoaW1QcUhwbzk1eE5OMC9zUVZ6eWpWSGNlelV6cElUSDlnemQ3aUtrRzdqaGlsS1NYSG9heWgxcmNkeG9JTitUcnZQeGV2SXFwcFJ2dWpnQ2ZTT2EyaEtZWXpTOG5OUlBzZTFZY1E4R1VqY2RKMFY1a1FaNlI0MkNFTExKcTkrdzJGSUttbWFsQ09IdldFZGY3bEJ2UXFCMnZxcnVEb1ZYa0pDbz18&cppv=2

Request Chain 1812

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=o9yosV9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV1BiZzlXUGlaT0QlMkJxRDglMkIlMkJPa3hQJTJGNUJDYWdjVUYlMkJLbzZXS2g0JTJGMG1TOGoycjU3UUc5OUVoTVA4TVBzTTh6dW1QUzR4RzdhbWxIZUxUemM5RnIxME1CWGxiTyUyRmFpR3U0b1U4V3A4NzFBenpvQ2wyJTJCSnZDdWxaS2s5d3diaFVzZ0ElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=eM7xgXwxSzhlVEtBNXVMSTFGbVVldHVtOXFieHdyMGVmWklRdVd1ZkVhaTFUd1JpN3dwTzgwVGRtZzh3QXpVVXBvZnZjaHREQUduOWJ2N25RRVFIR09rdi9XV1pmMXNUQWFDSVJwWUhPUnkxYll4akNVQ0hWR0tqNys4VHB4YjRMU0NCN2hTZnZMRDBKMGxQcTJmemZsMWZhNyt4cHEwYjZDTTMybUpWT25QaTNabVBjMEtYendxUU5BeCtJQXQ1bHp3bXlHOUFoQjdBMFAvSXNtUnFkVjlUT3JRdmw2ZTlXM3ZSb015SWFVRkloNXd2YWRTaDBMUVF3Z2hETGdVd2xtZ1kwelRHTWhZMVRNSHpnSmdnQmVweEJqUWJ6dkk1RCs3UnRrTHFZd25xUGJDVT18&cppv=2

Request Chain 1813

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=o9yosV9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV1BiZzlXUGlaT0QlMkJxRDglMkIlMkJPa3hQJTJGNUJDYWdjVUYlMkJLbzZXS2g0JTJGMG1TOGoycjU3UUc5OUVoTVA4TVBzTTh6dW1QUzR4RzdhbWxIZUxUemM5RnIxME1CWGxiTyUyRmFpR3U0b1U4V3A4NzFBenpvQ2wyJTJCSnZDdWxaS2s5d3diaFVzZ0ElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=w4Zw_3x3Nm40YnhhR3BGMDh5NkFjWXEzQXVQbEVUZys4WCtYd3ZJZEc1b041Q3pZVU8vbEorRWFrS0tCSEFqUzNtK0V0VWRxSXdLeERWWUc5akwzNDhPSVB3SEk0VkxUUmR6UzM2bmk4ZnczM1BBRktaT0pWS0w3RkJmT3ZCT2w0NXdsZmR6QWZDVndwR0ZzTzhZNnRMa1hiOW95TDFEOERhNUdkc2ZmNmJIcVgrT1V5aVdSTmZhNExiNFRQdTc3amtCUXBVMzNjYVNrVHdmeVpCc1FOSXFxa2hDbUVtNk5GdWcwbGh5MlVqQ0ZIaGgxSkZ0YmZaMnFUZ2g5ajBFOWtySVVHaXV5UTdkYVQ0SXEzQWtvd05NT2V4bkRqVXJGaWszUk9ETjB0ZS8zWVY3TT18&cppv=2

Request Chain 1814

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=o9yosV9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV1BiZzlXUGlaT0QlMkJxRDglMkIlMkJPa3hQJTJGNUJDYWdjVUYlMkJLbzZXS2g0JTJGMG1TOGoycjU3UUc5OUVoTVA4TVBzTTh6dW1QUzR4RzdhbWxIZUxUemM5RnIxME1CWGxiTyUyRmFpR3U0b1U4V3A4NzFBenpvQ2wyJTJCSnZDdWxaS2s5d3diaFVzZ0ElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=5Z1phXx4OGk0Ni9XQ1hXSmRkMVpsWExsZVZIRWltWHFqMkRaOW9NQWJnZW5OZ1l2U1l2TDBvRmxJZjBvSW16VFlBVjBTNTlid3pRRGljb0EwUmZheFlWSGsrMWdoT3BlYlFnS0RONU5nV0NuaXdTMnhFZEZZQlFOeHBoVUtDYnRQTWNHTzJPdXlUOFFyUityV0dxcFBybEF0VElDVlZJKzdBdDdQMmlTODJJTEZvWGwzNVFxajM3NE9Ka3JySTU1WiswNlRkSThFakN5L3o0bjd3MithaGdiTHdjek9SS0VrU1JCWDFTb0dBWUczc1ZLeCtPUnhidnk3UG1DcjIwTDlQRXI5dGJWbUwrQjN0cjhnTnFXc3RyVEFWYTNDTDdIcDNNMlFBQXNBckszMm9IRT18&cppv=2

Request Chain 1833

https://ups.analytics.yahoo.com/ups/58626/occ?gdpr=&gdpr_consent= HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=yahoossp&uid=y-GcUC7CVE2uEAH4k4D2TRozpVwsIIGxftCqIcdjc-~A

Request Chain 1834

https://onetag-sys.com/usync/?redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=

Request Chain 1841

https://gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=Ac_zfV93NCUyRm01Q1duRFJwNzJuald0WDk5RXVHY3dnNUxYZm1leVQwdklON0JkaWFGd0JTeW56dEJ2NHAwc1JBTXVxMGxhJTJCSlF3M2FUem9SaTAwY2ZkMUdvaFQ2d041ZG9UVkI0dmNBaUQlMkJiMG5WNEl3UGdKWm5WdTJGTGRETHQ2Tk5wcTNoZ0JIZUZrOXQzZ0ZuQW9VZU8yZEElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=pCbSp3xXbE1RWUFPbHVNaGZDWTV0SVN6ZWVFbU9kNmNPaHY4NUtFblF1K0lMY1YydEk0UmV1M0o1VTZVWEloWlNQQkRIOG9qVUNzdUp2K2VqYnV6ZTh1aW1RRFBNOW8yNHRxQURzWUVjMXRMZHBzcThFazJmd3dsV1c1TEkwVHp2K2FBcHh3VzZKdkpOMm11cWlDaXZWU0tjOXlyaitZRjdCYVgwVkNVc3E1a1Z5RHZzeWxXMWZYZXVoYSs0emFuMks5d25GV3F3anRxZm9jbnhudjlyeE0wSittMFBLSHlKaXA0WmxIR2JweHJnTDJKb2VpNEJ6aWlqQnpROHVuYlhMOUxORzBpRW53dmdZZFI0YUZWSk1TYWdLRXp6WGJRc1YyUWZNT2kyaGtPMll4dz18&cppv=2

Request Chain 1843

https://gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=Ac_zfV93NCUyRm01Q1duRFJwNzJuald0WDk5RXVHY3dnNUxYZm1leVQwdklON0JkaWFGd0JTeW56dEJ2NHAwc1JBTXVxMGxhJTJCSlF3M2FUem9SaTAwY2ZkMUdvaFQ2d041ZG9UVkI0dmNBaUQlMkJiMG5WNEl3UGdKWm5WdTJGTGRETHQ2Tk5wcTNoZ0JIZUZrOXQzZ0ZuQW9VZU8yZEElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=PeZ9T3wwUWpNMm5wdEowa3UrSEI0VjcrZ0I4cE1zWWdMbkp0NFU2Z3U3SEduSWVjem9leUE3M2JkbGRmNGF2bTkrN1ZXeUc1K0k3enFhcnpiZE5WL1N4eE94QnVlT2hzU2hnTWNFWk50YmMyZmdNRFFFbUxWNDIweVdVUHZPNzdSd3VxVHlKZk94cWJ1ekxWTkNQYStPQ1RLanZDdHpXbmVzbXZPSE9XN1VpWDUrZTNVTUxMUnMzSVNsbkk3bFY5T3hjbzlVS2hEcmJYUG5qaE1jRkdhOTFhZ3JZdjVKY3NMZ3ZRMndNUnRZc2I5dU8rQmNpeVdldU1pbEp3V0hEdkYvK2trandEVVJoSDRkc2VqN2VkdXM1bXU1Z0NDbi9MVEhLK2lNZWUwajgxMFlUdz18&cppv=2

Request Chain 1844

https://gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=Ac_zfV93NCUyRm01Q1duRFJwNzJuald0WDk5RXVHY3dnNUxYZm1leVQwdklON0JkaWFGd0JTeW56dEJ2NHAwc1JBTXVxMGxhJTJCSlF3M2FUem9SaTAwY2ZkMUdvaFQ2d041ZG9UVkI0dmNBaUQlMkJiMG5WNEl3UGdKWm5WdTJGTGRETHQ2Tk5wcTNoZ0JIZUZrOXQzZ0ZuQW9VZU8yZEElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=K9ExX3xqYnE3RGg1R0NETVJ0cklESUQyV2hsV1lsRmhHYXZYeGh0Mmg2alJjeW80ckFnS3E5ZGU3VEZ2VVUrWFllWjJUUzFHaFEwNk5XQlVCU2VEMUhObHhNdXlJakdJOVN3Zm01ek8ydUZ2UnVsODZhK29kTlNPN3RGLysyUnBnTlVFUmVRYis4SHlYL1Qrci9PYnd2alpWYUo0bG0wYTUyR0JDaXpPczdPZkkyR3Jvam9xdDhZUjZheVRwOFFCdlM2eXUyM0o0SmoxT2pkODlsRXR3RElJM3A0YmtCOUVWb3A0N041OUZzTkQvZTBZcVZRaXpEczFkT2tFZTZOSGtqRUh0MS9yazhqbjIxV3ZOa01HczVHdzBEL3A2ckRMYXdvRElZcUlMbDdWRkVidz18&cppv=2

Request Chain 1845

https://gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=Ac_zfV93NCUyRm01Q1duRFJwNzJuald0WDk5RXVHY3dnNUxYZm1leVQwdklON0JkaWFGd0JTeW56dEJ2NHAwc1JBTXVxMGxhJTJCSlF3M2FUem9SaTAwY2ZkMUdvaFQ2d041ZG9UVkI0dmNBaUQlMkJiMG5WNEl3UGdKWm5WdTJGTGRETHQ2Tk5wcTNoZ0JIZUZrOXQzZ0ZuQW9VZU8yZEElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=A7fAAHxGTEd5N2ZZWEFlcWJRMTZ5Rm9oTWk5WVd3eHgvVVpJQ1U4NnpQdEkvNStub3llOU5qV0hnd3VxTTZZdkFBVXBCM21PZ1FNamtYSG5idlRrZ3hGVWNPdm1vN1hadm8yM0RqRXdGYWNKTjlLOEMvYlpVdXpIZ3NGQUpNQ20wc21kUlJuMWNmdVE3UHEvelQ0RjhvYVV2enNTbVc2bFZwNkcvbE5HT3AvbW5xNnJIb0h6OXhyajNmSW1mUmtWM0c3THpHOWd0Sk1sVi9hR2ZFVGFIMVhKS1h4NkZyczJ1bFVJOXlRa1F0K20rUUptWHVIUGFuenU1Ukl1Y0hTR0hlWkdSTGprdlJIR2UyVzQxTWdKRGVoS0RkbFdRc0hCbFJRM05vdnExNUNIaitmaz18&cppv=2

1837 HTTP transactions
23 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
earnme.club/nord-n1-from-oneplus/ 56 KB
15 KB 92ms
54ms Document
text/html 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: ee715f0c64fb5bf26cfadd63faac10ae4db44ced8e20864b7de7c9ccc38256c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 13 Dec 2022 01:35:45 GMT
link: <https://earnme.club/wp-json/>; rel="https://api.w.org/" <https://earnme.club/wp-json/wp/v2/posts/65>; rel="alternate"; type="application/json" <https://earnme.club/?p=65>; rel=shortlink
vary: Accept-Encoding
x-pingback: https://earnme.club/xmlrpc.php

GET
H2 200 style.min.css
earnme.club/wp-includes/css/dist/block-library/ 93 KB
11 KB 15ms
14ms Stylesheet
text/css 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/nord-n1-from-oneplus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:45 GMT
content-encoding: br
last-modified: Wed, 16 Nov 2022 02:57:41 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11616
expires: Tue, 20 Dec 2022 01:35:45 GMT

GET
H2 200 classic-themes.min.css
earnme.club/wp-includes/css/ 217 B
199 B 16ms
14ms Stylesheet
text/css 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/nord-n1-from-oneplus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:45 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 02:57:41 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 144
expires: Tue, 20 Dec 2022 01:35:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 148ms
56ms Stylesheet
text/css 2a00:1450:4001:806::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

ESF /

Resource Hash

961d69dd0e8a2f52ae99473f60e510978dd3c6cda2365e665977afc10c975492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Dec 2022 01:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 01:35:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Dec 2022 01:35:46 GMT

GET
H2 200 style.css
earnme.club/wp-content/themes/mh-magazine-lite/ 45 KB
9 KB 16ms
15ms Stylesheet
text/css 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-content/themes/mh-magazine-lite/style.css?ver=2.9.2
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: b67fe64923a586061ca8b4ee5086f981d05f483f4a1bd87f6ccecb8570f8dffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/nord-n1-from-oneplus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:45 GMT
content-encoding: br
last-modified: Sun, 26 Jun 2022 02:57:58 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8842
expires: Tue, 20 Dec 2022 01:35:45 GMT

GET
H2 200 font-awesome.min.css
earnme.club/wp-content/themes/mh-magazine-lite/includes/ 30 KB
7 KB 18ms
16ms Stylesheet
text/css 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/nord-n1-from-oneplus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:45 GMT
content-encoding: br
last-modified: Sun, 26 Jun 2022 02:57:58 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6658
expires: Tue, 20 Dec 2022 01:35:45 GMT

GET
H2 200 jquery.min.js Show response
earnme.club/wp-includes/js/jquery/ 90 KB
31 KB 31ms
29ms Script
application/javascript 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 5d92075a333fd130ab14a88cb118502add35524a313b882bd83aa362c7436d28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/nord-n1-from-oneplus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:45 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 02:57:41 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 31503
expires: Tue, 20 Dec 2022 01:35:45 GMT

GET
H2 200 jquery-migrate.min.js Show response
earnme.club/wp-includes/js/jquery/ 13 KB
5 KB 32ms
31ms Script
application/javascript 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: a71ee879cf80d36f1858f3b7a081ca1493bb3fe88014d8b435434f91b927269f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/nord-n1-from-oneplus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:45 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 02:57:41 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5176
expires: Tue, 20 Dec 2022 01:35:45 GMT

GET
H2 200 scripts.js Show response
earnme.club/wp-content/themes/mh-magazine-lite/js/ 40 KB
12 KB 41ms
40ms Script
application/javascript 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 89013866b8ebfdf82160764b685d3348dbc619e7342d161756f8153252ac3ae8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/nord-n1-from-oneplus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:45 GMT
content-encoding: br
last-modified: Sun, 26 Jun 2022 02:57:58 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12569
expires: Tue, 20 Dec 2022 01:35:45 GMT

GET
H2 200 aaw.emc.js Show response
cdn.adapex.io/hb/ 538 KB
157 KB 83ms
52ms Script
application/javascript 2a06:98c1:3121::3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adapex.io/hb/aaw.emc.js
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 971111b97774fdfc5e46ec8610f7fcfb0cd0710614b56f8237693647a9acdd8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 06 Dec 2022 06:43:13 GMT
server: cloudflare
etag: W/"638ee481-8683b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCAEyuCkQonA3d%2F1kep6A8kw2uqwa844jMg7Yw0bEdbEvYtyIUj5E0mjJf3UUGBzQhBX6DV00Dp5I7ybwmufR9bWMs3X%2BQUwMd0aDX0MNVEbEzddsfbQHeYVYrvjM%2FRcRA7NrcrMkEcVWFga"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 778af70908bcbb9d-FRA
expires: Tue, 13 Dec 2022 06:44:25 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 178ms
51ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c21a9558d8e958bd4503900f96ea2791d4249bafff58ddcbc98ed17520589c02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27666
x-xss-protection: 0
server: sffe
etag: "1420 / 708 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 13 Dec 2022 01:35:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 154ms
45ms Script
application/javascript 2a00:1450:4001:827::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

784a257b9c4cdb53809213a090b43a7f9d33814b8b33090acfecc777505cba34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76260
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Dec 2022 01:35:46 GMT

GET
H2 200 images-34-1-1-1.jpg
earnme.club/wp-content/uploads/2021/03/ 8 KB
8 KB 18ms
16ms Image
image/jpeg 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://earnme.club/wp-content/uploads/2021/03/images-34-1-1-1.jpg
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: aa4f09011e442a9137174df2e452bc57d56ad7acaecb3118ca559833928e9144

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/nord-n1-from-oneplus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/jpeg
date: Tue, 13 Dec 2022 01:35:46 GMT
cache-control: public, max-age=604800
last-modified: Sun, 26 Jun 2022 03:03:15 GMT
accept-ranges: bytes
content-length: 7685
expires: Tue, 20 Dec 2022 01:35:46 GMT

GET
H/1.1 200
OK spt Show response
tg1.playstream.media/api/adserver/ 28 KB
7 KB 182ms
72ms Script
text/javascript 2a02:26f0:480:b::210:f1d7

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:b::210:f1d7 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: 746f8b087bee3ce8aa3072983d867922150a2bd940f40694ea1f400b6b836def

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 6988
Expires: Tue, 13 Dec 2022 01:40:46 GMT

GET
H2 200 wp-emoji-release.min.js Show response
earnme.club/wp-includes/js/ 20 KB
6 KB 18ms
17ms Script
application/javascript 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 41f5e8113e651e2091124c4f675f62c523ee8db4f03f0f560e8c0f84490dc398

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/nord-n1-from-oneplus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:46 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 02:57:41 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5785
expires: Tue, 20 Dec 2022 01:35:46 GMT

GET
H2 200 download-2021-03-24T065937.621-1-1-1-80x60.jpg
earnme.club/wp-content/uploads/2021/03/ 2 KB
2 KB 18ms
18ms Image
image/jpeg 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://earnme.club/wp-content/uploads/2021/03/download-2021-03-24T065937.621-1-1-1-80x60.jpg
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 6b022da1659d8edf1a7a35600f66c8de7dc83e6131ee83aab1a9298aaeda244c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/nord-n1-from-oneplus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/jpeg
date: Tue, 13 Dec 2022 01:35:46 GMT
cache-control: public, max-age=604800
last-modified: Sun, 26 Jun 2022 03:03:15 GMT
accept-ranges: bytes
content-length: 2067
expires: Tue, 20 Dec 2022 01:35:46 GMT

GET
H2 200 comment-reply.min.js Show response
earnme.club/wp-includes/js/ 5 KB
2 KB 16ms
16ms Script
application/javascript 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/js/comment-reply.min.js?ver=6.1.1
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 0e7f0938158c8a030cea7c8dc197a966db14f94c7bdab177859280a51203d4cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/nord-n1-from-oneplus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:45 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 02:57:41 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2396
expires: Tue, 20 Dec 2022 01:35:45 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 155ms
30ms Font
font/woff2 2a00:1450:4001:82b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://earnme.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 24322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 18:50:24 GMT

GET
H2 200 t.js Show response
flashnetic.com/ 54 KB
15 KB 81ms
1ms Script
application/javascript 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=9196521670895346171
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id: _w3ae0RYCGBlDTPjQPIQB8LKoj64xOVc
content-encoding: br
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
date: Mon, 12 Dec 2022 02:23:43 GMT
last-modified: Fri, 11 Nov 2022 10:14:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 83524
etag: W/"57c945f3c1feba973398debac47b1341"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: vrhpuzk1wC4yRkQEzZ4bYDsnGiRumqAUmYDbFrheofg46yrfFXtq4Q==

GET
H2 200 t.js Show response
flashnetic.com/ 54 KB
15 KB 83ms
3ms Script
application/javascript 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=9086721670895346172
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id: _w3ae0RYCGBlDTPjQPIQB8LKoj64xOVc
content-encoding: br
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
date: Mon, 12 Dec 2022 02:23:43 GMT
last-modified: Fri, 11 Nov 2022 10:14:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 83524
etag: W/"57c945f3c1feba973398debac47b1341"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Y7g9aSgOoDq5hy6V2-pQPHIcfA6OEylfMar0dXMY6Azrwib9VT3S_A==

GET
H2 200 fontawesome-webfont.woff2
earnme.club/wp-content/themes/mh-magazine-lite/fonts/ 75 KB
75 KB 26ms
12ms Font
font/woff2 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: earnme.club
URL: https://earnme.club/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://earnme.club/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Origin: https://earnme.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: font/woff2
date: Tue, 13 Dec 2022 01:35:46 GMT
cache-control: public, max-age=604800
last-modified: Sun, 26 Jun 2022 02:57:58 GMT
accept-ranges: bytes
content-length: 77160
expires: Tue, 20 Dec 2022 01:35:46 GMT

GET
H2 200 images-35-1-1-1-80x60.jpg
earnme.club/wp-content/uploads/2021/03/ 3 KB
3 KB 264ms
0ms Image
image/jpeg 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://earnme.club/wp-content/uploads/2021/03/images-35-1-1-1-80x60.jpg
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 5f8a1ed9a4c250b4a57e8baa47462c95b9a15349bf81682092a440b7c4f2ab5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/nord-n1-from-oneplus/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/jpeg
date: Tue, 13 Dec 2022 01:35:46 GMT
cache-control: public, max-age=604800
last-modified: Sun, 26 Jun 2022 03:03:15 GMT
accept-ranges: bytes
content-length: 2686
expires: Tue, 20 Dec 2022 01:35:46 GMT

GET
H2 200 t.js Show response
flashnetic.com/ 54 KB
15 KB 263ms
0ms Script
application/javascript 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=2773071670895346304
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id: _w3ae0RYCGBlDTPjQPIQB8LKoj64xOVc
content-encoding: br
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
date: Mon, 12 Dec 2022 02:23:43 GMT
last-modified: Fri, 11 Nov 2022 10:14:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 83524
etag: W/"57c945f3c1feba973398debac47b1341"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: gatnVvTBMAHaU8JvvMtZYF6IO9tVKaRSrcluOMWXAT72QpJ9AzPO8w==

POST
H/1.1 200
OK / Show response
cat.hbwrapper.com/ 15 B
256 B 364ms
93ms XHR
text/html 192.241.157.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.hbwrapper.com/
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: capture.analytics.hbwrapper
Software: Apache /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://earnme.club
Date: Tue, 13 Dec 2022 01:35:46 GMT
Access-Control-Allow-Credentials: true
Server: Apache
Connection: close
Content-Length: 15
Content-Type: text/html; charset=UTF-8

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ 306 B
449 B 235ms
16ms XHR
text/plain 2606:4700::6810:84e5

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

87601871a1858439035900b46e057ab0cf954991bec88985f3cd6354843cebf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 778af70cce009096-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 178 KB
45 KB 247ms
28ms Script
application/javascript 52.222.178.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.178.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-178-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa00bdc74cdf124e45f545f927f91ed9c9c1af8db39769fa302d4dbdb195a546

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:25:04 GMT
content-encoding: gzip
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront), 1.1 b601b11612dbb318dc18b8b7062715de.cloudfront.net (CloudFront)
last-modified: Wed, 07 Dec 2022 21:39:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, HAM50-C1
age: 643
x-amz-server-side-encryption: AES256
etag: W/"64f4b7b07dc566a98060fc55042f4433"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 0Wwp4pcqwg0iFyqiq7uKS96O0n2zUHhkqCtgad062iyOp5zi6oDq_g==

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 11 KB
4 KB 216ms
2ms Script
text/javascript 88.221.169.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date: Tue, 13 Dec 2022 01:35:46 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id: 4KF5E18C4VGEN9BR
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
accept-ranges: bytes
content-length: 3391
x-amz-id-2: gTYHE//ycCgmSKRMW4oex9Yq+Z/uUcPDstZAdALldiw59blpzxGtiBbaZKU2cfBhCzE5blPJ9rA=

GET
H2 200 ao0y4krv21gsuol1v4o82.json Show response
flashnetic.com/c/ 2 KB
2 KB 59ms
6ms Fetch
application/octet-stream 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/c/ao0y4krv21gsuol1v4o82.json
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=9196521670895346171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad032d1cf528ab452328c93f4e286e5034be1a9e5c74da91d2828d6a50caa6c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:17:20 GMT
x-amz-version-id: Acn7r8ZMd7YG6M0YfdycNmVJVXl9rg7Z
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified: Thu, 10 Nov 2022 12:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 73107
etag: "1165eba4e9339ec6a75e2840289faa43"
x-cache: Hit from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
content-length: 1549
x-amz-cf-id: MwenXIsL9SVGsRI7nXZCp2b8zndL4Bit2Drp3kv7Se306AlJZ2j6Ig==

GET
H2 200 tvdi2ru09cf0ymc0mwei9.json Show response
flashnetic.com/c/ 2 KB
2 KB 60ms
7ms Fetch
application/octet-stream 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/c/tvdi2ru09cf0ymc0mwei9.json
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=9086721670895346172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5bb863c6910d0c861eeeaa51d06324486b9d280f11a11ccfd77c305283fa912

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id: qsp7d0tsTDbCsoRHwVoQTtR594IYsbh7
date: Mon, 12 Dec 2022 03:50:26 GMT
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 78321
x-cache: Hit from cloudfront
content-length: 1553
last-modified: Thu, 10 Nov 2022 13:02:28 GMT
server: AmazonS3
etag: "33d98cba57a28b885c123495ff78571c"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
x-amz-cf-id: bCYVn1peQM3GZtYXn7zCn5aIHrJTxLCifPV80t4qoVxvMpOQK_z8zw==

GET
H2 200 pubads_impl_2022120701.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 62ms
35ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:26:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132289
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 09:34:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 12 Dec 2023 03:26:29 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 528 B
204 B 154ms
47ms XHR
application/json 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

75806cade29344f203ce389d3fd4f555a4af9d163d7494270d9f2386c557ad9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 179
x-xss-protection: 0
expires: Tue, 13 Dec 2022 01:35:46 GMT

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/2/v/ 251 KB
60 KB 91ms
11ms Script
application/javascript 2a02:26f0:480:b::210:f1cc

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/v/avcplayer.js
Requested by: Host: tg1.playstream.media
URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:b::210:f1cc Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:46 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduGB2AlLYWO9z1o9MZw3py8-TiNXy0xSw8Y-H7jVVYgkTfXYOmbJIkYFFscMkPtM6TY0pxalGwhD7xlrfFFZLZYF7lWag
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 61326
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
server: UploadServer
etag: "9dff0335699f04080269947f40c366ae"
vary: Accept-Encoding
x-goog-generation: 1646327924579580
content-type: application/javascript
content-language: en
x-goog-hash: crc32c=DITkQg==
cache-control: public, max-age=300
x-goog-stored-content-length: 61326
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:40:46 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 465ms
50ms Image
text/plain 35.172.123.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&cb=1670895346749&r=earnme.club&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d65=&d66=7&e=playerLoaded
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.123.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-123-180.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
344 B 265ms
0ms Ping
text/plain 2001:4860:4802:32::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LY1N2M6E7Y&gtm=2oebu0&_p=400804358&cid=921010836.1670895347&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670895346&sct=1&seg=0&dl=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&dt=NORD%20N1%20from%20ONEPLUS%20%E2%80%93%20Tech%20One&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uv85s8wiydoa62b7a5wma.json Show response
flashnetic.com/c/ 2 KB
2 KB 132ms
0ms Fetch
application/octet-stream 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/c/uv85s8wiydoa62b7a5wma.json
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=2773071670895346304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a0fda7bca53807a574a641ba6e1c70b4b335bb745d6bf73c239b3701f167cf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 03:47:39 GMT
x-amz-version-id: vLfcoHrJbiywLviWxCWpJFlKfUSPjPJN
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified: Thu, 10 Nov 2022 13:02:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 78489
etag: "69dae478ddf7e8986fcdaf90bc486766"
x-cache: Hit from cloudfront
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
content-length: 1553
x-amz-cf-id: 4QOLEIkEgxWMRXofAomX1oiRKsxFpvVxvtr9WyqAglRtIGtJLtR1kg==

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 212ms
0ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 600
age: 0
content-length: 0
date: Tue, 13 Dec 2022 01:35:47 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 209ms
0ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 600
age: 0
content-length: 0
date: Tue, 13 Dec 2022 01:35:47 GMT
server: ATS/9.1.10.25

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 4 KB
3 KB 370ms
177ms XHR
application/json 185.89.208.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: c819b0f32cc30e575ab109d473047a1650045054249c058a4992e6855af9ef81

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:47 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
X-Prebid: pbs-go/0.233.0
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

GET
H2 200 arj Show response
digikulture-d.openx.net/w/1.0/ 73 B
375 B 296ms
0ms XHR
application/json 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://digikulture-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=435a0426-f05a-4d85-b3ae-fd1cc66f4911&nocache=1670895346914&pubcid=950e281c-a08d-4c38-9bf8-7c2567124789&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&aus=300x250%2C336x280&divids=952bda8d-d94d-4b7e-b389-3321e70417fb&aucs=%252F22181265%252Femc_300v_2&auid=556580798&aumfs=10
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: fd70dfbad797b505e044300451184e5984d83a48b48aae6103dd0b55556d2674

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:47 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://earnme.club
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
563 B 214ms
32ms XHR
application/json 172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=775312
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a39a731a41585a79919040eb623dcd3822ba27450ef07a1f3db54c156b6a8569

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIBUzXs7RbB5BJqp8gKtAdYvXJmxM72Bg1g6qgAW7CId6%2B9Z5WhkFRxJB66Hksa8xVAkylH5%2FkAk%2FOiS5oH1GmVbD4LIanC6HcFhRUkNcOikRdFGQBa7i7wfROZ48ri2bzxYGPSL"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://earnme.club
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 778af70f29cf9bd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
309 B 318ms
0ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.24.0&cb=39047488094&lsavail=1

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
167 B 234ms
0ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 8
date: Tue, 13 Dec 2022 01:35:46 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://earnme.club
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
358 B 169ms
0ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://earnme.club
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 187ms
82ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4dd28666285ef3d637d7343bd3daa700899220c94449087bf50b3047d5dbe11c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:47 GMT
AN-X-Request-Uuid: 7707ba62-af6b-4c6d-9b02-531fe8465f31
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
237 B 382ms
70ms XHR
application/json 18.185.180.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.180.243 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-180-243.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2bbf509419ada0a2c41e6c9f4bdc9e0498a0f151633e319298e3da9a5817e336

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Tue, 13 Dec 2022 01:35:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
access-control-allow-credentials: true
content-length: 49
content-type: application/json

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 65ms
26ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 51c25575e1d90a3232a74c5acc9055b18c109af7ac7355d4606b5cfe6aa1540e

Request headers

Referer: https://earnme.club/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
294 B 64ms
26ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 39e5c8e01894f41680b3e294f1cee5dae96290deaf8976be55e515a7f96b236a

Request headers

Referer: https://earnme.club/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-length: 66

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 408 B
957 B 358ms
58ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294692&size_id=15&alt_size_ids=16&p_pos=atf&rp_schain=1.0,1!adapex.io,s1602,1,4a8f1a42-5770-4c1a-8887-ed7895482e96,,&eid_pubcid.org=950e281c-a08d-4c38-9bf8-7c2567124789%5E1&rf=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_2&tg_i.gpid=%2F22181265%2Femc_300v_2&tk_flint=pbjs_lite_v7.24.0&x_source.tid=435a0426-f05a-4d85-b3ae-fd1cc66f4911&l_pb_bid_id=38f2d8633825df6&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_2&slots=1&rand=0.4502442453190536
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 437f7cf9d84876da2ca088752c7c7db91a64dfad256348f5d336fbb7378bc341

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:47 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://earnme.club
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 408
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 328ms
39ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 113d029bd5571ec50fce53ff96876e784f8766ee1efd5e30e4c20bf6ce00c304

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:47 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://earnme.club
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Tue, 13 Dec 2022 01:35:47 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
339 B 500ms
112ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dYto7aKmqr7io0rkHcnlxd
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 9ae2d00f9a40a5ad26c5b209f79001ada20a1e8488f6565708a6b95c9e68f227

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
334 B 199ms
43ms XHR
text/plain 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:47 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Tue, 13 Dec 2022 01:35:47 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BD39 80 KB
27 KB 189ms
89ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=9196521670895346171

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27544
x-xss-protection: 0
server: sffe
etag: "1420 / 328 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 13 Dec 2022 01:35:47 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame BD39 424 KB
122 KB 239ms
31ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=9196521670895346171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5709
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDoS%2BJ1IEq8hTEv7YB9vmQc%2FRkYj87dykTCqcXYhgbR7mIE9p3Qa2HBSnKZ0xyARh3flQXUlFK2lnbGo%2F1OHgh8UUFauk74MoFXi9cZm%2FW4sc93p0sbrL9cBbelJxg4A5JkXcZeq8WtakNU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af7107bde9b37-FRA

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 749F 10 KB
3 KB 167ms
0ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=jroovvefi&e=1582957865563
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=9196521670895346171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: actf3yQXNP0r9QCfDw-PFvWvAl9CL8cG53iKJsBaJtZZKipbZzlkOg==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 97D6 10 KB
3 KB 165ms
0ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=cyupjnth&e=1582957865563
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=9196521670895346171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: qfINqQD_vAfIUswf0oD4hdD8hBAVH-FV9aJNZ6rQ62jUKyB1WYoP6A==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 3EE4 10 KB
3 KB 156ms
0ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=qlggoqc&e=1582957865563
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=9196521670895346171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: SDlOX-nYY0e3L-AnodwivptQDce7jLlE0nOC8WI9YhsSaFtpO2if0g==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame AD3A 10 KB
3 KB 150ms
0ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=djpdnvmk&e=1582957865563
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=9196521670895346171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: 2DaXn-94RbEdJTEjN4vwcgtmbOTx1T6FlwK0i7at5aCxN6FKTFRcSA==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 5420 10 KB
3 KB 151ms
0ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=ogtsap&e=1582957865563
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=9196521670895346171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: BZuBAPQJFvhhTNg3zup_dA2t4i_kPmm5YG9W82DIgBQKMsg-dNBZUw==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 5678 10 KB
3 KB 148ms
0ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=zophdtn&e=1582957865563
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=9196521670895346171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: 17DhfXFeLDMPJ_DPU30PkRFi5bki-gXT0iD1o-v4RuKjv7GwVW6CmQ==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 287E 10 KB
3 KB 146ms
0ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=bipodbdgfk&e=1582957865563
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=9196521670895346171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: zu56ruDoagf7MyWrPX7QtcLBv_Yyw4SBJvRtdWa_R7dVHZKD-IVH0g==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 683E 10 KB
3 KB 145ms
0ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=yusjeyea&e=1582957865563
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=9196521670895346171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: C1WiANKC_Q1CF51qdtMD0GvFxtHiJW60vmYzctoONoKQ6SOIaWR-_Q==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 214C 10 KB
3 KB 140ms
0ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=okqaizdly&e=1582957865563
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=9196521670895346171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: TEUK4xmDNUGAjplSH8JMp8uQqZwMFm5ldL1hhC_qU6ozkQmKijPlDg==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 3B76 10 KB
3 KB 138ms
0ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=zvkvgpe&e=1582957865563
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=9196521670895346171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: qv6kHbIzxHE16msUG-4t_nwLgCzN3CXFJXagRUvH4Rfzy8DUZC92lg==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame E958 10 KB
3 KB 167ms
12ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=injfbw&e=1582957865563
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=9196521670895346171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: ul9n5nuf8RmfUq85xD0ObWSN_fiyzgByfGx8zDTKeaGcKH3650AuJg==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 8F79 10 KB
3 KB 167ms
13ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=hrcralsp&e=1582957865563
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=9196521670895346171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: 5l1lTp8_L6zuCrpr9rOr-Y5dciodqki_uYNIgNKHToKFh5yFOSKRQw==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame E96D 10 KB
3 KB 165ms
13ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=wvgcabh&e=1582957865563
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=9196521670895346171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: 2_rjlHuQZUUzdsjx6I2fULMlS3mpUD_dt_dbzqeWTjdlm_7zNVbFjA==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 3BAE 10 KB
3 KB 155ms
14ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=prudmwjd&e=1582957865563
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=9196521670895346171
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: PqQAvXZFtOzUj_78uTqpDvHupqNmxmt-NRRXj2iOC0hsqgsI3f-nsQ==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C729 80 KB
27 KB 188ms
100ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=9086721670895346172

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27542
x-xss-protection: 0
server: sffe
etag: "1420 / 157 of 1000 / last-modified: 1670587517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 13 Dec 2022 01:35:47 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame C729 424 KB
122 KB 204ms
77ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=9086721670895346172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5709
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2yBTLnnWVPbMkzpY9nNnb0DNuoPJzsOhAmb03cuA7b48AeDH4kELavUJVe2yeUWeLwYR2mPV3XQ9uLSpynB2eTnMIsMziP%2BWRytcdMBHdWc%2FUeaFQNWRQaF99bSObjZOgzASN7sALYwI%2FsE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af7107be09b37-FRA

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 9F1A 10 KB
3 KB 133ms
15ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=rfgam&e=1011989061034
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=9086721670895346172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: a9Hefq0HLPURY_FdmboK0W7EdavyMF2H9fnaBqfQS3-e7Yn6lazK0A==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 407E 10 KB
3 KB 129ms
18ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=pxx&e=1011989061034
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=9086721670895346172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: on3_f3QHQ0g61tYYiJT5-zXrwyaTFrbtbCkAKknR1XwbH8zuLLzktA==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 1BBF 10 KB
3 KB 128ms
19ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=nyszpkpy&e=1011989061034
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=9086721670895346172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: 4k5q878xDbF46N17NZUs1mFE-9Qhcv-y8XQgFMpEcNRxuHyVL8giYg==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 1F55 10 KB
3 KB 127ms
20ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=wfiayoaq&e=1011989061034
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=9086721670895346172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: eXW1VwSwvBveX2R8fmkiEHz2MvJ7a-m7x48hZPN3c87kleBcLud-0Q==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 02EC 10 KB
3 KB 114ms
19ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=nagevtxugi&e=1011989061034
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=9086721670895346172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: IngMZGou99aU6rB3tyadZGzFv1QCvdOAUHzGz1qUszyXl8VnZFq-lQ==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 8F56 10 KB
3 KB 112ms
19ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=zghiaia&e=1011989061034
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=9086721670895346172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: XTgHT4Ix1nS6Se5s7ME8Zh_i3lgn2QNX4dRD037JUu8y1j_6QhTn2g==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame E1F0 10 KB
3 KB 106ms
20ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=epztovze&e=1011989061034
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=9086721670895346172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: jWGXcO-7oizlMm1aUwREu-0jH12sBw0CbuQsxBIdq0HRVE10rlCYnA==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 89B2 10 KB
3 KB 105ms
20ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=eghxslsd&e=1011989061034
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=9086721670895346172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: rNn9rsmUG43K__39f9y6YKGqD9aH6FE13kCacpVCZ-4PY4kctm64QA==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 6F35 10 KB
3 KB 99ms
21ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=hsqgdrxxr&e=1011989061034
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=9086721670895346172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: D6dD44RhNBUXCG6PN9elre88X_ouIOYKiD7j6O6ZmOR2hcdLOtnsFA==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 055F 10 KB
3 KB 99ms
22ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=hjxvjsovg&e=1011989061034
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=9086721670895346172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: 8zqyLggZtt8JfIcVd1N-XzZj8WE-OOaqdXQUnhuV6ivVGjeqvmaVYQ==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 6863 10 KB
3 KB 97ms
23ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=suqdsfso&e=1011989061034
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=9086721670895346172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: DzPGMPSjDt1D_zzhJ8NP1eQW6gl2dK36v8O0X5I6fRKbpQohkogZ4A==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 46C6 10 KB
3 KB 122ms
50ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=affvapki&e=1011989061034
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=9086721670895346172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: M3hxIb3neuLwZ5vQ6rMazzgC-mOBVz7NjVnXV_cSERhT85SE3_NLWQ==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 6B92 10 KB
3 KB 111ms
51ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=yxdkoegzfc&e=1011989061034
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=9086721670895346172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: eUmi2dyeb8WfI52qGc0WwXzubV-DXCAEbJZ57JrlWjGzSXiX9xT6Nw==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame C88E 10 KB
3 KB 98ms
55ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=vpwyiix&e=1011989061034
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=9086721670895346172
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: bnO_QdPRJ1pKXD9nInrgvHEJmsN-oEPk-XAVoCB8Gg8KZb6Amyf24g==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 67ms
33ms XHR
application/json 52.222.178.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fearnme.club&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.178.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-178-36.ham50.r.cloudfront.net
Software: Server /
Resource Hash: ae48e1202874ebd04205306f97593913e40592e5996faeaca4d7f1cbde36e688

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:29 GMT
via: 1.1 b601b11612dbb318dc18b8b7062715de.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: HAM50-C1
age: 18
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://earnme.club
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 1960
x-amz-cf-id: ClmwCGfzM-TDUKUUxSE-94MavtaL-n29HzKceNHHfsbMu1Nel0McQQ==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
458 B 166ms
47ms XHR
text/javascript 13.224.191.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&pid=oV8KvzhlXnYfD&cb=0&ws=1600x1200&v=22.1201.834&t=2000&slots=%5B%7B%22sd%22%3A%22952bda8d-d94d-4b7e-b389-3321e70417fb%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_2%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C4a8f1a42-5770-4c1a-8887-ed7895482e96%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.191.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-191-98.fra2.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-amz-rid: X04GA4WH9R95RY1PPRB8
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: LB2RH_l9c9tt7DfVmVSV_Ypr5HyVOHCgsjuE1zV5D2nYm7DW21oLMA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 136ms
18ms XHR
application/javascript 52.222.178.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.178.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-178-36.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:31:44 GMT
x-amz-version-id: KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding: gzip
via: 1.1 5fbb28bff7a0b15518cded51f089f258.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C1
age: 83044
x-cache: Hit from cloudfront
last-modified: Wed, 07 Dec 2022 02:43:04 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: bGJcAhg1uFmMCTVVIaCSETLzfM6iIisnohCyYaX5vcz7xbm_E5ZrBg==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 196ms
45ms Script
application/javascript 2a00:1450:4001:82b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 170ms
50ms Script
application/javascript 2a00:1450:4001:829::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 313 KB
65 KB 522ms
521ms XHR
text/plain 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2105137673470681&correlator=835676420115120&eid=31071197%2C31071294&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=21735448363%3A22367406785%2Cearnme.club&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%2C320x50%7C336x280%7C300x250%7C250x250%7C200x200%2C320x50%7C336x280%7C300x250%7C250x250%7C200x200%2C320x50%7C336x280%7C300x250%7C250x250%7C200x200%2C320x50%7C336x280%7C300x250%7C250x250%7C200x200%2C1x1%2C1x1&fluid=height%2Cheight%2Cheight%2Cheight%2Cheight%2C0%2C0&ifi=1&adks=2564538650%2C174271564%2C174271567%2C174271566%2C174271561%2C3490001028%2C3490001051&didk=1813635145~1813635144~1813637047~1813637046~1813637045~471193909~471193910&sfv=1-0-40&ists=3&fas=0%2C0%2C0%2C0%2C0%2C1%2C8&eri=4&sc=1&cookie_enabled=1&cdm=earnme.club&abxe=1&dt=1670895347395&dlt=1670895345943&idt=1316&adxs=-9%2C-9%2C456%2C989%2C-9%2C-9%2C-9&adys=-9%2C-9%2C688%2C320%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C0%7C0%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fearnme.club%2F&loc=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&frm=20&vis=1&psz=0x-1%7C0x-1%7C678x0%7C326x0%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C678x0%7C326x0%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C4%2C4%2C2%2C2%2C2&ohw=0%2C0%2C678%2C326%2C0%2C0%2C0&ga_vid=921010836.1670895347&ga_sid=1670895347&ga_hid=400804358&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

5472fceaf6f99c5298d6ca0a5b05701588d68f870fd410355c6f1e1133c726f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67022
x-xss-protection: 0
google-lineitem-id: 5483746265,5483746265,-1,5483746265,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138365042430,138403669929,-1,138403669908,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://earnme.club
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
339 B 81ms
80ms XHR
text/plain 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2105137673470681&correlator=835676420115120&eid=31071197%2C31071294&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=21857590943%3A22734888843%2Cadsviktory_earnme.club%2Cadsviktory_earnme.club_300x250_1%2Cadsviktory_earnme.club_300x250_2&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=320x50%7C320x100%7C300x250%7C336x280%2C336x280%7C300x250%7C320x100%7C320x50&ifi=8&adks=3548237974%2C3196689019&didk=3522484137~1387365765&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=earnme.club&abxe=1&dt=1670895347413&dlt=1670895345943&idt=1316&adxs=-9%2C-9&adys=-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1&ucis=8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fearnme.club%2F&loc=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&frm=20&vis=1&psz=0x-1%7C0x-1&msz=0x-1%7C0x-1&fws=2%2C2&ohw=0%2C0&ga_vid=921010836.1670895347&ga_sid=1670895347&ga_hid=400804358&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

130338d6dc3585cb3918b6de2cf38f0796732885ee155b1854a76b194d613f0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 309
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://earnme.club
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 006A 6 KB
3 KB 190ms
38ms Document
text/html 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:47 GMT
expires: Wed, 13 Dec 2023 01:35:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022120701.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022120701.js?cb=31071294

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5d20eb026b8bb497a6588b444a4c71fda05c0f4c39d5d679d8e0b3527d87af31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 17:29:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 374771
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14015
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 09:34:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Dec 2023 17:29:36 GMT

GET
H2 200 hls.min.js Show response
player.avplayer.com/script/2/2.55/libs/ 247 KB
71 KB 17ms
11ms Script
application/javascript 2a02:26f0:480:b::210:f1cc

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:b::210:f1cc Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdu6xL9vZrltTUvDKnXQzibfMA-uDG79tRFMOGfB_TO6CYIv2e3b12_ByRZhYw4vma0s_tGz-_OW10A0nnFeqrd3Bz98iA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 71831
last-modified: Sun, 10 Jan 2021 14:52:52 GMT
server: UploadServer
etag: "7888b98658e8cef4a98786556ccdab66"
vary: Accept-Encoding
x-goog-generation: 1610290372874389
content-type: application/javascript
content-language: en
x-goog-hash: crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
cache-control: public, max-age=300
x-goog-stored-content-length: 71831
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:40:47 GMT

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 256 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 251 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 238 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 logo.png
cdn.playstream.media/ 1 KB
2 KB 91ms
6ms Image
image/png 2400:52e0:1e00::864:1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.playstream.media/logo.png
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN (),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: 875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Tue, 13 Dec 2022 01:35:47 GMT
cdn-edgestorageid: 864
cdn-cachedat: 11/21/2022 14:10:19
cdn-pullzone: 1027527
content-length: 1265
last-modified: Tue, 19 Jan 2021 07:48:16 GMT
server: BunnyCDN-DE1-864
cdn-proxyver: 1.03
cdn-requestpullcode: 206
content-type: image/png
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: d20ba4c082282303fbd61924c59892df
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ctrack
track1.avplayer.com/ 0
71 B 395ms
109ms Image
text/plain 34.239.216.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=92&e=cpll&cb=1670895347502
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.216.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-216-139.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 155ms
11ms Preflight
application/json 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 13 Dec 2022 01:35:47 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 493230
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
247 B 229ms
137ms XHR
application/json 2600:1901:0:8344::

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN (),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://earnme.club
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=roBDY3xQSUt1LzE5OGJINFhXSFVCY1R2aDZaTmdkcjF2R3lTbE43dks4MTlSVFNidnl3TktFeDBhNVprRG5uRXFLUGx3NFg4bEhqdE91QWNBSnhvVUlQemIwR1BuaHlOMEFoODZ3bFJDVEZXTW54WnZpbk1LRnJGdm1HdF...

370 B
671 B

71ms
12ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=roBDY3xQSUt1LzE5OGJINFhXSFVCY1R2aDZaTmdkcjF2R3lTbE43dks4MTlSVFNidnl3TktFeDBhNVprRG5uRXFLUGx3NFg4bEhqdE91QWNBSnhvVUlQemIwR1BuaHlOMEFoODZ3bFJDVEZXTW54WnZpbk1LRnJGdm1HdFRVQnBENHRMeCtFWVlhQytKeGhRcTd2UEJhS2RaRGdlYUVmYkY5dThSUjNYdllKZENLQmFjY0JDalIzVUd6Smwxd1BiRzZiMjdLN015c2pBMUU0eE13RGdFYTVWOFBYendtOURCOVBBUldyOFRRbk9IblhZPXw&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5c8ef38f9e830b60f0f54852971f510ffda117ba98f775a2e666d38012df5e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1222333
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=roBDY3xQSUt1LzE5OGJINFhXSFVCY1R2aDZaTmdkcjF2R3lTbE43dks4MTlSVFNidnl3TktFeDBhNVprRG5uRXFLUGx3NFg4bEhqdE91QWNBSnhvVUlQemIwR1BuaHlOMEFoODZ3bFJDVEZXTW54WnZpbk1LRnJGdm1HdFRVQnBENHRMeCtFWVlhQytKeGhRcTd2UEJhS2RaRGdlYUVmYkY5dThSUjNYdllKZENLQmFjY0JDalIzVUd6Smwxd1BiRzZiMjdLN015c2pBMUU0eE13RGdFYTVWOFBYendtOURCOVBBUldyOFRRbk9IblhZPXw&cppv=2
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5044918
content-length: 0
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
540 B 40ms
12ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Tue, 13 Dec 2022 01:35:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 any Show response
idx.liadm.com/idex/prebid/ 50 B
426 B 372ms
134ms XHR
application/json 54.156.207.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/prebid/any?resolve=nonId

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.207.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-207-182.compute-1.amazonaws.com

Software

Resource Hash

29a5258e01e9159d08b26f2a12e2574e4469b94b5f4928498ad8089bb24cb14d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 24
content-type: application/json
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
trace-id: d73abb7fac50578d
content-length: 50
expires: Wed, 14 Dec 2022 01:35:48 GMT

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
315 B 181ms
92ms XHR
application/json 3.248.128.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.128.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-128-187.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:47 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://earnme.club
cache-control: no-cache
x-server: 10.45.13.121
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 3911 426 KB
115 KB 108ms
7ms Script
application/javascript 2a02:26f0:480:590::2c79

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:480:590::2c79 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 1ce08d6b57f8d244f2095b56c5fd51852d633eecb72323149be49670ff0a567e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduQriInbIBYB77pVhL-_aJ_SAX1-GGyMz6apv84ePYhTn8BgLddXbJJZpHQf0jGSpAlvAa7QkSbr6fiMdvKkum-Lw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 116956
last-modified: Sun, 11 Dec 2022 12:30:18 GMT
server: UploadServer
etag: "27fa9874fd956e1aa8529e9ff0b24a1a"
vary: Accept-Encoding
x-goog-generation: 1670761818167232
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=59DBbA==, md5=J/qYdP2VbhqoUp6f8LJKGg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
x-goog-stored-content-length: 116956
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:45:47 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0987 80 KB
27 KB 81ms
77ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=2773071670895346304

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27542
x-xss-protection: 0
server: sffe
etag: "1420 / 851 of 1000 / last-modified: 1670587517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 13 Dec 2022 01:35:47 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 0987 424 KB
122 KB 35ms
22ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=2773071670895346304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:47 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5709
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpSL0c2KLGntUw6V8fEO4Jki1rg8qvHcRQ3Gv5gIg9CK4AfepO0iLiASwsGaAJbZlYh06tZrAIs%2BxUq1ug%2FeiwxJUkEaBu9oVjx1%2FzLasPSJ9ODVVIeINN3%2B3Obyz%2Fy38qoYfkLfEB%2FrHfY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af7146fa89b37-FRA

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame C863 10 KB
3 KB 23ms
11ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=wvuylzvfqgo&e=1070536818601
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=2773071670895346304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: 5Sce_tZsOm8yF4VivNy_v4UBEClmBhqH0qxeCYaRBtnNf8lgtNKtcw==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame F999 10 KB
3 KB 15ms
12ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=lghutttacn&e=1070536818601
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=2773071670895346304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: QjdYRtiEPIV9kZjlnLjDRovIK_0I2jZqUthyH_GCKPC56TBsNnV-5A==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 0723 10 KB
3 KB 34ms
2ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=dumvrvp&e=1070536818601
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=2773071670895346304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: lZvy4jG96jgfCg_RWYmJL8oYmt3LpSao4BzYR6PcwwwqsDyufWR0jw==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 1DD4 10 KB
3 KB 39ms
6ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=wfmup&e=1070536818601
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=2773071670895346304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: FB-hfBu5Q0PSh1VBps9-cNRU4cSuTHXnMpRYfx-qKcVV1mJ6gMg2YA==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 0430 10 KB
3 KB 37ms
7ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=vsspcpnud&e=1070536818601
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=2773071670895346304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: kHqwLNWd2scp5ky4nk5OyWxg1NjqvMUYHRmnQh0NcBSs9a3TXDp7Gw==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 95B9 10 KB
3 KB 33ms
8ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=rnzvbshj&e=1070536818601
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=2773071670895346304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: UqUjz6weUcsLQsr-uMRvGJEvzhCEUuQR12mzrklQ4Qtlb0iBpX07dQ==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame ADE7 10 KB
3 KB 31ms
8ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=bkjnt&e=1070536818601
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=2773071670895346304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: YP3wxpoKQeNZQ64dlU03mZkFGT3VXqPLBJ0pnrdj0OawEUiAn5mqQg==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 0B8D 10 KB
3 KB 31ms
9ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=givtwayo&e=1070536818601
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=2773071670895346304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: t_GQpq9H90FXu3E5azGtk2G9wcbnnAusSzxTv7npg17_VIBw_xymjw==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame C84F 10 KB
3 KB 30ms
10ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=kdonne&e=1070536818601
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=2773071670895346304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: weGkll5IW5iNH3I1h2L0KFFE9xC7XRzgaDD4AAo6kL05utSjVkhQug==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 4212 10 KB
3 KB 30ms
10ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=xdelpmeap&e=1070536818601
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=2773071670895346304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: aBXB6p-TQDMVrY-IwRDuAysDGRey46EMAQRD74Tntqhnzhzv7crx9w==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 9478 10 KB
3 KB 29ms
11ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=ymlxdzvm&e=1070536818601
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=2773071670895346304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: lQujjfYgbG3THjXdvmqmhU_c3wlOPoKKFx7hygDyNaEbeGkeOEsQjw==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame B8D1 10 KB
3 KB 25ms
6ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=eanxvgfq&e=1070536818601
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=2773071670895346304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: vZVDvNndgSjyLZ7nGp8gfXFv_FVygdsBG3fpUtDdO_hHdgoPkYWzxQ==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 71A2 10 KB
3 KB 18ms
6ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=ewhmhzviq&e=1070536818601
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=2773071670895346304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: R2dPYshMlvkU61P1vwuMzv1QxTUF0l2eNqDzdM_LQ1YW6DEWvebUdQ==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame C49D 10 KB
3 KB 25ms
3ms Document
text/html 13.224.189.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=aectnvwvvj&e=1070536818601
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=2773071670895346304
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 72307
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 05:51:26 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
x-amz-cf-id: egdIoYSngyvofo0N5LOeWfLEswb9Y3pDauqyirvRXD5dgtnmFSOWig==
x-amz-cf-pop: FRA2-C1
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
x-cache: Hit from cloudfront

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 65ms
8ms Script
application/javascript 2.19.44.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.44.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-44-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 18:14:48 GMT
server: Apache
etag: "d4ed-5eaee7c12df48-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17131
expires: Tue, 13 Dec 2022 01:50:48 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 32 KB
10 KB 64ms
7ms Script
text/javascript 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c7ad2fb033696f6b193dc1e4ef7d353c1d9a4d4a39772bdd0b44175704986ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 01:43:08 GMT
content-encoding: gzip
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
last-modified: Mon, 21 Nov 2022 18:55:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 85961
x-amz-server-side-encryption: AES256
etag: W/"51c5af7d71728569b41d03503fff2de7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: rORKyw6WLRG51SNQE2b1DX-vqPrLxAiOhL_QbLgtnagAvggEhDU3oA==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
11 KB 104ms
48ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ref=&_it=amazon&partner_id=405
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: FNK044PCM9Y7VVCR
age: 1986
x-amz-id-2: AlHhfnaYFu7DcAqm/AZXcFZz8Z4At5Hcn9XqhUxeA24L5T6B/l+VTePOXZCvBx0dhJEtzYQ2PVA=
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 10:57:44 GMT
server: cloudflare
etag: W/"2280e2148e4ee3c06f679f8fac039778"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzwdR7lN1gkA23JbK0C1auu6yQ7X1dMhoXsY2GYKEiHvLKULfz1gNrnR1ea6YB0LLWO5ZCgFmvWxi0xulvpWbJd4d%2BHtQlUC358pq%2BqmA23cAyvGCBh5nAI18m1OueNv4orgD2WeIMQkcyk7HWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 778af7156c428fd1-FRA

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 57 KB
17 KB 70ms
14ms Script
text/javascript 2606:4700:10::ac43:266a

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
server: cloudflare
x-amz-request-id: AS6079NF7R64H2CK
age: 557
etag: W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 778af71569979150-FRA
x-amz-id-2: 2mxyvxkHDv8YVtTpVImJWzSJ6t9LE3MMZGFNY9vGEvXz3eTx52Vj7bVgYIduyNqIsbtyyLaxBsg=

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
11 KB 562ms
534ms XHR
text/plain 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2105137673470681&correlator=835676420115120&eid=31071197%2C31071294&output=ldjh&gdfp_req=1&vrg=2022120701&ptt=17&impl=fifs&iu_parts=22181265%3A22367406785%2Cemc_300v_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=10&adks=1553269368&didk=3490997432&sfv=1-0-40&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dhttps%253A%252F%252Fwww.milkandsons.com%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_adid%3D44244132b4a1bf6%26hb_size%3D336x280%26hb_pb%3D0.01%26hb_cache_path%3D%252Fpbc%252Fv1%252Fcache%26hb_cache_host%3Dprebid.ams3.adnxs-simple.com%26hb_bidder%3Dappnexus%26anh%3Dtrue&eri=4&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D800%26wrap_l%3D600%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D200%26padpr%3D2%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26id5idtest%3Dna%2633acrossIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D500%26waae%3D900%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&sc=1&cookie=ID%3D5352e5687a4f9dec%3AT%3D1670895347%3AS%3DALNI_MaiMojpYkfrK4R-llEb7EhiJJi4QQ&cdm=earnme.club&gpic=UID%3D00000b919e7b5886%3AT%3D1670895347%3ART%3D1670895347%3AS%3DALNI_MZxEo0ut0FZCr6LOIaovYdl6Dut1A&abxe=1&dt=1670895348023&dlt=1670895345943&idt=1316&adxs=989&adys=1133&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fearnme.club%2F&loc=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&frm=20&vis=1&psz=326x0&msz=326x0&fws=4&ohw=326&ga_vid=921010836.1670895347&ga_sid=1670895347&ga_hid=400804358&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

6e8766436855251055afbe83d3ea0979c4e971c13f08206e82b2aa4886a7ee56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11062
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://earnme.club
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 881D 221 KB
61 KB 181ms
38ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 881D 14 KB
5 KB 291ms
149ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 881D 94 KB
28 KB 252ms
111ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 881D 5 KB
2 KB 287ms
146ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 881D 40 KB
13 KB 261ms
120ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
DATA 200
OK truncated
/ Frame 881D 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41f326f4fff488a231249089a394cdbd135829bc440114597fc8c48ce8172467

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1750 0
0 77ms
72ms Fetch
image/gif 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssVMQ9j7MXL0VAxhYfxTRHlxbnF4zJ1pA0JFD2fGjxZLyO8sSBWzQCyKKl5W-ocToIh78d7opARsggXxAfQNZKXZaCH28mQcMl06ZllMDQGPN3lDS_ZUu0nXFS-3vKOfEtU0K4JV4esAuwLbF6ohiPuMLtBpnDtJap1Y0u7qL-XDfzewrRCYNGFk7XXxSZJkLM_uyiN0jd0yQu-3-LFC2TTHeLDURdWtBTWh2zULd-CuAoDcQ0Q3gyGQB6z-P91P33TGh6EOWyqYcCA1rtEDdfYHNNJc3uQat6FMu7JSuqXCXgtjgLrpUjpjS4qNqe&sai=AMfl-YTKIWdYeuM9aernKgm5BKaqOvCtSATej4dL79TWMRTsWgVtl2_9ykFGf3MXUNqSJltL2wU93lrdnEqDswNGqulWgy8qDqz3fDt9_qsaIzgtHXCN_frotaOl62QwzA0tlgc0gdoEQQsQ0kPGoKzQSQ&sig=Cg0ArKJSzJQxqu_KVS-aEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 01:35:48 GMT

GET
H2 200 prebid.js Show response
excellence-prebid.sfo2.cdn.digitaloceanspaces.com/ Frame 1750 228 KB
229 KB 143ms
27ms Script
text/javascript 205.185.216.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://excellence-prebid.sfo2.cdn.digitaloceanspaces.com/prebid.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

0e0d5aaebcb9185499dabbc6f1e6979b963ba0a9e683603e0662e96302be9983

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
last-modified: Sun, 14 Aug 2022 17:57:51 GMT
x-amz-request-id: tx00000000000017c4a8244-006397d42c-42d93a25-sfo2a
etag: "b8c335a03c0847286b2f70d097c5a38a"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1670895348.dop234.am5.t,1670895348.cds278.am5.hn,1670895348.cds202.am5.c
content-type: text/javascript
cache-control: max-age=2888
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 233961

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1750 153 KB
47 KB 152ms
48ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:35:48 GMT

GET
H2 200 10349565065641385476
tpc.googlesyndication.com/simgad/ Frame 881D 7 KB
8 KB 161ms
37ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10349565065641385476?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlU7q3dIYLKvXq7KsbcAzjHtszArw

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

fffc1c7f462ed0f36a36a415c9b76563b464e4033f5e968ab1cca34b018cc8b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:32:38 GMT
x-content-type-options: nosniff
age: 345790
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7327
x-xss-protection: 0
last-modified: Thu, 13 Oct 2022 14:11:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 01:32:38 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 881D 2 KB
3 KB 165ms
41ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 57355
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 13 Dec 2022 09:39:53 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 881D 295 B
524 B 163ms
40ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:55:19 GMT
x-content-type-options: nosniff
server: cafe
age: 49229
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 13 Dec 2022 11:55:19 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 881D 0
0 95ms
95ms Image
text/html 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4iuI89aXY6yCHYaX9u8P8IOOoAjf6erpbfSQ3sP6EMvT-tSIOBABIL7M12pgleKQgqAHoAG2grqEA8gBAqkCrQpe2BqatD7gAgCoAwHIAwiqBPABT9DRWWMZkM0jXPRQlrffhT_VMVKWdK6T0BxjywyntkGlUE3i9US31RzzsATixJ8kmVIWD0piZNriYC0iGuAPyYwOIC-B-XF3gyFl4a0ikmub6z73Xku2AqHxHlF6Tkp4Wy8F1CfYEsgv-V6hxQNYEwk7QkDwXmRwxz3iCHG5OUWVSE1tZVr-5x3YOvD3OGE_bqvvdRUqIDzF62QWkwQi4Wk6iUsx4WmohkJt8EfP6d7Kb0-HyY8aVFKxPbCmGnnkPtN6Od9PXZw_p2HixgkinHBJ85lMKavy9wgpuduH3m7ttemDu9wSEG6IG-zPBulJwASu67j3mwTgBAGgBgKAB7L9xXuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCcpxfSCBEIgOGAcBABGB0yAusCOgKAQPIIG2FkeC1zdWJzeW4tNjIxNjUxOTk0MTQxMDkwMIAKA8gLAdgTA9AVAZgWAYAXAbIXHgocCAASFHB1Yi05OTU5NzMwNzU0MDM4MDI2GMbdbQ&sigh=T7lBNYieF1I&uach_m=[UACH]&cid=CAQSSwDq26N9zAdq9dvrH6a7WRuFjehPycwQxHLlWfzked8hQRC2yABcnhi0yvxkiD8UEx3BewoxDEi4SXEgJ9b6DulnQJyaeb6JbXd0CxgBIBM
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BD39 380 KB
129 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:38:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 12 Dec 2023 22:38:22 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame BD39 528 B
204 B 48ms
46ms XHR
application/json 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

75806cade29344f203ce389d3fd4f555a4af9d163d7494270d9f2386c557ad9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 179
x-xss-protection: 0
expires: Tue, 13 Dec 2022 01:35:48 GMT

GET
H3 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C729 380 KB
129 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 12 Dec 2023 22:04:20 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame C729 528 B
204 B 51ms
50ms XHR
application/json 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

75806cade29344f203ce389d3fd4f555a4af9d163d7494270d9f2386c557ad9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 179
x-xss-protection: 0
expires: Tue, 13 Dec 2022 01:35:48 GMT

GET
H3 200 container.html Show response
391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 71D1 6 KB
3 KB 123ms
46ms Document
text/html 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:47 GMT
expires: Wed, 13 Dec 2023 01:35:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C15A 6 KB
3 KB 104ms
44ms Document
text/html 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:47 GMT
expires: Wed, 13 Dec 2023 01:35:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 164ms
15ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 13 Dec 2022 01:35:48 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 445076
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 749F 424 KB
122 KB 27ms
26ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=jroovvefi&e=1582957865563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5710
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2s%2BBhjoROcFbvXCPRvZSaPEQtvrtwRWpfvCw1FyuUfOKH%2B26HUUUnQ9KsS7UadKTqFecayjRolk%2F6OdATuYPOeUsAibib9A88zq1WpM%2BxXfB%2BYEqH3Di75oPGS0tvn4MolU4CGHcbqyiI28%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af717cb239b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 97D6 424 KB
122 KB 26ms
25ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=cyupjnth&e=1582957865563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5710
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIpO4ExPEHnCoz1gf%2BoAxeI0uL6%2BvVQHopFzIu%2FrtvxiffGGFimGJJTcTUILSCQ6tB78NPdwEUnNbqJNfrrGAjFpSIOu0pD8A%2BeajmFb6XM2bji1qfQKH0hLtjOgv7ZO1aBFYXUqxB9RRVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af717eb509b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 3EE4 424 KB
122 KB 23ms
22ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=qlggoqc&e=1582957865563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5710
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FtqCU6fmea0wbcw0IXTL1LocYnpJxaudx%2B4WuHu%2FVdfEktR%2Bt2BjFI7eEA3ZdzFNI3RJyC5s52NFFMZkek%2Bbf9v3rPfJZ72kPne%2FOqvB4oBc%2B87guZLuQNH1D%2Fc7KA2l8gq0GAO7h%2B%2BBqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af717fb629b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame AD3A 424 KB
122 KB 29ms
22ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=djpdnvmk&e=1582957865563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5710
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1593XbeIk21Bop0n6Ian7LAvleSN3VUJJUJQR4lvksIqYL9MmlZIF75ti%2B2QKaHj4ZBFowgmK4%2Bca9TSJ%2BP%2B9zRIhCram2wbKwbQeQvSmNkrErs5rzWBQ9WvbRH8XPF3EWXkwHFccF0Ovaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af7181b799b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 5420 424 KB
122 KB 45ms
21ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ogtsap&e=1582957865563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5710
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6JR6br8TuJkxzpgyeCfXrH2ZeIvgx0GWxHiIePJh5m7ni4eroZ7KcBzEk5L9MG1%2Ba5g3OXwWohao7j%2Ba0BjXiHuCL14Qki9XF4qvlPoOVY6nS1P%2FNK6wBVGdOCQFxFfuD7QX7l3v2%2BVs6ZA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af7185bb89b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 5678 424 KB
122 KB 42ms
31ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=zophdtn&e=1582957865563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5710
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inOME7E7bBRVnx0PwgQdYgnsJibDmNN47oT2Ep25OQkbGBgNL8eXXeda%2BPs3HwyB7KS0VPJyQfqyZ6yd%2B4FKJ0%2Bped7P7qk962qqwccjUEgC2ynpeicb3IJOF7bcyg4FzbIs8fHlI9LbeTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af7185bc19b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 287E 424 KB
122 KB 36ms
22ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=bipodbdgfk&e=1582957865563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5710
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kogS6oLONhawiIX1T38FeQi9%2BGuqRbK6%2B3%2B7fcPR%2FDMBRzK5dV50%2F3Jz7sT%2FuI5axPEj8Z16exZ1hTmGkjuBrgQOZjWxwFh7rQ7r8n8xgk6Bm88C9rzP8P39mKAl42En0MZMHL8D5T%2B9onY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af718ac159b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 683E 424 KB
122 KB 53ms
45ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=yusjeyea&e=1582957865563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5710
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJ2OsH6yZc%2B5cHaO0Cp79aSpLQ8UZNc5b%2BQ82DVOMtY%2Fn0sO87rsyflCQdGlDplK%2F%2FfEMXWHM65St8ti7ruy7AIFO%2FFObj5Q%2FjkN4khjP6ERlVLmvMnxUa2rXGQ%2Bo9WqGRnGp0u1QFf8TLg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af718bc429b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 214C 424 KB
122 KB 51ms
46ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=okqaizdly&e=1582957865563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5710
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9yf85SLfRtzQ%2FEYaoQyj%2F5RATZ%2FYcSOtkoRzkxPPdMXslkoo7kXKu11lYswIDP6lCnfplvApH8a5k4X2TNJu%2B5R%2F1RZqmxcFf4OzTVLEvvXQqi1Bo4JhUCBDuEO5cA8GdkzxwpiM41PNyg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af718dcb49b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 3B76 424 KB
122 KB 37ms
21ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=zvkvgpe&e=1582957865563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5710
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CNupfxocMIavMG7XeqGVICMmvAoeFAwjgb8cYYK3JHmaybqBFh3bRb2QRAN6fkfKn1hXyMh8vBCJoQl0ZYRfuFQcCUr56SMlXIt5B0XzDfdH7NWsc4FxBUaOVjD6KTq35XUYO8G28Yh8yA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af7192d029b37-FRA

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
398 B 104ms
20ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a13b8edf519611379569011dc81fd20613ad68500e67f98f74ee0df28527aea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Tue, 13 Dec 2022 01:35:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 79ms
25ms Script
application/javascript 2606:4700::6810:5514

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 16878
x-jsd-version: master
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA, cache-yyz4527-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2zylgaShZ%2FSdj3NLrx6XKv%2FXM%2FOqq0%2FCT8hVzFX8zVkt7LDtLRSZI9TU%2BwIwSdQjAy%2BH5UFSTWwe54dw%2BQ91PgfWVd9PitjCsoXDe8rLLZR%2Bq%2B4PScRD%2BHLOnPcu5Gz3R0zttlC2P05rTP1HVk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 778af71b0bb7bba9-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 36ms
11ms Script
text/javascript 2606:4700:10::ac43:266a

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
server: cloudflare
x-amz-request-id: AS623DQBY0CG4WQ2
age: 1783
etag: W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 778af71adf669150-FRA
x-amz-id-2: opH3n6Ss4TlDtfyjukoygT4YC9ks6ezIdzU29iyaBzEnETZcFBMAM6rnMr/Jv2PsgS8/3mqoHZ4=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 384ms
11ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-9c1f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:35:49 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 32 KB
10 KB 27ms
6ms Script
text/javascript 13.225.78.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-128.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 06:30:00 GMT
content-encoding: gzip
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
last-modified: Mon, 21 Nov 2022 18:55:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 68749
x-amz-server-side-encryption: AES256
etag: W/"2c5f4a319c3d99310927955777b5abe3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: QTcHcxKK74OAYRIbzqSiLRwJe_rnmsydLU499NjYMtXRUmR1XU3adw==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 983 B
1 KB 144ms
8ms Script
text/javascript 2600:9000:21f3:5600:a:e047:752:5701

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5600:a:e047:752:5701 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5a098542163dc535e0e3c4ed1bca8fcc8a13f0b827027385af73b8d3db5fa38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:20:14 GMT
Via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
Last-Modified: Tue, 13 Dec 2022 01:20:08 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 936
ETag: "0e5a5daa4df15b9fd6c9195ac991749e"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 983
X-Amz-Cf-Id: bgNnjmQJ9VpOvdSxxzs6dtfEkJRPCOc1JHBBLkAVvzPBonq-rNCbmg==

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame DA65 221 KB
60 KB 236ms
111ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame DA65 14 KB
5 KB 290ms
165ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame DA65 94 KB
28 KB 176ms
51ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame DA65 5 KB
2 KB 349ms
225ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame DA65 40 KB
13 KB 303ms
179ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301846
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA65 2 KB
2 KB 248ms
121ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 57356
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 13 Dec 2022 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame DA65 295 B
319 B 237ms
110ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:55:19 GMT
x-content-type-options: nosniff
server: cafe
age: 49230
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 13 Dec 2022 11:55:19 GMT

GET
DATA 200
OK truncated
/ Frame DA65 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98ea084a18ea93b8bd06c9e6a41c1f3b7eba9fbe10db708f90832f37724090c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4895941329911483521
tpc.googlesyndication.com/simgad/ Frame DA65 17 KB
17 KB 232ms
111ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4895941329911483521?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmSrI4wR5hxhS8HUUhCQsF4S7kL9w

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

626ffdcc2575c9677dffeca4f410575e8ec91a71aab472d0bf9fef208099ff6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 00:23:01 GMT
x-content-type-options: nosniff
age: 263568
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17639
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 10:23:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Dec 2023 00:23:01 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DA65 0
0 197ms
48ms Image
text/html 2a00:1450:4001:811::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQft01Jp1s4avQthe1afE0LthmoiDdyjssxL7I6gb5YLaFUROFqIwduVLRcQAY6d7MMcY4QsDwvxGzGXg2sxsVVTMuEUg
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DA65 0
0 134ms
126ms Image
text/html 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CKVEV9NaXY6-LBoG49u8PqbaEKMXBqsVtnrT8-skQn9aDhtkPEAEghveGJmCV4pCCoAegAbG6p7sCyAEC4AIAqAMByAMIqgTrAU_Q-NngZDneKCWVEwegQ2mreBvLnUdNhCvRZdKP4JhPtIOvglAxvVxEA5VQGCkKbMoAYAypEMjjU3Y_cnL1mfOqWzOH6r1R648m8ZNfF1wNvXvWAOZs4OlDFY44BEASHT9Xngq894EcBfboaMmrtaUC_2TpI1dfuCYNLd5iSPWJDuy0a0jKiG2CdoPt7_YbjSSgoaUZ0Uj8vnwwhd-prAvMywUdDO28ExLLdZpO9aLV-bRjTwNIIwDrQRMu0uxqmE_qEDgCJdb1LXh0uZ2a48x8sznLaRkbeX2Q1qwbc4LBRHuG95k2LYYsEc_ABJnypvCcBOAEAaAGAoAHt8XYxAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCdzwjSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTA9AVAYAXAbIXHgocCAASFHB1Yi0xMDYyOTcyODYxNTUzMzAzGIHUHA&sigh=6qVkvSNIotc&uach_m=[UACH]&cid=CAQSOwDq26N9ke-reM0jv5jFZnLNS2rpQuGZYgJuDDA9Tb6C86jtPWVdHY3mvNyVk4hszhA2B7XVjIT_DhI6GAEgEw
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0987 380 KB
129 KB 97ms
96ms Script
text/javascript 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 12 Dec 2023 22:04:20 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 0987 528 B
204 B 99ms
97ms XHR
application/json 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

75806cade29344f203ce389d3fd4f555a4af9d163d7494270d9f2386c557ad9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 179
x-xss-protection: 0
expires: Tue, 13 Dec 2022 01:35:48 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame E958 424 KB
122 KB 26ms
26ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=injfbw&e=1582957865563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5710
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4P%2BMcn56g1%2BG0rIDme9iz1dej%2Fb%2F6bWgr5M6QcXh%2BgNaplusnk2zTkbGdtQkkHi1razK%2Fu3ucfkysq%2F2KCKwN2zPwovs3EzIcN0jHvV27%2F4%2FUZ3r8ZJQzL1K9pwqzuj%2B32VIPyeRk3Ch4QQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af71b1f539b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 8F79 424 KB
122 KB 93ms
26ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hrcralsp&e=1582957865563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5711
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xe%2B%2BmVal%2BMKJ%2B9LMKajQoNyNPl9TBAEbYnZFuDYN%2FCDWvjjavf4RyGs1W94obMOo1seL273K%2B%2FDoqCmxgLqF6eN9wBBXDNcA5hvGgRaDKqLXuIRNn7n3tjv3RwPEEefJNs9PTMvYgdzCWlk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af71baff39b37-FRA

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/4/ 25 KB
3 KB 491ms
125ms XHR
application/json 34.198.17.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/4/?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f&AV_VIDEOURL=https%3A%2F%2Fstreaming.playstream.media%2Fstorage%2Fvideos%2F3f6d200d-1300-419d-83cc-3bee8e741c83%2Findex.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&AV_CHANNELID=6278fd47e6b0901a49776895&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=4&pce=1&npx=1&AV_DETDOMAIN=earnme.club&AV_DADPOS=3&AV_TAG=62790805abc41c4450002684&AV_TEMPLATE=6278f4f0a7dd573d85421cad&d36=6.2.67&responsive=1&sver=3&avtoken=349076&omv=1.0.1&clsid=72444d05-23ea-4de7-a828-bcb5f888edd6&rando=77&AV_WIDTH=640&AV_HEIGHT=361&AV_DNT=0&cb=1670895349081&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.17.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-17-16.compute-1.amazonaws.com
Software: /
Resource Hash: ed9aa17d757c048868be6497330ebe3a3cb6210b5fb95de1eadf119a1ebb0b0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://earnme.club
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 01 Dec 2022 11:49:09 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 299ms
98ms Image
text/plain 35.172.123.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=earnme.club&sn=&ic=0&tgt=0&app=&wi=640&he=361&test=4&d36=6.2.67&apppkg=&fv=3&proto=https&clsid=72444d05-23ea-4de7-a828-bcb5f888edd6&rando=77&pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&e=inventory&vi=9&cb=1670895349079
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.123.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-123-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame E96D 424 KB
122 KB 188ms
19ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=wvgcabh&e=1582957865563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5711
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvM6lT3SJDZ36QL1OgHAZQXNWZx8Fd2ycxPiineLEc3JBu9bd77MRnH0dDIHWmTHqLe%2BJkiUOggO%2BzYTjaA0qKoS6OhzsqsDGFFPV7DyjrlChS1eMBJZ4E6ruLoUcU1YdSsn%2FMeWRf5mVFA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af71d09ce9b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 3BAE 424 KB
122 KB 226ms
58ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=prudmwjd&e=1582957865563
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5711
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNEHHxaOEVHWhnzOCIOL5FZ0dcFcJw0g10rQQuYaHcsf%2FCIvKm5HusGObZkgo13kjx2zDkv1LWkhBhgBHPMSQW3JGGU9FXNR77cRUg3AdMshXzwlB2dO5QWY2kaZg1jdqYBK7I1bKxUh%2F2c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af71d09cf9b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 9F1A 424 KB
122 KB 259ms
117ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rfgam&e=1011989061034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5711
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ptaPFfJbqLoodAp9FpJp8I2JkRHxzSGXf%2FgoWfEv5SeXuCCTw5Rbuc0KJbPF8BjFuB90Ep0tC7nEgK9J%2BTNVGImbR%2FfnzAfHBaE0qFsI%2BTCn784EC5JWYB92kYDJiZ2xWIp8eSoXJ%2BkPYUw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af71d19d19b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 407E 424 KB
122 KB 149ms
26ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=pxx&e=1011989061034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5711
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2FfLG0ixt%2Fck4EKp6DsOBjNETZZUvvwlZJI52Cj9R0Gyy50nCzTN4Q63H2fLgDDGFoXw1FxwKF82AnWKc08IsF836Wpr3FTjaiQzamD5bWGedXSialxHE%2FemZWtC%2BGGlW9j3Q5v8AFgsIZs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af71d19d29b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 1BBF 424 KB
122 KB 228ms
144ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=nyszpkpy&e=1011989061034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5711
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yW9oi92UXkkSXByGYbP5ui2gnd6HTnP5aS0HtdbrfJErbsvHHwwNQh4udpH1VOkasJ5jVdYqRBMtooFrtfoHi%2F%2BTh2LiGu7fMPhn4ngwzJDXcGsvdh9ysqPhRQRX5oR%2B4PcSIBM%2BX5km9Cc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af71d19d49b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 1F55 424 KB
122 KB 90ms
73ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=wfiayoaq&e=1011989061034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5711
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCy14RstywMOgGDQ4fmrLNbROkFh3jwbvG5I4R1SGtExC4HjOoiq3TGP7pl9o400BBdIU4A%2BRDKxQgci48aTUVP4f%2F%2F9zztt8pgio8qEuuva5mqDcXxfuEaebYAp8rxD9M7FP0VImD8dwZs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af71d19d59b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 02EC 424 KB
122 KB 119ms
86ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=nagevtxugi&e=1011989061034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5711
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6fkq9yte2WLH6Y2W23%2BSRmSjHpJysPAxiKhuPEzelwrjzX9k1tFDjlyxGeo3%2BAQ7eemi%2BHg6RpcBfVGmkXP9k6hgm9TPU5mX0mwVpQZhW22ABLzLCQ6pPc7QHB%2BrIWmczvywWzkTghxpvTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af71d7a379b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 8F56 424 KB
122 KB 109ms
89ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=zghiaia&e=1011989061034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5711
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zNURqLbo%2BkTYuqAYavn1wbwBjxgkygeCbxOpLX3XAbMJB8i2GhxGMGzOWZDRDFH2CfGJ0VMYwc9RHV7maizN3N1ii6T2%2BMLphpSDSB2CPTi%2B6QIwX4HKubEYR84u4xT1vmGlTYfmkUfeSM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af71d8a439b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame E1F0 424 KB
122 KB 101ms
47ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=epztovze&e=1011989061034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5711
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Z3lDTHo3%2FMgasus9JdE9mrtrtQ1flEXNd1rwu8NBQg2h5geFamoX012kEJ9dZk8FIGSYdiMzcaCd0T9p1PzUTtIehBo%2FAao9TZrZaZsoauisN9HKK799WW7X2Tdars6WD73iRdLm38Zp9A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af71dca8e9b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 89B2 424 KB
122 KB 82ms
46ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=eghxslsd&e=1011989061034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5711
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jk7SBOmc5kXr7cB4U4tUZrcydEQjodjXFz5YYrnbEfoCXuXH%2BcrCSqib4XXExlQ4Dv345zIm%2Bw7iTJFRIU7n%2BpAfY%2B1qKcBJ7gWc0dGBH3A1VR6G3FKfwOIqrFtKPruRPMt6ruGJyiHMGT4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af71deaac9b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 6F35 424 KB
122 KB 63ms
40ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hsqgdrxxr&e=1011989061034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5711
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGLbRa3xLIXiBgYGXzKnvR4t5N7f5Sb3wH9yKh08XTRCHiWTjm2O2mxnZ0tTfw39xn0xXbj85rbraTu1LdWyne6vELZQVIHl6c71P9kED8wS4U4cWAu0Vk3Ap%2FfYa8Ybq3XSqqj0m72eiG8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af71deaae9b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 055F 424 KB
122 KB 77ms
53ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hjxvjsovg&e=1011989061034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5711
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSUB17MO8uFlZm%2FJ5DUiWOEvjFdX2AOtwwX%2Fjp22Pb%2BC402jOCNSfVXEgzfDmPU6BUIOEFwwY%2BHroOca6%2BUSsLsG3I4uKS%2BGoa%2F%2FfbouOaGzJWSQlWjtfAn%2Fk7AokqfvZ%2FBi6x6jiR5XSPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af71e0acf9b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 6863 424 KB
122 KB 67ms
51ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=suqdsfso&e=1011989061034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5711
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZA2qYG%2FAIYadbIoI18yR7tXXfL1NXazI4Rm%2FKdHQcbsJbXu3iT89b9DljvhwacFkdJzNB4EjXBLlD%2FoNAlJYOhE4XoPfAGzOAp4FnJv60eda%2FWNJYVKV8eaFYmYBhQrWsZL7m8gvuiKnNI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af71e0ad79b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 46C6 424 KB
122 KB 65ms
54ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=affvapki&e=1011989061034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5711
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FJ8KYLRa%2FjO3NkREV2beR4NXJNGsodaC%2F4SbOMAcBROJvuQn700wy%2FWU2vwl%2BorPbv7UYvGOJSGjHC4ZM%2FxzrD35%2F0blP%2FTgFK4oF5Q%2Be%2BbzktKk7w4aeYRKmeYpw%2FDUZScHobEk4zBgzao%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af71e1ae79b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 6B92 424 KB
122 KB 53ms
45ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=yxdkoegzfc&e=1011989061034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5711
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kSS7SyNUil9G%2B4FKUb0OjsiVecHjfhcRYSi7zOuvvNVVGj1rIczkQxLnfKqRxsTgm%2FrByibI5mngn3Z%2BEVvKZsjTnPapK0wtxNWgQPhSBpUUShQwq2aaYx5sKSDUBbdYZQjuYvyCgwX6xo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af71e3af99b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame C88E 424 KB
122 KB 47ms
25ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=vpwyiix&e=1011989061034
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5711
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSZhe2zdo4gq2sVNDSuul42KJ897xFArJhihaOihLWMgbXAL1AC1o8fNKwy8QcYO%2BZZzZoOn4w2Qmr76EAgPXASnHf1WzMirJ6ndAsWdyXKKIM5hyoY%2FTgoLLYLmdx1RltrgSsgOGAifw2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af71e4b229b37-FRA

GET
H3 200 css2
fonts.googleapis.com/ Frame C15A 4 KB
636 B 153ms
68ms Stylesheet
text/css 2a00:1450:4001:806::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com
URL: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Dec 2022 01:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 00:56:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Dec 2022 01:35:49 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3EFE 8 KB
895 B 117ms
68ms Stylesheet
text/css 2a00:1450:4001:806::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Dec 2022 01:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 00:58:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Dec 2022 01:35:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3EFE 2 KB
765 B 42ms
40ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:12:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 22:12:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 3EFE 23 KB
9 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12606
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 22:05:43 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3EFE 3 KB
1 KB 47ms
44ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:38:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10644
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 22:38:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3EFE 18 KB
7 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:04:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12660
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 22:04:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3EFE 153 KB
47 KB 182ms
80ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:35:49 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 3EFE 34 KB
14 KB 185ms
70ms Script
text/javascript 2a00:1450:4001:80b::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 21:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 21:16:52 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame C15A 19 KB
8 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com
URL: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 01:47:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85673
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 01:47:56 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C15A 205 B
519 B 178ms
72ms Image
image/png 2a00:1450:4001:80b::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com
URL: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 21:21:03 GMT
x-content-type-options: nosniff
age: 15286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 12 Dec 2023 21:21:03 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C15A 604 B
694 B 180ms
74ms Image
image/png 2a00:1450:4001:80b::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com
URL: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 00:01:36 GMT
x-content-type-options: nosniff
age: 5653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 13 Dec 2023 00:01:36 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 71D1 0
0 93ms
77ms Fetch
text/html 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C72TY89aXY6-CHYaX9u8P8IOOoAjJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk5NTk3MzA3NTQwMzgwMjbIAQmpAhS5qsqwr7E-4AIAqAMBqgTjAU_Qtj7x_qJmDleVcDXH-IzvL09p7uGSHSm0O--gUoLYrmzAl_heH3MtYJDL7Pg_V59x6l8PM-91t0LYNP4nP-XC4hIVZ-nH0leoaTjkm1l0WknC7UOPhzX2nymXS5JwvKuY99EeTaogzTXHAZsS5ulBRMnZ1ikxdU-Rb5jhzJdCU9XaKbkEh0bNchwloNcUbwBxdCe0SCypiEbt0PNB51VgSBNeJkX7Mgcm_2P52X518FMK_Q2kfTd9l75tP0JB2CWJJq8czAKtIpQi75Pm5GRy1mh-nLTj_OXQJTi-sEPOUsya4AQBgAat-ZybyYjM1oUBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tNjIxNjUxOTk0MTQxMDkwMIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05OTU5NzMwNzU0MDM4MDI2GMbdbQ&sigh=zhmvq43ftok&uach_m=[UACH]&cid=CAQSSwDq26N9zAdq9dvrH6a7WRuFjehPycwQxHLlWfzked8hQRC2yABcnhi0yvxkiD8UEx3BewoxDEi4SXEgJ9b6DulnQJyaeb6JbXd0CxgBIBM
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 71D1 0
0 174ms
17ms Fetch 2a02:2638::2

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kJCTFLr5RO0HfJ2DYgICAAAA5CMF3E1PU90Q89aXY1wrenZHBNfIUheWABIAAA&wp=Y5fW8wAHQS8H_YuGAAOB8P_Z0IMEFwlQtVeF3w

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 168827
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C416 169 KB
53 KB 278ms
91ms Document
text/html 2a02:2638:1::4

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5fW8wAHQS8H_YuGAAOB8P_Z0IMEFwlQtVeF3w&u=%7CkVKMpfqrrqO5l%2FbnR5OmgG3MWLxYCB24O4kxTHv3EEQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUPBa3NAHE2R7UkHs8W9LKGFiupl-4WaKonQR4pdiGo3JXBYlZa4AYtUd1wTmSQyvbviztPjU4QbV854cLA2xRgCkr220cf-CSKypwbxskw8Ht1Ksbtl946sDSJb0h1LCon45MuynQpZ3DHtfmalmJl1cYLD8-MftS_n-QaOnwCu08G1Nc8NcprJKgrwcl8XPpMMBoIATxjYtw6JA0pqm92_rocdQ0TnJUV52wzGtkyxkQZLQdydZXJJHf_fQyzgd4WA6CHJDQOdORJd05nKDIGOaHLMQui9y5TylYFURvJlEpH6v0MjD3Ud99idZhtBDw5ggdUmsxlMdunHSVfk_6frT6dhPtyfDafEpWxweZfMYyD_GZh6XpENg7W_EPdRMah61cXXT_1ojdyvoiLzpypiYcPKJNC_lDmDaEBMvyAYypYfFNHhy83yme5hL1N0Jk5McPImnPEZrsXlm4mkVfhOzIIcA_bgcyskRWa24vrN1zD1gwroz0MbOrHprTOXthGGb37DAYXiIRKa-KaNBegHwnE4cx1ngN7lFInPX5UDb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0zEg89aXY6-CHYaX9u8P8IOOoAjJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk5NTk3MzA3NTQwMzgwMjbIAQmpAhS5qsqwr7E-4AIAqAMBqgTmAU_Qtj7x_qJmDleVcDXH-IzvL09p7uGSHSm0O--gUoLYrmzAl_heH3MtYJDL7Pg_V59x6l8PM-91t0LYNP4nP-XC4hIVZ-nH0leoaTjkm1l0WknC7UOPhzX2nymXS5JwvKuY99EeTaogzTXHAZsS5ulBRMnZ1ikxdU-Rb5jhzJdCU9XaKbkEh0bNchwloNcUbwBxdCe0SCypiEbt0PNB51VgSBNeJkX7Mgcm_2P52X518FMK_Q2kfTd9l75tPwBD-bcOqTMPc565gUQfSWvv8G7E3EZmHgArwUMimiaSqMZk1t8luEFs4AQBgAat-ZybyYjM1oUBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tNjIxNjUxOTk0MTQxMDkwMPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3R3HrpIie2PgC4jWFW367eFXvjQg%26client%3Dca-pub-9959730754038026%26adurl%3D

Requested by

Host: 391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com
URL: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

986969cc8d3e173e18654d278e5fa39f5fc5f50b0255fbbf0101948cbcc892bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=GFZJASo7rBllT9813EU5qazx94uATFHGlYSAiEGZubfhAavUH5y3PeDcUxXs4YotxNwL6VOKRgLsg8JxFZWu60ulryq6Rxjtu6iTOfy4zdOz7fQpkfgU8_BrbJ2MGCZIbvdxASJm58vnZmuVwAZc7xC6NTm7jatDp-4A7sTr9e7BZce4t79DXOvanDzrJUNTs-FI6I6c5Z42dxdibJWvHEUNLu9bgnQJoohsrFRylvtGmQEQQZ19pOQtPTTt8Yo_QbhRiw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 76740141
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 71D1 3 KB
1 KB 75ms
60ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com
URL: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:38:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10644
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 22:38:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 71D1 18 KB
7 KB 75ms
60ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com
URL: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:04:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12660
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 22:04:49 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 71D1 24 KB
6 KB 74ms
61ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com
URL: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 22:03:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 444732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Dec 2023 22:03:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71D1 153 KB
47 KB 128ms
56ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com
URL: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:35:49 GMT

POST
H/1.1 200 579.json Show response
id5-sync.com/g/v2/ 216 B
621 B 46ms
13ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/579.json

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

2055368b8e64b233718a245a08c57cf7b82e840e1ff43d080409c8653976b3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Tue, 13 Dec 2022 01:35:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C729 171 B
553 B 409ms
207ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:49 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://earnme.club
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C729 15 KB
8 KB 110ms
108ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b11fb3390dd84779c390403beddf6e6876425bcce453aa98242ea7fd3edbfa69

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:49 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 38c15f49-38f6-4a83-9546-65e7b56d5ff1
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame C729 18 B
308 B 30ms
28ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=29223579759&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame C729 2 KB
2 KB 473ms
79ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7c8580c16d9807817a6d7d90081748c9816ec6276c1f5ea2abcf97c4c7106c43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://earnme.club
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 / Show response
shb.richaudience.com/hb/ Frame C729 0
229 B 61ms
15ms XHR
text/html 23.88.17.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.88.17.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.186.17.88.23.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C729 171 B
558 B 348ms
150ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:49 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://earnme.club
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame C729 14 KB
8 KB 130ms
99ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F21671350435%2C22687820958%2F300x250-earnme.club_._2&tk_flint=pbjs_lite_v7.19.0&x_source.tid=e2396e21-1875-401f-8f89-378552a04400&l_pb_bid_id=1413ab1beef9049&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8416315242550014
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 85df9504e7dc142b5d46c8b9127ddab95a042cf508ab4a4a18468883307c87c3

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:49 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://earnme.club
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame C729 0
174 B 817ms
22ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Tue, 13 Dec 2022 01:35:50 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame BD39 2 KB
2 KB 453ms
81ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c1262cb4f447befae822d191cf0e36b5b641a2d5dcfee59688c121f735965b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://earnme.club
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BD39 15 KB
8 KB 193ms
104ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

036527084dcb7a704af7b3716dad5d1e8f0b483cd6daa26df4ffe3d361441f27

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:49 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ae1635b7-5fa9-4f1a-a425-38890d1295c1
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame BD39 18 B
308 B 43ms
24ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=20699598085&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 200 / Show response
shb.richaudience.com/hb/ Frame BD39 0
228 B 38ms
17ms XHR
text/html 23.88.17.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.88.17.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.186.17.88.23.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame BD39 0
173 B 805ms
22ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Tue, 13 Dec 2022 01:35:50 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame BD39 18 KB
5 KB 326ms
153ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0405181233ac0bd724082616cb86ca3b34290e654f2cd11af07f85d2bec7c28e

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:49 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://earnme.club
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame BD39 171 B
553 B 324ms
152ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:49 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://earnme.club
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame BD39 14 KB
8 KB 117ms
101ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F21671350435%2C22687820958%2F300x250-earnme.club&tk_flint=pbjs_lite_v7.19.0&x_source.tid=a8f9f4f1-5b8f-4ff3-8f6d-0ff6c28382fa&l_pb_bid_id=16011d32f2f391a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08506466455278883
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c45a643b541fbb82fb7499bf5a3f2c6a907b2c1cf038ec8d302aaa2d2945c83f

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:49 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://earnme.club
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
331 B 56ms
42ms XHR
application/json 3.248.128.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.128.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-128-187.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a0273bdcf46336e994148281c19a2c99f7ab08ccae22cf2b8d61671dc1cf4b21

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:49 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://earnme.club
cache-control: no-cache
x-server: 10.45.12.199
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 47 B
265 B 181ms
179ms XHR
application/json 52.27.31.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=earnme.club&url=https://earnme.club/nord-n1-from-oneplus/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ref=&_it=amazon&partner_id=405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.27.31.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-27-31-176.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 149a0e7165635abd17efa1f0d6fc8c6b3f1295da172b4615a4d8d24bb11b72b2

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: gzip
server: nginx/1.20.0
vary: Origin
content-type: application/json
access-control-allow-origin: https://earnme.club
cache-control: public,max-age=30
access-control-allow-credentials: true

GET
H2 200 publishertag.prebid.132.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 30ms
24ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.132.js

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:35:49 GMT

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 899ms
176ms Preflight
application/json 52.27.31.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=earnme.club&url=https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.27.31.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-27-31-176.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://earnme.club
cache-control: public,max-age=30
content-encoding: gzip
content-type: application/json
date: Tue, 13 Dec 2022 01:35:50 GMT
server: nginx/1.20.0
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ Frame 1750 0
155 B 90ms
52ms XHR
text/plain 52.29.128.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: excellence-prebid.sfo2.cdn.digitaloceanspaces.com
URL: https://excellence-prebid.sfo2.cdn.digitaloceanspaces.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.128.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-128-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Tue, 13 Dec 2022 01:35:49 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1750 14 KB
7 KB 178ms
151ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: excellence-prebid.sfo2.cdn.digitaloceanspaces.com
URL: https://excellence-prebid.sfo2.cdn.digitaloceanspaces.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

fb1eab644c1e5f56be6b72f8627552cb4042a79c5dad066f4929f06eb13ac6f9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:50 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9ead5892-c16d-420c-acd2-a1cab850dfb5
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/27fa6/1/earnme.club/ Frame 1750
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/27fa6/1/earnme.club/ROS?rnd=0.8860696076424621&e=300x250_0%3A300x250&ur=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&pbv=7.10.0&ncb=1&vs=F&crs=UTF-8&fr=htt...
https://pbjs.e-planning.net/hb/1/27fa6/1/earnme.club/ROS?ct=1&r=pbjs&rnd=0.8860696076424621&e=300x250_0%3A300x250&ur=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&pbv=7.10.0&ncb=1&vs=F&crs=UT...

63 B
381 B

21ms
20ms

XHR
application/json

185.172.90.252
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/27fa6/1/earnme.club/ROS?ct=1&r=pbjs&rnd=0.8860696076424621&e=300x250_0%3A300x250&ur=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&pbv=7.10.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Server: 185.172.90.252 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 728e8bc68a5df8ede38c1692c8851447d952f908d6f01dd6985ccd6921555058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

expires: Tue, 13 Dec 2022 01:35:52 GMT
date: Tue, 13 Dec 2022 01:35:52 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://earnme.club
content-type: application/json
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-length: 63
x-sid: AMS-937

Redirect headers

date: Tue, 13 Dec 2022 01:35:49 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://earnme.club
location: /hb/1/27fa6/1/earnme.club/ROS?ct=1&r=pbjs&rnd=0.8860696076424621&e=300x250_0%3A300x250&ur=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&pbv=7.10.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F
content-type: text/html; charset=iso-8859-1
access-control-allow-credentials: true
x-sid: AMS-937

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ Frame 1750 66 B
119 B 29ms
29ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: excellence-prebid.sfo2.cdn.digitaloceanspaces.com
URL: https://excellence-prebid.sfo2.cdn.digitaloceanspaces.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 3e1a8d623180e7115cd5c0f93ff66675fc06bcfb4379421c37c938a72fe71d75

Request headers

Referer: https://earnme.club/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Dec 2022 01:35:49 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-length: 66

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 13ms
13ms Preflight 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 600
age: 0
content-length: 0
date: Tue, 13 Dec 2022 01:35:49 GMT
server: ATS/9.1.10.25

GET
H2

403

/
ads.pubmatic.com/AdServer/js/pwt/157742/7600/ Frame 3911
Redirect Chain

https://ads.pubmatic.com/AdServer/js/pwt/157742/7600
https://ads.pubmatic.com/AdServer/js/pwt/157742/7600/

0
0

482ms
481ms

Script
text/html

88.221.168.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157742/7600/
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Server: 88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-168-201.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Redirect headers

location: https://ads.pubmatic.com/AdServer/js/pwt/157742/7600/
date: Tue, 13 Dec 2022 01:35:50 GMT
cache-control: max-age=32597
content-type: text/html; charset=iso-8859-1
server: Apache
content-length: 261
expires: Tue, 13 Dec 2022 10:39:07 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 107ms
105ms Image
text/plain 35.172.123.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=earnme.club&rs=earnme.club&sid=46118&t=1670895349&cip=185.213.155.176&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=4&d64=59a5a4f1c422226be410a3bbe0767e6c&d63=59a5a4f1c422226be410a3bbe0767e6c&aafaid=&proto=https&uid=1670895349005-915829858807-007682-011-003428&cha=0.7&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.67&cb=29087177909&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361&&ppid=62176a72a06fe80ba569d18f&nid=5e7b9048180bd02ded4b0937&pcid=6278fd47e6b0901a49776895&ncid=627a0e8f76eb182bd8758ee8&pasid=627a0ec5d3a48b4af3605f6c&e=request&cb=1670895350146&asid=6332ef55cd0fcf1ceb506cc4%2C62a9a29da987b3169d027596%2C6332ef0a396c5d5aa40539b5%2C63720057d528eb2645079ab5%2C62fcc8551f0d537b70642b47%2C62a9a26be8c62b7a753672a4%2C6295fa3e088d8a77b2698777%2C62a9a257b1f7be14705f5586%2C62a9a2daf85a765d16158238%2C62a9a3044f8b3f11bf3a5058&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.123.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-123-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
398 B 8ms
8ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a13b8edf519611379569011dc81fd20613ad68500e67f98f74ee0df28527aea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Tue, 13 Dec 2022 01:35:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
226 B 40ms
7ms XHR
application/json 2001:41d0:701:1000::2fb3

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::2fb3 , France, ASN (),
Reverse DNS
Software: /
Resource Hash: 0f0e8fe3b67f56133a2f96f8b220217cba739e9fb579611acc6b150cb981bd59

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Tue, 13 Dec 2022 01:35:50 GMT
content-length: 54
vary: Origin
content-type: application/json

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame C863 424 KB
122 KB 23ms
22ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=wvuylzvfqgo&e=1070536818601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5712
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODMNTyK70xhw4NgJyQN47TmjEwP%2Fvz58VW5oIyTGlpi6WvnfkXjTgh8IUolPbAl9CJo9gvUw8DEG8oXFKGPTGAVH7liaLucpQfUOY%2BPOSueuNou4sJhfoZSFrs9jEx7UXBysIVbBmOP9jmU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af724aa9a9b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame F999 424 KB
122 KB 23ms
22ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lghutttacn&e=1070536818601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5712
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=541Cy0yDuUFTxxuMSVPhU0vU43ml56cJs8tC6SUMkNvWA0n%2F%2BssaeO6jwXbgqZv8JRY%2FHesUTwSe2NGsR6Nzv0j74XJf2n7aFSKCqdtVQA%2FKa%2F1wHpPPS4x2egez1nj5FZxjpCwaq8Z%2Bd6M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af724faff9b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 0723 424 KB
122 KB 35ms
35ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=dumvrvp&e=1070536818601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5712
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLwcvdJsKyn81g%2BBkli0MqV62Q%2FurPOobF3zG5D6%2F6rFf5v0TDL2W0mFYvyub5fUPqW8aQ8z2NNfNyIBVeb4%2BTeoFKy1KWGCQPD%2FB8KFZuiO8GwBW52fyDlUefA2X5Tw4%2BPk4DgSN9iA8DQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af7253b3f9b37-FRA

GET
DATA 200
OK truncated
/ Frame 1750 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e9efa894bf4322b57bbe6f10980fa5c065fd2805d917c55ecc1cd17e6c6f11c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1750 0
0 76ms
75ms Fetch
image/gif 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRlT6HDa3Nvgd9JqZF52YKjIIUclrer28CPPD9zx8z71tUUY4VEeGbYCyp5Tovcf-_4IGAXyv7jZLZQGFF8oNlz4BDyaLTf8zR5qZKaV6vrwkcHLtTtYS9JatdMShfEYaz-5Ef0qgYzVHXTUCecL8FvNAyBQPGswFcTjN_T5ynJmAr3QEbeYx2Zzg_I-XJnKfqPF3LQk__2LeHXISS3dDj9_zx0J5Fhcysn9JPCt6pBoBPbua9lnlG6jRpzdUWe9nNnsLuMH8rD3O8RllXthScoJTmLvTKc84_QC2tppvzJID6AMMTSR6u2tnXLP2Oiuk&sai=AMfl-YRSjzu7BTNQiyd-fuCsbaxw2A_JTsuqOJvfG0qDmqcSNj35qg4EeMwRsZB7fo-ZMm8gND5RMHkjItIz36m3V7RLear1oDrQ63Dn_cG4DXmPsbYEotZNqtbEWdsLKwGtpSTwPTfZYEuhd0O0UNLlVw&sig=Cg0ArKJSzD7azSPjIUHvEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 01:35:50 GMT

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 1DD4 424 KB
122 KB 39ms
36ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=wfmup&e=1070536818601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5712
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KqbywHGQ6sxumD2aRq7el6RW4laNpzZL8lukL1cQ%2BmUUWfzxJ1g4kqejLJQzx6fCbUHPJrqcbIWSfkEocrw3%2BdphU%2FLNyCjye5iVJaIspHruLuS635y6Z9gNmDsZOlS342G6EdB%2B1Z%2BgW2g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af7260c2f9b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 0430 424 KB
122 KB 32ms
28ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=vsspcpnud&e=1070536818601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5712
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vsRLEPqlB4ykTDjE75JukyylXm1VJsHkVg9NqAUXXDACMKuvFQ23%2BdalmjdwviigQSUfcuRP%2Bvl97XnnPD4MWcq%2Fjh42aBhD4bpIg4w5RWGKurdHbglN8R9iEs2yt%2F6YnklI517ur1fEJP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af7262c499b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 95B9 424 KB
122 KB 26ms
25ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rnzvbshj&e=1070536818601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5712
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ss3VFjTKio9gKVYwIjRYzjwmaKSPijrv9veQ1tOz0arqzy2rCiPmO7S%2B2FkAW%2BzLe5a7hhgtHb8UddJ7NCd9zMothlFHX1gAYrX5KzQLAqkN65C2p%2FlcheiwuNsG0JTQqH%2B9L5jVsVEg0M4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af7263c699b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame ADE7 424 KB
122 KB 51ms
40ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=bkjnt&e=1070536818601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5712
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjDmcQdAzapF5J8n0E3mHz9jKkXKK2dH%2BTXTlSddty0YIXBPA5bUHCKHTqepdFS5gtQSvbVCuvB%2BIR%2F4HE4tGzPdEkMVUNWKsluaiVQaFEuHLJh9dXs3EjwEzONymWkKXbryOorIF6rqjGU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af7265c939b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 0B8D 424 KB
122 KB 34ms
27ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=givtwayo&e=1070536818601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5712
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fd8CjZbza6s%2BBlqHB%2Fh8Tep9spZ1qzr8Y%2BoPD%2B5F0nbWewFiChRVVwOfLXSzyCKuJYHSo4Dc%2FIWHmrF%2FOdUmAv74S6AFeL2lsLp5e6RS8yIoxqoiTxQJhgavRggsL3QHwGRJGbVUjy3oTzM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af7267ca79b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame C84F 424 KB
122 KB 23ms
22ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kdonne&e=1070536818601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5712
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFS3lWvHAukc%2B2Jm3gwZDw4MAgGHWwR4Y82GbzicJK%2BixXHtEZ89u12Hwj7X%2F7jVdXPwEV2h2D4vfYuLYHfNqkA%2FjUro7kDCaEIlNzIg%2F3RV9jQk2JHYBOb%2FXrc7Rpb5P6E%2BGi5rfs5pvF4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af7268cc99b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 4212 424 KB
122 KB 37ms
32ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xdelpmeap&e=1070536818601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5712
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgvxP8SvmEAwCrppnhPyoh74HoMzzKczFq6WqT1tcqBSJv617kFJp6Kx9U2YGAbfsmrrXSNQNmqlH1V9RN2MgrlOb8TQ%2FyKGe%2BFFIPWxrW4YlnQCzuIimY1MWcNHlcbMzLHLFHcoDfBfD6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af726acea9b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 9478 424 KB
122 KB 36ms
24ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ymlxdzvm&e=1070536818601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5712
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JgvomI7Y1rhUuriEYGyJd1BCupVQ0o%2B8A3P6tDNC4Pb5A%2BMYPrFFUdufdCTIA2NLTNb%2BtE%2BXE1QXaz6zcDLjMQqv7BMF4CWKDi1%2FcgK8D3kcaS58xkj4NaOnsM%2BxI0oPpxZsZ7FSjIUlkA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af726ed309b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame B8D1 424 KB
122 KB 30ms
25ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=eanxvgfq&e=1070536818601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5712
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCcH1oDg1nexnHWvhYhwaDfSJB5SvcC9FVcH1qe9yIFzGRApFflP6wwZ3PQBUiJ8UnKcRsy5UjtQIkJWbCn%2FdZdRk3Tpw8zzi6uPSGFT%2FOMvWBb0mPrvEc0fe6yh7HnCxe10IEggagY%2B%2FXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af726ed369b37-FRA

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame 71A2 424 KB
122 KB 21ms
20ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ewhmhzviq&e=1070536818601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5712
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lok%2FAT%2FhT1WxB36HQP1m0I2hq2ZPdndFvoSQZ2i9uxJSj21nq2mA7EsXzn6%2BwFJqF4aFBptRu65HDEv%2Byf0x6y313DhB6BuNWr4MwbgqkXEfBoPh2Vd67bT2aBNFjZMoFyNYAaGrSeb%2BnVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af7270d669b37-FRA

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 881D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

318ms
48ms

Image
text/html

2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Redirect headers

date: Tue, 13 Dec 2022 01:35:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 prebid7.19.0.js Show response
hb.adpone.com/ Frame C49D 424 KB
122 KB 22ms
20ms Script
application/javascript 2606:4700:20::681a:b19

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid7.19.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=aectnvwvvj&e=1070536818601
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BG3TD95MTCBXNJA5
age: 5712
x-amz-id-2: bfPC9wW4qZOdIKvdphVj9BZ3JpcHx2gqkrVZxuzRmQ5ZMGL29iC7A2ug1vmh+PRCvJjaWcsd268=
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
server: cloudflare
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lT%2B90qbIA4qdO4kTswzNabOylbxcl96V2T4u9kwwsdrksuozN1mZ1Jw4%2FDJeq%2BCKsNum%2BDwRVcS%2FJqBzLkCXPeB0j91pCVpAaJO0Dn%2ByhqQe56CW%2BHHQzklK0dAaOu1amUiCQE5OsxFegCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 778af7277ddc9b37-FRA

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C416 2 KB
1 KB 27ms
26ms Image
image/svg+xml 2a02:2638::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5fW8wAHQS8H_YuGAAOB8P_Z0IMEFwlQtVeF3w&u=%7CkVKMpfqrrqO5l%2FbnR5OmgG3MWLxYCB24O4kxTHv3EEQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUPBa3NAHE2R7UkHs8W9LKGFiupl-4WaKonQR4pdiGo3JXBYlZa4AYtUd1wTmSQyvbviztPjU4QbV854cLA2xRgCkr220cf-CSKypwbxskw8Ht1Ksbtl946sDSJb0h1LCon45MuynQpZ3DHtfmalmJl1cYLD8-MftS_n-QaOnwCu08G1Nc8NcprJKgrwcl8XPpMMBoIATxjYtw6JA0pqm92_rocdQ0TnJUV52wzGtkyxkQZLQdydZXJJHf_fQyzgd4WA6CHJDQOdORJd05nKDIGOaHLMQui9y5TylYFURvJlEpH6v0MjD3Ud99idZhtBDw5ggdUmsxlMdunHSVfk_6frT6dhPtyfDafEpWxweZfMYyD_GZh6XpENg7W_EPdRMah61cXXT_1ojdyvoiLzpypiYcPKJNC_lDmDaEBMvyAYypYfFNHhy83yme5hL1N0Jk5McPImnPEZrsXlm4mkVfhOzIIcA_bgcyskRWa24vrN1zD1gwroz0MbOrHprTOXthGGb37DAYXiIRKa-KaNBegHwnE4cx1ngN7lFInPX5UDb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0zEg89aXY6-CHYaX9u8P8IOOoAjJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk5NTk3MzA3NTQwMzgwMjbIAQmpAhS5qsqwr7E-4AIAqAMBqgTmAU_Qtj7x_qJmDleVcDXH-IzvL09p7uGSHSm0O--gUoLYrmzAl_heH3MtYJDL7Pg_V59x6l8PM-91t0LYNP4nP-XC4hIVZ-nH0leoaTjkm1l0WknC7UOPhzX2nymXS5JwvKuY99EeTaogzTXHAZsS5ulBRMnZ1ikxdU-Rb5jhzJdCU9XaKbkEh0bNchwloNcUbwBxdCe0SCypiEbt0PNB51VgSBNeJkX7Mgcm_2P52X518FMK_Q2kfTd9l75tPwBD-bcOqTMPc565gUQfSWvv8G7E3EZmHgArwUMimiaSqMZk1t8luEFs4AQBgAat-ZybyYjM1oUBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tNjIxNjUxOTk0MTQxMDkwMPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3R3HrpIie2PgC4jWFW367eFXvjQg%26client%3Dca-pub-9959730754038026%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Dec 2023 01:35:50 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame C416 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Dec 2023 01:35:50 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C416 308 B
636 B 53ms
16ms Image
image/svg+xml 2a02:2638::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 08 Dec 2023 01:35:51 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame C416 293 B
621 B 49ms
13ms Image
image/svg+xml 2a02:2638::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 08 Dec 2023 01:35:51 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame C416 43 B
348 B 165ms
19ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=jvcvuar2uIoBvFqd9vWAj5whaTrxRAJjzwThs3SoAzhA6ONwg3nIF-PnmfwbmqKhJh0myGWk4vO-hB5bdBEspVHCPKn1GHDIw1hMfQwl3cTnRh-W4bIfgWuY-SlOQuH1-cr89aXiq3TXDxDZ8hDEIUysjksOzUGJgXAkjmfMN2OTkvmzA_4LAPcTQP_WfErTG1WPUV1vd8fGFKLeVWoDc1aHQH7lVMMVMAY6mmTgKGkVdJWxtY77HNaeD2dEKpg0oR2tKCdm55O4jd7hw7DRlM_6ZKW1ras3xb83f44Ob9sLnl9hghcHo2xBSuSRbTdDKu_PmRLWo-WC_hxvhRt2NeYFgxUf0Rg-9I-i1xdaKoYrazlOvgD8KqEJ--LUpXbVm8L4LFYgI1jMRaHNkTFCTb0TTdAu67qvGlP2tL5J-JVGp0iu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3076477
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame C416 44 B
752 B 212ms
104ms Image
image/gif 2600:9000:21f3:d000:1e:a43d:b640:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1670895349
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5fW8wAHQS8H_YuGAAOB8P_Z0IMEFwlQtVeF3w&u=%7CkVKMpfqrrqO5l%2FbnR5OmgG3MWLxYCB24O4kxTHv3EEQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUPBa3NAHE2R7UkHs8W9LKGFiupl-4WaKonQR4pdiGo3JXBYlZa4AYtUd1wTmSQyvbviztPjU4QbV854cLA2xRgCkr220cf-CSKypwbxskw8Ht1Ksbtl946sDSJb0h1LCon45MuynQpZ3DHtfmalmJl1cYLD8-MftS_n-QaOnwCu08G1Nc8NcprJKgrwcl8XPpMMBoIATxjYtw6JA0pqm92_rocdQ0TnJUV52wzGtkyxkQZLQdydZXJJHf_fQyzgd4WA6CHJDQOdORJd05nKDIGOaHLMQui9y5TylYFURvJlEpH6v0MjD3Ud99idZhtBDw5ggdUmsxlMdunHSVfk_6frT6dhPtyfDafEpWxweZfMYyD_GZh6XpENg7W_EPdRMah61cXXT_1ojdyvoiLzpypiYcPKJNC_lDmDaEBMvyAYypYfFNHhy83yme5hL1N0Jk5McPImnPEZrsXlm4mkVfhOzIIcA_bgcyskRWa24vrN1zD1gwroz0MbOrHprTOXthGGb37DAYXiIRKa-KaNBegHwnE4cx1ngN7lFInPX5UDb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC0zEg89aXY6-CHYaX9u8P8IOOoAjJntKxXJWil_dwwI23ARABIABgleKQgqAHggEXY2EtcHViLTk5NTk3MzA3NTQwMzgwMjbIAQmpAhS5qsqwr7E-4AIAqAMBqgTmAU_Qtj7x_qJmDleVcDXH-IzvL09p7uGSHSm0O--gUoLYrmzAl_heH3MtYJDL7Pg_V59x6l8PM-91t0LYNP4nP-XC4hIVZ-nH0leoaTjkm1l0WknC7UOPhzX2nymXS5JwvKuY99EeTaogzTXHAZsS5ulBRMnZ1ikxdU-Rb5jhzJdCU9XaKbkEh0bNchwloNcUbwBxdCe0SCypiEbt0PNB51VgSBNeJkX7Mgcm_2P52X518FMK_Q2kfTd9l75tPwBD-bcOqTMPc565gUQfSWvv8G7E3EZmHgArwUMimiaSqMZk1t8luEFs4AQBgAat-ZybyYjM1oUBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tNjIxNjUxOTk0MTQxMDkwMPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3R3HrpIie2PgC4jWFW367eFXvjQg%26client%3Dca-pub-9959730754038026%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d000:1e:a43d:b640:93a1 , United States, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: 2qz5YDLf-5UuM1rGuWJBcVeVldBxOinU_2qoz_6Xqc4QojOfMLa5GQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 749F 20 KB
5 KB 137ms
137ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 595a994c260bc388dd81231b53822c3d6d92463ddfae78b10a934cfc840bf89b

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 749F 14 KB
8 KB 121ms
121ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895348445&tk_flint=pbjs_lite_v7.19.0&x_source.tid=6d684cd5-33f7-4c53-a37a-f2ecc14aebee&l_pb_bid_id=443de3f826c938&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.03065872309411377
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 903653707837ed15026ef3831cd45fddb044406c391557450dab3d749da96fd5

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 749F 171 B
556 B 153ms
153ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 749F 0
176 B 17ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 749F 18 B
311 B 30ms
29ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=98841178105&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 749F 13 KB
7 KB 198ms
198ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

75d59506933dcfd4d156ddc502a7bf3e3ba86e0b2dd95a95e0bca2169771a516

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:51 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 043ece5f-0c4b-46b3-8018-55c8bc0bbf07
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 749F 2 KB
2 KB 99ms
99ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c8d9f0f7d98a471bcd204d54ecc8ff64bbee76e1190df4147de27b4f3c461866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame BD39 107 B
122 B 135ms
48ms Script
application/javascript 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame BD39 107 B
122 B 132ms
45ms Script
application/javascript 2a00:1450:4001:829::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BD39 44 KB
11 KB 542ms
542ms XHR
text/plain 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2464667968466042&correlator=2897094772040361&eid=31070873%2C31071221&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=21671350435%3A22687820958%2C300x250-earnme.club&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1124019640&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3D393e6bf26a0879b2%3AT%3D1670895347%3AS%3DALNI_MZo-reMYhKLetGy7x4I5mqKkJgUUw&gpic=UID%3D00000b919e78a167%3AT%3D1670895347%3ART%3D1670895347%3AS%3DALNI_Mb6OGdTS9JOKkg3mMopq3Cqhb1PmA&abxe=1&dt=1670895351101&lmt=1670895351&dlt=1670895347045&idt=2836&adxs=474&adys=1858&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=o2959gczjv8d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ref=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&top=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=921010836.1670895347&ga_sid=1670895351&ga_hid=2137528651&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpNn-yNAwSABSAghkEhkKCnB1YmNpZC5vcmcYpNn-yNAwSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKTZ_sjQMEgAUgIIZBIZCgp1aWRhcGkuY29tGKTZ_sjQMEgAUgIIZBIbCgxpZDUtc3luYy5jb20YpNn-yNAwSABSAghk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

9375b153f4117aeb9ffb848b9fb63277572d6fc4451f47ae3d3e9465c22c8609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10951
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://earnme.club
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BD39 14 KB
11 KB 290ms
61ms XHR
application/json 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

66fb70a86d6d88f2de317d3447b2e7420bef90a5ac2d8405233669e162dae0b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11193
x-xss-protection: 0

GET
H2 200 container.html
584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 00EA 6 KB
0 87ms
48ms Document
text/html 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:51 GMT
expires: Wed, 13 Dec 2023 01:35:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 97D6 18 B
311 B 43ms
42ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=90471014255&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 97D6 0
176 B 17ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 97D6 2 KB
2 KB 73ms
72ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a018287ded66de503d4d746e072acd83fbb24963816046326c4a00a41c03cda6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 97D6 14 KB
8 KB 112ms
111ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895348463&tk_flint=pbjs_lite_v7.19.0&x_source.tid=ecc1faa1-f1f0-4966-9595-da9f3490fe2b&l_pb_bid_id=8b0a91f5e0ff29&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7322810491715621
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d8d220548b8575be7cdd5b469e3d51d701874704a891cedf6f9471764fbf6999

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 97D6 171 B
556 B 123ms
123ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 97D6 14 KB
7 KB 138ms
138ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5748300a1a20162862baa6ec1803ccf95863004a87346638cc32e7d49a63e6f0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:51 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: fb01b67f-53b3-41ca-8275-5ee7ed24b2f1
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 97D6 171 B
556 B 262ms
260ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame C729 107 B
122 B 62ms
58ms Script
application/javascript 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame C729 107 B
122 B 57ms
53ms Script
application/javascript 2a00:1450:4001:829::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C729 44 KB
11 KB 423ms
422ms XHR
text/plain 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4478114197515087&correlator=620505196776217&eid=31071091%2C44752585&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=21671350435%3A22687820958%2C300x250-earnme.club_._2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=3371645434&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3D393e6bf26a0879b2%3AT%3D1670895347%3AS%3DALNI_MZo-reMYhKLetGy7x4I5mqKkJgUUw&gpic=UID%3D00000b919e78a167%3AT%3D1670895347%3ART%3D1670895347%3AS%3DALNI_Mb6OGdTS9JOKkg3mMopq3Cqhb1PmA&abxe=1&dt=1670895351197&lmt=1670895351&dlt=1670895347139&idt=2943&adxs=474&adys=2379&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=qw7k63vmzw4r&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ref=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&top=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=921010836.1670895347&ga_sid=1670895351&ga_hid=278438215&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpNn-yNAwSABSAghkEhkKCnB1YmNpZC5vcmcYpNn-yNAwSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKTZ_sjQMEgAUgIIZBIZCgp1aWRhcGkuY29tGKTZ_sjQMEgAUgIIZBIbCgxpZDUtc3luYy5jb20YpNn-yNAwSABSAghk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

91ed9706907dd25ff036539c5df3fdf6fc0190bba9eaaeceed57992110f4c3c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10959
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://earnme.club
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C729 14 KB
11 KB 202ms
72ms XHR
application/json 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

712b9147ac0748ddedd6fd415dcce38bc8ed11f495e76fed7f4e4ace980c5d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11144
x-xss-protection: 0

GET
H2 200 container.html
1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 136D 6 KB
0 86ms
49ms Document
text/html 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:51 GMT
expires: Wed, 13 Dec 2023 01:35:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 3EE4 14 KB
8 KB 107ms
106ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895348476&tk_flint=pbjs_lite_v7.19.0&x_source.tid=83f2638c-29b4-42ee-97d3-b33b853dc4e9&l_pb_bid_id=2d25f0bdb8a2aa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.18174220379905348
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 394068f5e218e5f287595a35bc41708b3ab1134ba2c421a8001d274d3f955d09

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 3EE4 2 KB
2 KB 96ms
96ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d09abe119916e9ca866d8bae759927ebab3cd86959626758c8fcac93bcc492a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 3EE4 18 KB
5 KB 131ms
131ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0d1a0bb4e7a4f6026da5844bc9ddc05981a97f623d73586f9e6a33499cba8f54

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 3EE4 0
176 B 18ms
18ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 3EE4 20 KB
5 KB 144ms
144ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 678e42ab0faf94e02c69cbc5193be41c897c06dbd908e835daafcf421cf5aee7

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 3EE4 18 B
311 B 28ms
28ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=93721420715&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3EE4 13 KB
7 KB 146ms
146ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

9355cba35d523ae53a25613b5cb53850951b2876a269b17fa39660f3da3c3c6a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:51 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5ea6a8a9-c2c1-4a24-9b91-0fcb32e1a516
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame AD3A 18 KB
5 KB 143ms
143ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: b0f3162b5a3b8ec1addc713f585fbbf034c50f4d31817d0173ad1ab1de2d8597

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame AD3A 18 B
311 B 31ms
30ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=52395582106&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame AD3A 0
176 B 17ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame AD3A 2 KB
2 KB 79ms
79ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4b157837db317d87bc5ef16c476f9106141978d6ac8552c185ad00c06b01ec16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame AD3A 171 B
556 B 172ms
131ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame AD3A 14 KB
8 KB 119ms
119ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895348487&tk_flint=pbjs_lite_v7.19.0&x_source.tid=f8f5616e-3b9b-4db1-8f74-9a2446639cac&l_pb_bid_id=129aec6497cb82d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7627343350478182
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 75cb7ac240f4db34c15123825e934f494f212d5134efbeba40ceeb7bb3a32c9e

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame AD3A 12 KB
6 KB 145ms
145ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0f79f8fcbe99c7b5f8d0672cc775f07a06fc47c7288fb23e846b99a1353bccd4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:51 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9ef9cf4d-57e7-4930-adaa-d53d46815cc6
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0987 14 KB
8 KB 115ms
114ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F21671350435%2C22687820958%2F300x250-earnme.club_._3&tk_flint=pbjs_lite_v7.19.0&x_source.tid=7a0805b8-c032-487c-981a-2c9628a9df94&l_pb_bid_id=270beb97925a34&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1698952109486047
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e1e8f8ad1620e720acffca7e8388ce92ed23dd3c844eb09390e990d2602f23c3

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://earnme.club
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 / Show response
shb.richaudience.com/hb/ Frame 0987 0
228 B 17ms
16ms XHR
text/html 23.88.17.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.88.17.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.186.17.88.23.clients.your-server.de
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
server: nginx/1.14.1
vary: Accept-Encoding, Accept-Encoding
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0987 20 KB
5 KB 215ms
165ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 053dd208d4eed71dbc02a4cd5d32809128cac7bcfa529f93ad744e0210bef039

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://earnme.club
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 0987 0
173 B 17ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Tue, 13 Dec 2022 01:35:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 0987 2 KB
2 KB 84ms
79ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

152cb24b4baa79408ab153e3f337e679af78ec38d58ba96988cb957e04e40080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://earnme.club
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 0987 18 B
308 B 41ms
37ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=50428262003&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0987 171 B
553 B 240ms
165ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://earnme.club
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0987 13 KB
6 KB 112ms
110ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

182557f9ddf7626e09671fb69899b474b991cdd0e69f1595b883e4c3d95efeed

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:51 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: be4c3010-3cbc-418f-b710-bf2e2ed599f2
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5420 15 KB
8 KB 196ms
196ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

52bf9563629b34c6b4ebae67b1354ee65292b1eef0b209266c53dfeade20f950

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:51 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f836225e-9353-4c3e-b473-791ea28603b8
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 5420 12 KB
5 KB 111ms
110ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895348512&tk_flint=pbjs_lite_v7.19.0&x_source.tid=c428557f-18e9-4c4b-9903-0f770e5762df&l_pb_bid_id=4be2b526cb3545&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.0002118048727961508
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e72021ebf668fe328d644491ccff40f65d70f80a8aa4b627d7d82a98fb3982e5

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 5420 171 B
556 B 152ms
150ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 5420 18 KB
5 KB 143ms
140ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e9e70f7c98a765266ac4aa357bf1303b2d8377753d4559a02e8ec6f08efb06c9

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 5420 2 KB
2 KB 81ms
76ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c06b23b9341bde1c8f4e496140d30404cbba9a58e979451662b3db86ffb49231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5420 0
176 B 24ms
19ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 5420 18 B
311 B 33ms
29ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=11642202462&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 5678 15 KB
8 KB 117ms
108ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895348527&tk_flint=pbjs_lite_v7.19.0&x_source.tid=7b79ac2c-f25f-4b95-b545-7f9b73332b9b&l_pb_bid_id=2325e0da2e902f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8067314183794072
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3506fab7770f698c57c034b0b2cb7fc53d440fb7d1e15c345d6aee22dfb42fa7

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 5678 20 KB
5 KB 172ms
166ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: f162bdd9ad62b96e19bcb2c5ea7398d3e618bbc3fce45627f16dada9d3f0be7b

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5678 12 KB
6 KB 172ms
166ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d0ec919c36caa397f3efeaf0254f2d7438568779796b6163b8ccb04f0cc9782e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:51 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 92359155-294f-4acc-aa0b-eff407fb1c41
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 5678 18 KB
5 KB 198ms
182ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 5c77c820b85441cd56655e624ca6d3777bdfb34a201fe232438806fc44f37333

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5678 0
176 B 27ms
21ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 5678 18 B
311 B 31ms
29ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=83207697744&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 5678 2 KB
2 KB 81ms
79ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

20f16774788b5878620fcecf2c5cfa520474b325fd945eff7ddc4bd76f619ca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 405 Show response
a.ad.gt/api/v1/u/matches/ 11 KB
4 KB 588ms
179ms Script
application/javascript 44.240.137.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/405?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ref=&_it=amazon&partner_id=405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.137.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-137-201.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: b1fcf104efc81908e79e8ddaac6cc139af80faf16598d18b836db81f1b2af063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.20.0
content-type: application/javascript

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 287E 171 B
556 B 207ms
152ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 287E 2 KB
2 KB 81ms
80ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2762809cfa254110ac667f86d0adf3308877b7cfd9e0d31a8afe3e0957173f71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 287E 18 KB
5 KB 258ms
164ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 2cafcd865ad1a8308d6dc7cb663f5428c88b4a33a799e0f0bf253faf3ee3dff1

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 287E 18 B
311 B 31ms
20ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=40216753503&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 287E 0
176 B 41ms
4ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 287E 14 KB
7 KB 137ms
130ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

bfa0e896ced23d361435d2a446729aca52f205f405853b53f9f8cff0f8e448bd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:51 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8c749292-c29f-4c7b-bf66-69d0ecf7ed0a
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 287E 12 KB
5 KB 160ms
116ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895348572&tk_flint=pbjs_lite_v7.19.0&x_source.tid=fec1b57e-b16e-4968-b1bc-a30be75a82de&l_pb_bid_id=146199a164a885e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.11725391140779617
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 27fb80cd79de05902f2efd1216c91b611226f98725085423f24e75034a2c24f1

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 214C 18 B
311 B 67ms
31ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=35762516524&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 214C 20 KB
5 KB 232ms
148ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 359e4583761dfe7e4ded51e2f912667b81145c3e0ef4bb73e2d2a444aa15b316

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 214C 0
176 B 51ms
13ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 214C 12 KB
6 KB 153ms
139ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

9cfda2f6f4edf87d89727ed1c8d1e89e4a9a40d506de371127b51173d7be261e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:51 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7ea7f95c-3867-4fbc-a040-b42772cac8ad
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 214C 2 KB
2 KB 102ms
74ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f33f8daf4b3e2e2d5b3f249104e1c05cc91fdce04e2bcf14198fcb1b1ced9e77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 214C 14 KB
8 KB 114ms
86ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895348612&tk_flint=pbjs_lite_v7.19.0&x_source.tid=59624a9b-402b-46b1-9ff3-26fff2ad1bbc&l_pb_bid_id=1243a53b9ce4ad&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.38362902128920795
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6e10b9889e26af79e375d18be98ea02b1d24d6aa92dcd74be98490b6023ad4f5

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 683E 2 KB
2 KB 99ms
85ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7b9efe087baebe03dcb22b04584570c9b193267cd6ce36324b612b5370b4583f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 683E 12 KB
6 KB 244ms
190ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

184189149a146fdaadf3a0d6138bdbfe53acfbe4312e1ed512d61c236e12ca7b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:51 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f1e7dee7-db2d-4d9e-a737-0f8332493ec6
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 683E 0
176 B 26ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:51 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 683E 18 KB
5 KB 218ms
162ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 2e5656c424c1d3bda33799fb13b6d84ede357a4492c26e2ccacd6100264cc3f0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:50 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 683E 171 B
561 B 328ms
214ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 683E 14 KB
8 KB 117ms
107ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895348588&tk_flint=pbjs_lite_v7.19.0&x_source.tid=230c9f02-1c2a-4917-ae30-564d581e8827&l_pb_bid_id=12b7943c049e7a8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.37520573068666074
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 055feda340d23bc33d9e7c0c2ddb60f967a5c98d35c84922a17691c2781f558e

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 683E 18 B
311 B 33ms
26ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=28900383001&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0987 107 B
122 B 62ms
51ms Script
application/javascript 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0987 107 B
122 B 64ms
52ms Script
application/javascript 2a00:1450:4001:829::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0987 44 KB
11 KB 298ms
292ms XHR
text/plain 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=707367829888826&correlator=2595263629488667&eid=31068366&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=21671350435%3A22687820958%2C300x250-earnme.club_._3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=941951635&sfv=1-0-40&fsfs=1&eri=1&sc=1&cookie=ID%3D393e6bf26a0879b2%3AT%3D1670895347%3AS%3DALNI_MZo-reMYhKLetGy7x4I5mqKkJgUUw&gpic=UID%3D00000b919e78a167%3AT%3D1670895347%3ART%3D1670895347%3AS%3DALNI_Mb6OGdTS9JOKkg3mMopq3Cqhb1PmA&abxe=1&dt=1670895351692&lmt=1670895351&dlt=1670895347885&idt=3770&adxs=989&adys=2677&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=wbtao72ffsfa&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ref=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&top=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=921010836.1670895347&ga_sid=1670895352&ga_hid=1585832994&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpNn-yNAwSABSAghkEhkKCnB1YmNpZC5vcmcYpNn-yNAwSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKTZ_sjQMEgAUgIIZBIZCgp1aWRhcGkuY29tGKTZ_sjQMEgAUgIIZBIbCgxpZDUtc3luYy5jb20YpNn-yNAwSABSAghk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

f253a7f880df1f56203514aa5070d0d92fd18b0f27e5af07761c09681ace70d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10953
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://earnme.club
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0987 14 KB
11 KB 138ms
52ms XHR
application/json 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

01ea084e6331eeab698bce5e786b1407c2daf1541a439630bd98f209d92f6ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11104
x-xss-protection: 0

GET
H2 200 container.html
1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 841F 6 KB
0 93ms
44ms Document
text/html 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:51 GMT
expires: Wed, 13 Dec 2023 01:35:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.m3u8 Show response
streaming.playstream.media/storage/videos/3f6d200d-1300-419d-83cc-3bee8e741c83/ 111 B
715 B 83ms
8ms XHR
application/vnd.apple.mpegurl 2400:52e0:1e00::723:1

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.playstream.media/storage/videos/3f6d200d-1300-419d-83cc-3bee8e741c83/index.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Slovenia, ASN (),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 876e08424399d6fbddf9f85c8b725c60c0bc04e833f7a9694170d1d54c2f7f2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Tue, 13 Dec 2022 01:35:51 GMT
cdn-edgestorageid: 860
cdn-cachedat: 11/15/2022 10:25:39
cdn-pullzone: 1024237
content-length: 111
last-modified: Tue, 29 Mar 2022 11:25:44 GMT
server: BunnyCDN-DE1-723
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "6242ecb8-6f"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: b427d200a65e67f038245847aeac4139
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 3B76 18 B
311 B 30ms
30ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=7544446918&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 3B76 20 KB
5 KB 130ms
130ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 08b694831dfbd59c5e7e5333b84216074e358d0dcefc9f9a4b837c78889e9171

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 3B76 0
176 B 55ms
53ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 3B76 2 KB
2 KB 86ms
82ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

24b518df7ee9114f41b2394027ed7a983b1b8e27811bb1b00d37d610d09e6915

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3B76 21 KB
12 KB 148ms
146ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

78c14d21814273b4a2b6cfde05d11756e4e95066e80600ffc565422079430444

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b51c1f1d-c001-4d9e-8510-e424ff3f636f
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 3B76 14 KB
8 KB 103ms
101ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895348647&tk_flint=pbjs_lite_v7.19.0&x_source.tid=10b8b855-3c53-4af1-a1e1-11ce9e247b9a&l_pb_bid_id=121b23bf8afe287&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6695895954505233
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fbff32993cb6e6137115c4faf797b618accc19a0bf5c5ab47757714e93c24b15

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BD39 17 KB
6 KB 140ms
140ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:35:52 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C729 17 KB
6 KB 146ms
145ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:35:52 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame DA65
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

46ms
46ms

Image
text/html

2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H3
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Redirect headers

date: Tue, 13 Dec 2022 01:35:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0C00 6 KB
3 KB 38ms
37ms Document
text/html 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:51 GMT
expires: Wed, 13 Dec 2023 01:35:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame E958 0
176 B 18ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E958 20 KB
5 KB 139ms
138ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: c9e866221faec009b99517d7f0cadbe0ea66320a6e188b09c0db5993994e2654

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame E958 18 B
311 B 28ms
27ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=40624764864&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E958 14 KB
8 KB 116ms
115ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895348973&tk_flint=pbjs_lite_v7.19.0&x_source.tid=b4f2fca2-d1f4-4a55-998f-84ea80be354b&l_pb_bid_id=843a3f67753938&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.416117728370875
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2778d45e1654ad19d4f64a28831b9927ac4b80fd976a73618cc087bc01038a21

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame E958 2 KB
2 KB 89ms
88ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6ce9130018b96dd3bc48428e0c510fe94687f7d4be1e1fd3a3c3c081d99bed88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E958 12 KB
6 KB 155ms
152ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

175798a2d48407b1b4cb0e19d29866ea13da05c0af2495b7aa246f6f8415f1a5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1f292b90-d043-45a5-a327-9e6447d2ce0e
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 container.html Show response
584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4495 6 KB
3 KB 39ms
38ms Document
text/html 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:51 GMT
expires: Wed, 13 Dec 2023 01:35:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1750 42 B
64 B 85ms
84ms Fetch
image/gif 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsse0N-0U3ivQZ2ercH_LBe92MB2Ox-PCWpuBT13Xlx0Udfv8QVDosH47CSL9mjwPj2pnTzOujU2GNx46GQVKhByt_ssDSjy4MQm9dft5KWFELq2QjHx&sig=Cg0ArKJSzHSo7Ky3wQfeEAE&id=lidar2&mcvt=1544&p=320,989,570,1289&mtos=1544,1544,1544,1544,1544&tos=1544,0,0,0,0&v=20221207&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=174271566&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670895348128&rpt=2568&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8F79 12 KB
6 KB 159ms
158ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

eb5e8b5c5d79c826297ee243a45577ae97c5e193d33ca939c1c090a937a31546

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 654632a6-3233-4892-92e8-6a30059856c2
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 8F79 12 KB
5 KB 109ms
109ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895349000&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2e2f376f-6818-4ec8-882c-107f128e5e8c&l_pb_bid_id=413a433377b9a8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5920070642724347
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 47cd52aa6620392ba8639105b8c0c892401c40dc01f3f7a6011f43acb718419a

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 8F79 0
407 B 88ms
86ms XHR
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 8F79 18 B
311 B 35ms
33ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=20304873242&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 8F79 20 KB
5 KB 145ms
143ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: a6ed3dc4563151e931c27165c45d2c83e21beef19225b217a46fdb7f974e8152

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 8F79 0
176 B 22ms
22ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 407E 2 KB
2 KB 80ms
58ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

773e57076bc8fd1f70c8f9e3de695d173793010cad381547a38dc0118871e872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 407E 0
176 B 39ms
8ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 407E 18 KB
5 KB 189ms
169ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: f02f628d2897fe82fca95a02934a82b987052a36ca735dd1004fe5ec9c8befc8

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 407E 15 KB
8 KB 150ms
132ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

469c619367d6ee598cd43ce6569599da2c09135582ae5211abfc510f31080336

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ea35008b-c97a-451d-9dc6-3311c6615837
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 407E 14 KB
8 KB 115ms
94ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895349167&tk_flint=pbjs_lite_v7.19.0&x_source.tid=4d91694e-665a-4ea9-90bc-9a3e79f7706f&l_pb_bid_id=1003d08dd90e094&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9103623088395294
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e6b4c0d79f864a0d5e28178afb2e6318b2663a6258f9e5b52b19ba6b20f17475

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 407E 18 B
311 B 53ms
33ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=16356262282&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 407E 20 KB
5 KB 143ms
129ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: d2cbd06b121b6f1a157e54eb8d86458b22ad7e560a319ec558ea39ab6d0ddede

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E96D 12 KB
6 KB 211ms
198ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6fa7db9a13ce8483641297e080b7384862294d202c7ff061d526363ab1f25079

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 92e9833f-7d2c-4105-9eaa-5e7dfc937b10
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E96D 14 KB
8 KB 137ms
125ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895349103&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2b1a3c62-fe03-4f3d-82c2-65ae188e31fa&l_pb_bid_id=42cf25184c4bfc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8685499906664593
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d7df8d307003b3d26b1ecec2eb898ca584bc25e762bd4b15654d498554b269d7

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame E96D 0
176 B 29ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame E96D 2 KB
2 KB 98ms
86ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a461c6ce91b8b3bd1c44053b0722a3c9ce947c52a724bec907fc60427783afac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E96D 18 KB
5 KB 180ms
170ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 324c1fe815c43b5b513a2c882e726afa04e73dff1b85a35ce9c8badb1b489a09

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame E96D 18 B
311 B 40ms
32ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=29559906509&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 9F1A 12 KB
5 KB 84ms
83ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895349144&tk_flint=pbjs_lite_v7.19.0&x_source.tid=a456c5e2-475b-4166-a312-beb05e62b21c&l_pb_bid_id=2b2365e0a91fcb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6463291154941051
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7eb2dab10af30894984ed84a6b71ac3bece74c946ac88ed4991f6a3fbd22fe29

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 9F1A 20 KB
5 KB 172ms
171ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 7bea649277aa329867d3356ca9ea8b3bbe8ed90ab08be4620bb104b146daf7b9

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 9F1A 2 KB
2 KB 78ms
78ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c3fae2fb751cea18b5a06bc64fb9f3e5ec8c5742492e32741f127b6ace238b8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 9F1A 18 KB
5 KB 152ms
152ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: a6a5d02c6beeaef42accc5f189832fd4ff4a9597e304a23159d590a7b273b972

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9F1A 13 KB
7 KB 121ms
121ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

1caa3afc3562bb0ce11f85b7ec50c8e544d6014d872555f7617c82548a76c3f7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: bcb62439-a7d1-4ec9-a1f9-4bf3f6443da1
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9F1A 0
176 B 16ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 9F1A 18 B
311 B 28ms
28ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=87928629899&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1BBF 12 KB
6 KB 142ms
141ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

3a2e735723d59b4492e4ce991d8359fd71777fa1549ca1d666ac9d3cf7742375

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 56409085-10b2-4d8c-ba7f-7e789d7d2ac0
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 1BBF 18 B
311 B 28ms
27ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=98702818416&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 1BBF 14 KB
8 KB 106ms
105ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895349190&tk_flint=pbjs_lite_v7.19.0&x_source.tid=823163ae-5cca-4be6-8bff-23c4e4c2aa9d&l_pb_bid_id=60a87bfd291ddb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3093622053074361
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f49668faaa3548ff08a52db4f0177aa5176c52b7a7279cdbe5492ef67ba9285e

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 1BBF 20 KB
5 KB 197ms
131ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: d38406cb23368542e3f3541d4382c9d6b5020ffc61d6c2340ab7a03deddd193b

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 1BBF 171 B
556 B 251ms
185ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1BBF 0
176 B 18ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 1BBF 2 KB
2 KB 85ms
84ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

041298ffccadd179e80870bba7fea59c267475e7012787eb589cf924d1b98c49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 3BAE 18 B
311 B 34ms
34ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=43610448588&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 3BAE 2 KB
2 KB 78ms
78ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

03d52af912a75d0d0749e14d81ab610321aee7f0b5e9b6e0ea9af62021ee1c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 3BAE 171 B
561 B 246ms
139ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 3BAE 12 KB
5 KB 104ms
100ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895349123&tk_flint=pbjs_lite_v7.19.0&x_source.tid=e29f7b38-01d8-401d-b1cf-cdac50d7e9fd&l_pb_bid_id=8c8268d5ff2d8f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5641102367257111
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 99d4c64181e33f1174d221b7ea71cbe8cbc108bd5c031521c80a8f097469126c

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 3BAE 0
176 B 21ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3BAE 13 KB
7 KB 193ms
147ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c0ede55e07808086f5f53fa95aa32992335f4cf4288630c24b08b1e06504676f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9421df9b-a880-4eb5-9778-8fd6bcf9e116
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 02EC 14 KB
8 KB 150ms
120ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895349329&tk_flint=pbjs_lite_v7.19.0&x_source.tid=a2e4c023-a31a-4102-b722-047509ca7060&l_pb_bid_id=2d44d1236c2184&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.35212791481194383
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 052af1a41dec19820fe18415bca24c73db87f2f0da00e9ba27e7d101d2fe410f

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 02EC 18 B
311 B 54ms
28ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=59981240810&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 02EC 20 KB
5 KB 219ms
136ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: d6a301c45c6cb9f27dab1cc04374a1826105245aee46eb32264419ba2179ea1b

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 02EC 2 KB
2 KB 180ms
155ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

304a6904490b02393897d40b31968620426451a6a54a19848a29819901323dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 02EC 13 KB
7 KB 158ms
133ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

58e64f19299f4a90072e03a27e9d0aa3d17f9ed010e8c20a65b61301cf39dad6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c89fa5df-68e3-447c-a57f-b5cffc27053b
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 02EC 18 KB
5 KB 278ms
157ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 44be8675cf7905593eb9315a6d130b3df10918e84449ad903f4cfdbe8551dcf2

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 02EC 0
176 B 43ms
20ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200 579.json Show response
id5-sync.com/g/v2/ 216 B
621 B 14ms
7ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/579.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

bd202b660efa1045707e0cb18fa35400e47c8d212759bc9de7f94b9bf03be787

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Tue, 13 Dec 2022 01:35:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
320 B 18ms
9ms XHR
text/plain 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Tue, 13 Dec 2022 01:35:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 27D2 15 KB
6 KB 42ms
20ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:52 GMT
server: Kestrel
server-processing-duration-in-ticks: 364653
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
331 B 46ms
28ms XHR
application/json 3.248.128.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.128.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-128-187.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 4c45b9784362a1e8cefdbf2ac784a3e4b721f05fa59ef9b4402fd6410039bc14

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://earnme.club
cache-control: no-cache
x-server: 10.45.26.171
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 1F55 14 KB
8 KB 147ms
133ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895349273&tk_flint=pbjs_lite_v7.19.0&x_source.tid=7162e2dd-fc22-4326-a3da-0c964febf159&l_pb_bid_id=21e142dc89635e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1618335348550013
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e67377a143d3795e2f213404a8e5ccf1b8573c189bf35fbc192f9a8cd4f678c0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1F55 12 KB
6 KB 145ms
140ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a1e4e7c5539b0f1f48e1e988b68393107a50b6941967cc1f3fd932fd8fc6f9b9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: aafcd259-2c29-4415-a718-a3e17e895af1
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1F55 0
176 B 28ms
19ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 1F55 2 KB
2 KB 128ms
119ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

246188678425017ab2b7898345187ce672cc2faf44ec310bf3846431de649561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 1F55 171 B
556 B 197ms
148ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 1F55 18 B
311 B 36ms
29ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=87525671220&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 1F55 20 KB
5 KB 219ms
138ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: d96a2912050b24a4cab2521e8595877fc97afe5f55299cd205ea7d5652dc78d0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 142ms
65ms Ping
text/plain 2001:4860:4802:32::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LY1N2M6E7Y&gtm=2oebu0&_p=400804358&cid=921010836.1670895347&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1670895346&sct=1&seg=1&dl=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&dt=NORD%20N1%20from%20ONEPLUS%20%E2%80%93%20Tech%20One&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E1F0 12 KB
6 KB 143ms
143ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

320f2673af16f902e510de4d578bbb6b7789c39c78460f0514be2fa25986ce55

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: eaefcbd3-3c64-47b6-890d-e551895fab48
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame E1F0 2 KB
1 KB 82ms
82ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ff362dabffed44391ad2790d7d2a290321bdb9fb9d7bcc107f04981dd3411fb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E1F0 171 B
556 B 274ms
131ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame E1F0 0
176 B 47ms
14ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame E1F0 334 B
369 B 157ms
124ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895349363&tk_flint=pbjs_lite_v7.19.0&x_source.tid=f9607109-67a4-4e3a-8412-0cb4a85cd438&l_pb_bid_id=1030d4a6796862e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5610242278852682
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f37d002f325209a73881cd665d33e9f70726ab2f17c544d1f2cd5154e8b441ee

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame E1F0 18 B
311 B 49ms
26ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=84554171615&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E1F0 171 B
556 B 292ms
160ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 89B2 0
176 B 34ms
15ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 89B2 18 B
311 B 46ms
28ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=73199966972&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 89B2 18 KB
5 KB 303ms
174ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: cf6190b05ceacaa8a1eed0e125108b85ca7683ed43a29d488ba5772acead4f81

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 89B2 2 KB
2 KB 105ms
87ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c147a474274e2eb22b2f4a539e09605f36f7ba573518d6e75e518ca1c3ccdf6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 89B2 14 KB
8 KB 140ms
123ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895349390&tk_flint=pbjs_lite_v7.19.0&x_source.tid=0130a37d-7f3a-43f9-af57-c1476d2cdaad&l_pb_bid_id=1067ac3878a960d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6117419959862778
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c3bd136565d7bf3faf6ae314b3f1b8e49657d5646802941816d78ffefd3d3b9e

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 89B2 171 B
556 B 299ms
133ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 89B2 14 KB
7 KB 156ms
143ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d1c13ee5e977bc86060cadf06a3d5e3c6c38ea824d10218f77aad956504ae7c6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 231fa5f1-6949-46d7-ac6c-df0930004dc4
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 6863 0
176 B 29ms
19ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6863 12 KB
6 KB 138ms
127ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4e6e564601867fb764e833b6bbcacff941f556484ca60186edf2457623d379ac

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1ce58670-7882-40d1-a40b-555bdb4c24c5
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 6863 171 B
556 B 303ms
129ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 6863 0
407 B 88ms
81ms XHR
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6863 15 KB
8 KB 113ms
108ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895349433&tk_flint=pbjs_lite_v7.19.0&x_source.tid=0bf6e553-4d00-4c6c-bd18-9bbc7027c3bd&l_pb_bid_id=109b54244c8be6b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.43876937636648927
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7e801880e7312d9d1bbab1c39170bbcb145b96159f34787e6b90355ca66898e6

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 6863 18 B
311 B 33ms
27ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=52062258146&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 055F 0
176 B 21ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 055F 12 KB
6 KB 180ms
138ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0b47b5941bf0f51a9087ed804c7a83cfb2485f0ffb5e029aeaa7d2b9dc3f5ccb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: fc3df487-b5a1-47e4-8bb0-59bc3c90f13f
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 055F 18 B
311 B 34ms
30ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=37724631471&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 055F 2 KB
2 KB 90ms
87ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

862b93e6df00e8222907d9515c9f13312d9f0514018312f80cba086915f9c936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 055F 171 B
556 B 320ms
144ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 055F 12 KB
5 KB 124ms
123ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895349419&tk_flint=pbjs_lite_v7.19.0&x_source.tid=d19636e4-55e2-4e94-9100-f7ab5bf7e037&l_pb_bid_id=123d75785160434&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6366291042004353
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ba8b067ed8efea447edda7a3e3fcb82befa18960d30342e900ef0bf30cb818d8

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 46C6 2 KB
2 KB 97ms
75ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

39d4181147e2c79ad6a07b8b4ba5cc5fc6ecc277c1dbefaaf2d723c605dffde7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 46C6 18 B
311 B 48ms
26ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=28026607275&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 46C6 20 KB
5 KB 355ms
126ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: dda6e7f335f0c67a7bf0f8b1f98e36f82ce97eb1b6b9c42dff8409395c7448ee

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 46C6 0
176 B 37ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 46C6 13 KB
7 KB 157ms
123ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

90c40eb2c76dba53ac547e627ab4c6933594dc469316046fb7c2a10ac09417a9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 15ac0b76-6642-4a71-b4d3-c80b5860cb3d
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 46C6 14 KB
8 KB 128ms
113ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895349447&tk_flint=pbjs_lite_v7.19.0&x_source.tid=78e5360e-e122-4860-be57-ae31df89e050&l_pb_bid_id=128b8f04622d175&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8093874468556954
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 44527fb78cdcdee0f4df2857f20a08b5613cf2373fbf3b1e920c1a31e434f1e4

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame C88E 2 KB
2 KB 100ms
88ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

beeb0c539cccc92378ed6cede20b6ead265c3cfe28846b6d1c9df215133dfad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C88E 12 KB
6 KB 222ms
133ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6bb8b2246c82259885f3a015a59121fb3abce7642ffb43201c2d465cbad0cff4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d3e9f218-f49b-4eee-8520-cdd95dd7ccc4
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame C88E 2 KB
2 KB 46ms
35ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=35206589654&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

912c1b61c42cd9259a3c6d7e5e0a397f3ced06c7b2f13a5df1ed75bfe7a7c483

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1667

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame C88E 12 KB
5 KB 180ms
171ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895349474&tk_flint=pbjs_lite_v7.19.0&x_source.tid=48039248-c080-4707-b415-40c65b117ebc&l_pb_bid_id=86ca2fcab70e31&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.37478663664464884
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8443b74baf93a2a805163c4cc592dbbabf96621670bd578d326d2f46fd04cfce

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame C88E 0
176 B 20ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C88E 18 KB
5 KB 404ms
145ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: beb098450970d48b2ee67eae9429763afcd359255f8f306fac588ec793511f85

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 6B92 2 KB
2 KB 34ms
34ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=87069664775&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

0ac6411a80570d620d55cd221394c73644260df8057d38b9811a382946ac33ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1665

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 6B92 2 KB
2 KB 85ms
85ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1c2beff1fc4983a33350a08469a05f96fc95e039d3a25f315b7e52db54c41df3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6B92 14 KB
8 KB 123ms
123ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895349463&tk_flint=pbjs_lite_v7.19.0&x_source.tid=118a3977-61ad-4c8b-9807-59cb8e50b008&l_pb_bid_id=61324d243bd834&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.015238549137557067
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 86491be5d3edc8605fa625c110f99fcdbcdefc7548db99c4ef4743b9c5230809

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 6B92 171 B
561 B 378ms
126ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6B92 21 KB
12 KB 242ms
168ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d39025ee51ca2000dfc79c34dfe83e838c67c8a0bc55ba7b0158ed74db3ce822

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 36381a60-ed20-404b-8ea3-cb511cc23dc6
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 6B92 0
176 B 22ms
21ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 8F56 14 KB
8 KB 133ms
128ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895349346&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3239b94d-3f91-491e-adbd-93a3c2e01923&l_pb_bid_id=2f56157270f4ff&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9823737064419238
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 84e15aae0cb0f8d2f11c75e58ed922b42be87307df75a7109902d7887a66ecbd

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 8F56 18 KB
5 KB 389ms
148ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 1db3c30e1d353e5942bf4e71d259b3f15f2f765133ce2a0d35f2f9405db4b6b3

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 8F56 2 KB
2 KB 85ms
84ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

013ee79644c4daa55612e3164b1a05ce5240a318474b3bea15f6639ec02722c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 8F56 2 KB
2 KB 34ms
29ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=85843414189&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

178b5ebf9e476bdf2dfd23742785c9863dd7029c2fc110d37a5731ab14a2494c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1682

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 8F56 18 KB
5 KB 468ms
230ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0d28e7bc6f38e33cae5d340dd59bd31110177335adc3f5753cb570c98763df79

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8F56 13 KB
7 KB 210ms
142ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

785ecaf31d65e70e637a053f8ae418b2e035f944847762fca8afb31f0de51ae5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 84ca5a99-2fb7-4370-af38-f8e28e28ceca
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 8F56 0
176 B 28ms
26ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 6F35 2 KB
2 KB 31ms
1ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=39966354002&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

cc701977877a09c9476c838dd55a05eb15b234eb32231f50dd25028a2e0f01bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1665

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6F35 14 KB
8 KB 149ms
118ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895349404&tk_flint=pbjs_lite_v7.19.0&x_source.tid=1d3798c0-fdb0-439e-a267-9d6a1e87fdcc&l_pb_bid_id=44fbb97888dcc3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1259043728414333
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b6b94a85edf7e723363fb949b69797ba5cb84d609118be92c64ca71012ac878d

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 6F35 18 KB
5 KB 379ms
135ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0d9de23537baae1ab595344eeef2c5cdb1798b8c06d389608618a6a5c2024e8e

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame 6F35 2 KB
2 KB 104ms
74ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a85c25f589d3ca51516ce958616bb54ed81c9594ed0626bbc6a0722f4a50e333

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 6F35 0
176 B 46ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:52 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6F35 12 KB
6 KB 187ms
134ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d67847fb8e632014c2d9d6243703f1c84237b2e31f959532f8d011e86521f48d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:52 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d05340b4-5adb-4c64-a92c-e9e836348c17
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BC51 143 B
166 B 126ms
38ms Document
text/html 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com
URL: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 00:56:25 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 08BB 2 KB
1 KB 319ms
29ms Script
application/javascript 2a02:26f0:6c00::210:ba29

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13361095&cmp=28876501&plc=351842702&sid=884521&dvregion=0&unit=300x250
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:53 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Oct 2022 09:55:21 GMT
Server: Microsoft-IIS/10.0
ETag: "42b02eb945ecd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H2 200 dbm
beacon.sojern.com/imp/ Frame 08BB 42 B
229 B 328ms
37ms Image
image/gif 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.sojern.com/imp/dbm?auc=4382757320680480899&li=${CAMPAIGN_ID}&cr=398487955&io=${INSERTION_ORDER_ID}&seg=${PIXEL_ID_COMMA}&src=${SOURCE_URL}&ord=307801502
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Tue, 13 Dec 2022 01:35:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

GET
H2 200 ca Show response
choices.truste.com/ Frame 08BB 27 KB
10 KB 179ms
102ms Script
text/javascript 13.32.121.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&c=307801502&js=pmw0&w=300&h=250&admarker=dynamic&cid=sojern

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-5.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

9496bb7e683947e36266a700909cd8fbe4b537d9dd2b9bf3c94e6fb739a4f06c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA60-P1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: KNWIqn16RJIi34SSLO1uijXY5od0iQxyabQ0_i6D6o2bDPJHdQtAVw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 apn
beacon.sojern.com/imp/ Frame 08BB 42 B
101 B 328ms
38ms Image
image/gif 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.sojern.com/imp/apn?auc=4382757320680480899&cr=398487955&seg=&st=0&bp=0.05545&pp=0.03704&aaid=&idfa=&ord=307801502
Requested by: Host: excellence-prebid.sfo2.cdn.digitaloceanspaces.com
URL: https://excellence-prebid.sfo2.cdn.digitaloceanspaces.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
date: Tue, 13 Dec 2022 01:35:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

GET
H2 200 ca Show response
choices.truste.com/ Frame 08BB 2 KB
2 KB 176ms
100ms Script
text/javascript 13.32.121.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=307801502&sz=300x250&js=st_dapp

Requested by

Host: excellence-prebid.sfo2.cdn.digitaloceanspaces.com
URL: https://excellence-prebid.sfo2.cdn.digitaloceanspaces.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.121.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-121-5.fra60.r.cloudfront.net

Software

nginx /

Resource Hash

3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA60-P1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 918
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: DNAlSmRA_Bt_WywxoXBk2DjU5vSrC7AndxeQ3SjXA5NM7Rtu-AT13w==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/231/ Frame 08BB 80 KB
27 KB 294ms
13ms Script
application/x-javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/231/trk.js
Requested by: Host: excellence-prebid.sfo2.cdn.digitaloceanspaces.com
URL: https://excellence-prebid.sfo2.cdn.digitaloceanspaces.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Nov 2022 10:07:25 GMT
Server: AkamaiNetStorage
ETag: "48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27455
Expires: Wed, 13 Dec 2023 01:35:53 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 08BB 0
819 B 88ms
14ms Image
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252Fnord-n1-from-oneplus%252F&e=wqT_3QK0CvBVNAUAAAMA1gAFAQj1rd-cBhCDwZyf_9Gr6TwY3prw04bZw_BmKjYJLmfG-vX2oj8R6_qqhQXjmT8ZAAAAQOF6tD8hBaVo5V5goz8pwFsgQfFjrD8xAAABG7iUPzC_yNIJOOZTQOo_SAJQk-OBvgFYkduKAWAAaOHotwF43_UFgAEBigEDVVNEkgUG8EyYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCU3VmKCdhJywgMjkyMDk5NCwgMCk7dWYoJ2knLCA1MzE0MDYyLCAwKQUULGcnLCAxOTQ4ODA4MBUpMHInLCAzOTg0ODc5NTUFFvCLkgKBBCF3V1NfV3dpWDZ2c1pFSlBqZ2I0QkdBQWdrZHVLQVRBQU9BQkFBRWpxUDFDX3lOSUpXQUJnbGdkb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFjTDV6MC1PWkt3X3dRSEMtYzlQam1Tc1A4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUdPck1RQzlRSE56TXc5bUFJQW9BSUJ0UUkFJAB2DQjwVXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpRVTFUTXpvMk1URXo0QVA4TDRBRThKR3RDWWdFMXFITUNaQUVBWmdFQWNFRUFBBWMUQUFBREpCAQcNARgyQVFBOFFRDQ4oQUFBSWdGNFMtcEIRExRQQV9zUVUBGgkBGE1FRm1wbVoBAgx1VF9KBSgcR0RZdnVFXzAuKAAITmtGCTHIQUE4RF9nQmFrcjhBWFF1cVVKLUFXaXBMSUJnZ1lEVlZORWlBWUFrQVlCbUFZQW9RYWFtBV4wbTVQNmdHQkxJR0pBaxFLCEFBQh3LBEJrGRgAQx0YRExnR0NnLi6aApkBITBCVlhZZzoFAjRKSGJpZ0VnQUNnQU1acQlvWGJrX09nbEJUVk16T2pZeE1UTkFfQzlKEWIMOEQ5UhEMDEFBQlodDABoHQwAcB0MAHgdDAw0QUlrNXjw7ThEOC7YAgDgAonRVOoCKWh0dHBzOi8vZWFybm1lLmNsdWIvbm9yZC1uMS1mcm9tLW9uZXBsdXMvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNzaoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOODE3MCNBTVMzOjYxMTPaBAIIAeAEAfAEk-OBvgGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAABD2zYBQHgBQHwBakF-gUECAAQAJAGAJgGALgGAMEGASAwAADwP9AG6CnaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOL8GQADIB9_1BdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AeLvwGKCAIQAJUIAACAP5gIAQ..&s=44d3447ed15bf8fcad6e8e50674336454c47bd6c

Requested by

Host: excellence-prebid.sfo2.cdn.digitaloceanspaces.com
URL: https://excellence-prebid.sfo2.cdn.digitaloceanspaces.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:52 GMT
AN-X-Request-Uuid: 5ff919d8-da94-479d-a0e5-b62124e6e6c1
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame C416 12 KB
6 KB 21ms
21ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Dec 2023 01:35:52 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C416 5 KB
5 KB 231ms
19ms Image
image/png 2a02:2638::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=196&s=P1mM87GxKeNVtHqDGH1gb7rz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29822429
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5106
expires: Thu, 23 Nov 2023 05:36:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C416 3 KB
3 KB 232ms
22ms Image
image/webp 2a02:2638::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2FlogoVerbund-freier-Trainer-und-Coaches-UG-haftungsbeschraenkt-307324DE-2206131139.gif%3Feb%3D1&v=3&w=400&s=kQPVVx6qqWTaJPEz3j54x2he&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

bf6ef9f2ec28cdef4f1e3b49e7c0b2a6f05c027fed9f2d685dc7815a2a76c355

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=478920
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2732
expires: Sun, 18 Dec 2022 14:37:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C416 1 KB
2 KB 228ms
18ms Image
image/webp 2a02:2638::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F0%2FlogoAVEDO-GmbH-315564DE-2210201509.gif%3Feb%3D1&v=3&w=400&s=9WwJuonrRT4_w_ANJebZrXYT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

54673873b4cdd4e6da9d13577fb5315ff7dc8ee9be6787cb412394e995751f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=396768
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1398
expires: Sat, 17 Dec 2022 15:48:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C416 1 KB
1 KB 230ms
20ms Image
image/png 2a02:2638::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoSV-SparkassenVersicherung-51781DE-2008120925.gif%3Feb%3D1&v=3&w=400&s=aRdX_u8Lmehcv6lsfkpPZYoA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

74024ec471def17a6d2835f88223678a094f8c10ccda405a0543445c31945519

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1050
expires: Tue, 13 Dec 2022 01:35:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C416 6 KB
6 KB 235ms
26ms Image
image/webp 2a02:2638::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoCMS-Hasche-Sigle-Partnerschaft-von-Rechtsanwaelten-und-Steuerberatern-mbB-93153DE-2104070904.gif%3Feb%3D1&v=3&w=400&s=80hTzjFu_y1FF3pHLDFU6cFg&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

c4a6d78d55951081d4fca1d9c4058b3db7ee701ab7c4409f43825e0dc3dda334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=491466
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6022
expires: Sun, 18 Dec 2022 18:06:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C416 1 KB
2 KB 239ms
31ms Image
image/webp 2a02:2638::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FL%2FlogoLiebich-Partner-Management-und-Personalberatung-AG-5117DE.gif%3Feb%3D1&v=3&w=400&s=BaPNMDTXXDSjMjifDLekssi_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

4dfb6311f1957e1e105e976bdd215e563d021b8bc3101a03000379b5775ff6b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1410
expires: Fri, 08 Dec 2023 01:35:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C416 5 KB
5 KB 20ms
16ms Image
image/webp 2a02:2638::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoREWE-Lieferservice-213337DE-2207051019.gif%3Feb%3D1&v=3&w=400&s=n1_yjgYq8m7gAJM8PeywrWiP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e02f46e85f6770be2421ab66bd10b74fbc709975e876588ece1965fd533aec1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1460
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4662
expires: Tue, 13 Dec 2022 02:00:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C416 3 KB
3 KB 21ms
17ms Image
image/webp 2a02:2638::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoConcentrix-Germany-169413DE.gif%3Feb%3D1&v=3&w=400&s=MLCPOuNtUjk_FrjlqcdavKOt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

c38e076da21dc997a97ba46c2464b656b9ab308a34318c250fb42b77e0588172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1155251
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3064
expires: Mon, 26 Dec 2022 10:30:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C416 898 B
1 KB 21ms
18ms Image
image/webp 2a02:2638::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FG%2FlogoGKS-Gesellschaft-fur-Kommunikationsservice-mbH-148116DE.gif%3Feb%3D1&v=3&w=400&s=-mxUMyceAgOLfeiqGMGVBA-h&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

46b12afb08dc52a9f50161094e95fc99f08cbb726b869573c640365e1e6b6fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1082371
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 898
expires: Sun, 25 Dec 2022 14:15:25 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C416 0
128 B 230ms
23ms Ping
text/plain 2a02:2638::21

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=GFZJASo7rBllT9813EU5qazx94uATFHGlYSAiEGZubfhAavUH5y3PeDcUxXs4YotxNwL6VOKRgLsg8JxFZWu60ulryq6Rxjtu6iTOfy4zdOz7fQpkfgU8_BrbJ2MGCZIbvdxASJm58vnZmuVwAZc7xC6NTm7jatDp-4A7sTr9e7BZce4t79DXOvanDzrJUNTs-FI6I6c5Z42dxdibJWvHEUNLu9bgnQJoohsrFRylvtGmQEQQZ19pOQtPTTt8Yo_QbhRiw&sds=2&rev=83862.2&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:52 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C416 2 KB
1 KB 19ms
17ms Image
image/svg+xml 2a02:2638::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Dec 2023 01:35:52 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C416 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Dec 2023 01:35:52 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 65ms
31ms XHR
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:35:53 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 501E 1 KB
1 KB 42ms
24ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=el6TqoVMDqZhu6YCf0OCJ3XiGiqIotY4Mcx-asIOX4sYcfaF87gK5Bmhi8XDu_Q20YD3o_e-16P37_NXUdN2SYcjqzBAwiw0fVzRPfRjYWrJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesfB28gUDijSksOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ylQVxy0h3Id42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Qb_6smX1KGRxv1DSGA0RdMnZUVJHm7U4IN672X_Kv1WTGb5GQxU-uwRQTAIouGwYCOUdQWx7eaBE3qgsOAQNWc438McD3LeUID9jTA9wD4ksfMEX5By_Xskui0bMBUl7HUn5BwdnFtagO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c8de146b9c8747aa6274679fc15b0214c5e57633ec3dea36dc7abb0fb4171df0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1124
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 501E 59 KB
25 KB 178ms
23ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
DATA 200
OK truncated
/ Frame 71D1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 167369ec15dcc5e66ccd88afdc00a07199bad191367aac7945eec160f0d0bf77

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 7DA7 1 KB
1 KB 33ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=pIjprdQVl3zmDdyNw3cSGVE9X2KlB0r2sGmOhVE9WTXtSsdvslkUhBmhi8XDu_Q2v4-xzsvQ6hkCHauhkDM2VaeOlRnmmlEp7rd2-UIinG_JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesekeP2M9dIFcsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=R4iX0eHrCix42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SVcsUw786y-LUGyr7jp1eKPfy0h_IB6gZ1KpI_22cKeyO4RsFn-ucpMMxhFn7iFYh6fNzOvM7seG3m-HTxGA4Vmg7Klcu1N_wD9jTA9wD4ksfMEX5By_Xskui0bMBUl7FkbBjxSa4glQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8eff2f9c821d2a0fb06cbea0d8158a0f1c52960d96abeabb569434decaa65b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1105
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 7DA7 59 KB
25 KB 154ms
40ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame A30D 1 KB
1 KB 26ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=nedVi83Wsns5y_gHEO1oOq2iFWU34Wb0FFyZcKivfaWB9bPyIGiXx5EOAGbjPBIsM8PBq0CnifYq7vt4QMBDCjmRFfAV0C7HLuBRMnyq9gjJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesau_9YhHhNXcsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=7r-M8NIg3DJ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R8u3pKImRyrNrSwHb7qBseiWKRw4Z--Wz7ZsWXqITBbWdghNpsPngDQCn2rUiYgvpaYnqm_YHRyarYFuYefveqnS4j0MvbFrsD9jTA9wD4ksfMEX5By_Xskui0bMBUl7HZ5-dnmF1x8gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b1754576c31e4dbcbeca7c7501814d2b615978dd6eff53d71a4c4ff55c4fe3ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1111
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame A30D 59 KB
25 KB 137ms
52ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 5226 1 KB
1 KB 23ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=52776760;rtbwp=3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0;rtbdata=MU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=PH8G59wFgDN42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOLhkwluhosDW-sa8r9BNc91SWT-osaCa81NXGjqFeI9q1nBVAfOGIcw-7m_R-v-Hf1WtMcTT1wXfuIDuAq15YdMCjIRl_x6BFED9jTA9wD4ksfMEX5By_Xskui0bMBUl7HtZSuXXq4oFQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8366e996510e23da4ac398f4604c93585dfa2736ba63005b2611f174219e5661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1122
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 5226 59 KB
25 KB 135ms
60ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H3 200 container.html Show response
1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BFF6 6 KB
3 KB 42ms
42ms Document
text/html 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:51 GMT
expires: Wed, 13 Dec 2023 01:35:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0987 17 KB
6 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:35:53 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame C729 88 KB
29 KB 21ms
20ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:35:53 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame BD39 88 KB
29 KB 48ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:35:53 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame C863 0
176 B 38ms
12ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:53 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C863 18 KB
5 KB 177ms
168ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: ae98a72acfe406ef41c690b0fba4c57d75b913d6ea5d648026f648920b25c60f

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame C863 0
499 B 100ms
77ms XHR
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C863 21 KB
12 KB 155ms
147ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6a653526473582b345d0bd7609cf1f7d26d2a4d1aa8b370547660042e13a380c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8aafc840-c8c5-430c-bca0-159e67ae363d
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame C863 2 KB
2 KB 45ms
24ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=27212567684&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

47472f155c87df109e96dd05ee2be42dee2fe3ad198ba64373085ca73f9da9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1653

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C863 20 KB
5 KB 156ms
150ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: a8dea35604d63b94605e5b63e2dd13baad210053271c13c750fc462fa3545ff1

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame C863 14 KB
8 KB 141ms
121ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895350501&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5e5300da-9748-4ec7-b90a-20d445c194ef&l_pb_bid_id=14b7f00a5ed8e7f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7203129875635645
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2c3cfd8a408c34c3dc4ece476973a1c3373af579e652180e5374ff33386af128

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 137E 1 KB
1 KB 28ms
19ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=52776760;rtbwp=3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0;rtbdata=dvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=elQDvTaP-AJ42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOLNEl5eNwM_qxc1BeWi0xHh6reDgpWa5OhQZYntkz8hwjz5TzQ1MQEpCYeQl0TGzfaAyvSK0jPBpd7H0I2JLBFbVmmXAuRovJwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7E6lhanwaplcwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a45a88d1df5620fc232bada94efa3dcdcc5c35b8a02750bc8f1ee093f858b3b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1122
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 137E 59 KB
25 KB 68ms
59ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 99E5 1 KB
1 KB 21ms
19ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=ttNmYRvTsQunmS9emcxVN389yDirH5ObxDPw0vN6APreduWji-OQ-FAnoZODnFtPMwMF4_14hWwQsMNaN-onzKNBAZmtQXAYCD6t9pjcdoDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesN2kt0MFgTmosOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=1eVq6w26WOt42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SsN0tmH01sEYB613wE_-Y-sAmyZS3LqHAbdyRaGIQzblH01y219wsKseyBH4HYZS_mgO4blMDzigVgcKltZ74kUCGMpxWpEuwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7E0at5TinmFoAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

caeef50f5740693c63c199175995cd8f07c64483c3da22825745765eec1a53f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1101
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 99E5 59 KB
25 KB 59ms
57ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame F999 0
499 B 88ms
69ms XHR
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame F999 2 KB
2 KB 38ms
22ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=77114604820&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

5a2a265312f0e801d736b4413a5318227627d29ff1b28771803d198cb120dcc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1665

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame F999 18 KB
5 KB 147ms
142ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 91a634d88f8050879869dfa6d8c0591d1edd668a4548fc644f39907eaa3f0f27

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame F999 0
176 B 33ms
15ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:53 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame F999 171 B
556 B 163ms
160ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame F999 12 KB
5 KB 119ms
102ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895350559&tk_flint=pbjs_lite_v7.19.0&x_source.tid=b65a3c5c-3cd9-4526-bdaa-76d5d0ef90bd&l_pb_bid_id=12e09f89c45cae9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5253559051853347
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7c0d33094c325e3acb9dcdde9d35e6795b6ccc7996ebc87bdce966698e6e0de1

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F999 13 KB
7 KB 148ms
146ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b328fb713a14d3205e18ba66230f07f4eaf260fc0f6698acba68a0a9658467ad

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 48a666a8-3553-4439-8b16-64fae8663333
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0723 18 KB
5 KB 140ms
138ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 1a2d0387b75529a3507a988542d0287739722af77e1d3cb715c02a41b357eed6

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 0723 0
176 B 22ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:53 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 0723 0
498 B 88ms
83ms XHR
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 0723 2 KB
2 KB 38ms
33ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=17500313022&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

f2ef1bf727e6b2559080a67c54ef5591268d984661dce94e3ac15b3585519796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1682

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0723 14 KB
8 KB 112ms
107ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895350592&tk_flint=pbjs_lite_v7.19.0&x_source.tid=c40ddfb6-4c0d-4c00-ade9-d853e2b5987d&l_pb_bid_id=10ca3b6beac3bad&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.42709669520103266
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 933057457b7ec5138c5f951b7df7a124d63a91714d41d120e196ad315fcdb442

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0723 13 KB
7 KB 184ms
182ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

11d54e2fb35e301b64b550f134f61e908db95537bf374a5352ba25a049562547

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: cfabae70-5d43-4f40-84a6-5d59a77505dd
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0723 18 KB
5 KB 177ms
176ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 250d21d91d473567e6f5b3fe9fef3ffb04a1b985ef045fdc2f328378d1f25624

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 17AE 1 KB
1 KB 30ms
22ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=pIjprdQVl3ySv3BQcZTyESFpyzIuExD9-IDL9rSQP86zgixjPE8clp7RJsIFLDe-QYDD5jX1V7eRz_nKojNWsGzyMunvTlGSwpE1mocy1wDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesXTw643e2q1EsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Ltz3FkLvzLh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-S0RQRDqt_Eq7UUDdWkpBFDbtTSpoMPBEgaEb7ErZtSV1SuCS7WvxI55oQQjqC0lfp04fv_0Q-eVAQ4X8xU_Pst72Ljv0LdVPwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7GvPRwYsYeIGAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6dd2ff2d7139206ad291049a5b57a34be4fd67f8bd244d72756e3b892996f40a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1111
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 17AE 59 KB
25 KB 32ms
26ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 2674 1 KB
1 KB 20ms
19ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=TJ4qHFkmLj2xjbj_DSPSdv8uxOp4VadipWElZEXNR7CdflIx-j2gb9O6EqB0BAToBRxu1Oeyvg54EdaJDVWTOG9WF_Ms9DQUf2ZiUkc-_kbJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckess0drL8uHixwsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=9YFKyQKqGg142u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Tcjp1sSc42N6eThQihijlLiIXmNNq0KJDWPl13EhPjIUDZcRt17VZZ2khpvyYMYQaeCsfwlZDVLkujONcrnBbL7torgEaogysD9jTA9wD4ksfMEX5By_Xskui0bMBUl7ElVsqJlgaQcwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f2da60aa703edb402a849c136f501329e5a5b5c8d80398a79f30e67f9d43fe56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1107
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 2674 59 KB
25 KB 22ms
22ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1DD4 0
176 B 18ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:53 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 1DD4 2 KB
2 KB 44ms
32ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=94198385957&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

9cf426e21091948e5618d110f171b3f16702597639213550ec8a6fac0c3e04db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1667

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1DD4 12 KB
6 KB 132ms
126ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

7acf296eab55e647788d20fbe4493cfed32a66a524cb83471ccca96c90af54a6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c699e5ef-7c19-46af-b1f9-ba5dd9be8748
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 1DD4 0
499 B 88ms
77ms XHR
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 1DD4 18 KB
5 KB 202ms
152ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 1652836ee134e561d233e74f929e74c55b2f452190992efe0a27dbd22fedb80c

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 1DD4 14 KB
8 KB 132ms
124ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895350723&tk_flint=pbjs_lite_v7.19.0&x_source.tid=6ebab267-bb57-453d-8f4a-515e61eaaa80&l_pb_bid_id=1263bc7baef2b9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08890230157905465
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d622e135027aa34bbf8d5befd82be0716b7c36a6f2119930716b64e24027d9ac

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 1DD4 20 KB
5 KB 209ms
142ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 5e71d74a0677e21568f2e978323bd25fc0e5245b0f3c34ff73449137061ddf24

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 9E94 1 KB
1 KB 26ms
24ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6kB3crmDNKsA1erjN7kBQz-9bdwi6BnBrBdr4bZSs1vPg-k-3Jylr01REz67sdhw2B0rW3xYz1ou2lf76kIC3K3AWcvoosZedRDZMebUfw3JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckess0drL8uHixwsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=o4EgYW9ieAx42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T4BpsGlAektJIkg-SUbE-OGMdrOqyImI8rt4YmCK4s2yPVhEL-LO5gL2ObMjJ1XrrY-QE_NL3A1opHUONa_ylky3yCGs4fa_ED9jTA9wD4ksfMEX5By_Xskui0bMBUl7Egn83A8QeQtAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8c2dc9465d71097b41d5f5873a3abd956c773e61a3d270ba4b1a19245ae004d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1098
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 9E94 59 KB
25 KB 28ms
27ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame C49D 0
499 B 86ms
85ms XHR
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame C49D 2 KB
2 KB 35ms
33ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=10060292756&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

6872e5fe31fd3abbd905267318ec657866186a4b9ca51f57c3e399db81a97331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1675

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C49D 20 KB
5 KB 145ms
143ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: f9dc48876e984d8129bfb01a1571b3db418b1d5e180560fcb2b4388c2565ce08

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C49D 12 KB
6 KB 146ms
145ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c8adf0cf748084ad7ca03aa6ab08debbd2ff04c3451e40cf06d84e81586eb223

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 06273b66-21c5-4d80-b412-f7ca29b64876
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame C49D 14 KB
8 KB 125ms
123ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895350955&tk_flint=pbjs_lite_v7.19.0&x_source.tid=ac1a5fb4-1d88-48e1-b04f-25c829f79242&l_pb_bid_id=1002ebecf8e7ffc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.0016557942120050129
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 145db5755ddc73d03136d4427354a0ca27aa7ecd697980bb9217bfb2f037e866

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame C49D 0
176 B 18ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:53 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 0C00 221 KB
60 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: 1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com
URL: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 0C00 14 KB
5 KB 76ms
74ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: 1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com
URL: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 0C00 94 KB
28 KB 76ms
74ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: 1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com
URL: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 0C00 5 KB
2 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: 1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com
URL: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 0C00 40 KB
13 KB 82ms
80ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: 1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com
URL: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 4895941329911483521
tpc.googlesyndication.com/simgad/ Frame 0C00 17 KB
17 KB 38ms
37ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4895941329911483521?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmSrI4wR5hxhS8HUUhCQsF4S7kL9w

Requested by

Host: 1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com
URL: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

626ffdcc2575c9677dffeca4f410575e8ec91a71aab472d0bf9fef208099ff6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 00:23:01 GMT
x-content-type-options: nosniff
age: 263572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17639
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 10:23:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Dec 2023 00:23:01 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0C00 2 KB
2 KB 41ms
40ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: 1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com
URL: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 57360
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 13 Dec 2022 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0C00 295 B
329 B 44ms
43ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: 1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com
URL: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:55:19 GMT
x-content-type-options: nosniff
server: cafe
age: 49234
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 13 Dec 2022 11:55:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0C00 0
0 45ms
44ms Image
text/html 2a00:1450:4001:811::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTv9fWlyPpoYu3eJmEEwlHWsgzSJ3_BR7g4DpbcAhYp-61UpdGWzSnXudIE1XRBHWhwfJJzNqIBGR9Ibfq77LChFdUq7Q
Requested by: Host: 1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com
URL: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0C00 0
0 81ms
81ms Image
text/html 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCEI599aXY-_GD5WT7_UPjOCIgATFwarFbZ60_PrJEMCNtwEQASDW5sVYYJXikIKgB6ABsbqnuwLIAQLgAgCoAwHIAwiqBPwBT9DNVDs0sEP7pCpyheSscaJgXGEg4PlksPTpf5Qds6xG-Je6CV5OAhDPxuSwBVSuDG0-ZXeSlDCJVcKDALsByQSvD-m-89uflpFJxoxLNHQsizjjlghMrKbv45wskElFmpQ7k2WGg0v25RFg-OvgEIZZYBOPtKlpzpFhiqxet2L5Us_tlrTnwDxLO7AjWlEllyt4V_6Yn7iwGRnn8wCr563bvwh9zPP2VqCgnjRxQfI4tiwG_9k7AjXZ8xSAKyRy1b5ig1htNsltuffNiZzULxBipkpiiKZyKDzrJscJmIp4wWocRI7toQ0xGOeU_BlUWT1pzR8Mp4l1BltOwASZ8qbwnATgBAGgBgKAB7fF2MQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQz-UT0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwPQFQGAFwGyFx4KHAgAEhRwdWItMjEyODc1NzE2NzgxMjY2Mxjc7Wo&sigh=BiORyeU2R5A&uach_m=[UACH]&cid=CAQSOwDq26N98DYTND6q4X_pI9IEJH9wOIWkWEj1sRnKROB3UPzRqm5SuBjMXbqKTFXRxkSF8U-RVZat9b_cGAEgEw
Requested by: Host: 1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com
URL: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame 4495 221 KB
60 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: 584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com
URL: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4495 14 KB
5 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: 584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com
URL: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4495 94 KB
28 KB 79ms
76ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: 584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com
URL: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4495 5 KB
2 KB 82ms
79ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: 584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com
URL: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4495 40 KB
13 KB 83ms
80ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: 584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com
URL: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301850
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 4895941329911483521
tpc.googlesyndication.com/simgad/ Frame 4495 17 KB
17 KB 40ms
37ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4895941329911483521?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmSrI4wR5hxhS8HUUhCQsF4S7kL9w

Requested by

Host: 584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com
URL: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

626ffdcc2575c9677dffeca4f410575e8ec91a71aab472d0bf9fef208099ff6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 00:23:01 GMT
x-content-type-options: nosniff
age: 263572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17639
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 10:23:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Dec 2023 00:23:01 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4495 2 KB
2 KB 50ms
47ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: 584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com
URL: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 57360
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 13 Dec 2022 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4495 295 B
329 B 51ms
48ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: 584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com
URL: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:55:19 GMT
x-content-type-options: nosniff
server: cafe
age: 49234
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 13 Dec 2022 11:55:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4495 0
0 47ms
46ms Image
text/html 2a00:1450:4001:811::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRcfeV0eHZCIBphQ2BOKFSY0GlSH20ZbTPFJGF_okpD50obCqTUDPBiQ6ptQFt5PA1n-iA9jP6ib4xBX3SqSmTONR9WdA
Requested by: Host: 584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com
URL: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4495 0
0 84ms
83ms Image
text/html 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CF4oU99aXY9CxCZTD7_UP84yGiAbFwarFbZ60_PrJEMCNtwEQASDW5sVYYJXikIKgB6ABsbqnuwLIAQLgAgCoAwHIAwiqBPwBT9DY3YT1OQfPWZrvbFoDCHiSCSbhc5y7ewTNDW8pci1BeR9JcTnj1oNVK5bm0oVjg4EgU-gK_B4vdohJYdpZCCzsFPrUE9iz2JYxTA4XoNROx9NLorsXcIxh5X10WnqGdfcndzMXZJG07G6bzk9eUogskazPkIlkB8ahVy3qj8s-gcw57SWSgFbTwJqmg6fuSsN_6tjqUM29-VOpXdqDLSJ7S_57Irwkc0x9EJI84PITKRiPDBbYzj2ugnxRn7kaEW8XPHnqkYuHmsWQaaQB7m5oGdOcu0zQTT5yiiHa1-2IlEJ0lEpcTSNKp_akHRA3COV1Vy4Eedj3T2M0wASZ8qbwnATgBAGgBgKAB7fF2MQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQvoUO0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwPQFQGAFwGyFx4KHAgAEhRwdWItMjEyODc1NzE2NzgxMjY2Mxjc7Wo&sigh=NtVwiHzs-SM&uach_m=[UACH]&cid=CAQSOwDq26N9hA3N-opN8TlT2hfGGbsGo-JPUGfbPekXMVXXzhsMoT8PC6655fvJlWl0WxBCk0XQWGSUujk1GAEgEw
Requested by: Host: 584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com
URL: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H2 200 index_0_250.m3u8 Show response
streaming.playstream.media/storage/videos/3f6d200d-1300-419d-83cc-3bee8e741c83/ 627 B
843 B 15ms
7ms XHR
application/vnd.apple.mpegurl 2400:52e0:1e00::723:1

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.playstream.media/storage/videos/3f6d200d-1300-419d-83cc-3bee8e741c83/index_0_250.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Slovenia, ASN (),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 4cf6e48c3371836bb55b74d75479d65ea0c25698c9e1a8a01c8fe8c32dfb211d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: br
cdn-edgestorageid: 752
cdn-cachedat: 11/18/2022 06:18:23
cdn-pullzone: 1024237
last-modified: Tue, 29 Mar 2022 11:25:44 GMT
server: BunnyCDN-DE1-723
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"6242ecb8-273"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: ab1ba999ac64725b8949e259160ffc4d
cdn-requestcountrycode: DE
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 27D2
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=T5JoJ193NCUyRm01Q1duRFJwNzJuald0WDk5RW5JbGtOS0lrMFN6RnRPV2VBJTJCUEtKd1Jua...
https://mug.criteo.com/sid?cpp=8rqFnXxkdWFQcFZpVEJiWXhlNlpDZWRDNldGNHZJTW90MitPbDh4SnNRaTJPVVJPVTZnd3NqQ0dzMVlFV0pxZUowRjU1aDlCRm92dU5TSjFERXdMcW8vMDRVbWxzYysxazFLakY0d0xWUDZEb0dDeXVOYzc3bUlPN01EaT...

425 B
651 B

17ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=8rqFnXxkdWFQcFZpVEJiWXhlNlpDZWRDNldGNHZJTW90MitPbDh4SnNRaTJPVVJPVTZnd3NqQ0dzMVlFV0pxZUowRjU1aDlCRm92dU5TSjFERXdMcW8vMDRVbWxzYysxazFLakY0d0xWUDZEb0dDeXVOYzc3bUlPN01EaTBkdjQ2cG9hR1M3anpKY2s1UzJWL0Fxa09WSm9mcmsvUXlkYkpxNFdtL1FQSEN1bEI1S0R5VkppamlVeTRIanM0bTliYnppbldPNnNsRnNoYWxsWHUzK00wZm5PaWNrTkFmYlFBVGM3RXBOVnpQdkNocWJ3YS91RjhYWTVmMkZmZmJtcmwwNnY5S3BxZWhvQjQvODJqZ1pGb2lRZkFGUT09fA&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5e23f0b764bb60ee929c3874b754a9d5e81e82b60d604663c5dc6e0cab64b6b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1814340
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=8rqFnXxkdWFQcFZpVEJiWXhlNlpDZWRDNldGNHZJTW90MitPbDh4SnNRaTJPVVJPVTZnd3NqQ0dzMVlFV0pxZUowRjU1aDlCRm92dU5TSjFERXdMcW8vMDRVbWxzYysxazFLakY0d0xWUDZEb0dDeXVOYzc3bUlPN01EaTBkdjQ2cG9hR1M3anpKY2s1UzJWL0Fxa09WSm9mcmsvUXlkYkpxNFdtL1FQSEN1bEI1S0R5VkppamlVeTRIanM0bTliYnppbldPNnNsRnNoYWxsWHUzK00wZm5PaWNrTkFmYlFBVGM3RXBOVnpQdkNocWJ3YS91RjhYWTVmMkZmZmJtcmwwNnY5S3BxZWhvQjQvODJqZ1pGb2lRZkFGUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 884138
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ Frame 4495 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80cc35f01e7cb11e973b41830cc9b06c1d155af7ebe70a9379154803bfd68815

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0C00 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8201825fcb83c30fdfbeb3600b33eafb352e0d68d79fdd5f36ad7be56268249f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0430 12 KB
6 KB 158ms
157ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e9c3b455a15899e9e149fd6119d046b56bc5ce0b759770e6b211dfdb15488dec

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e4d6347e-8d6c-4618-b7e9-db6a02ffa5d0
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0430 12 KB
5 KB 103ms
103ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895350737&tk_flint=pbjs_lite_v7.19.0&x_source.tid=1ff5d8f7-5bc3-4a16-a97f-ed006047a172&l_pb_bid_id=4e88eb7adc0af7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.35146712988139006
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 17fcd25847268e0a7d49cef10130051e43fd382f4eb41011c960786f6a73d12f

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0430 20 KB
5 KB 169ms
169ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: efe6d73c1137914eecc3ffd17da0ca57a41a6cf41c84cf0978d483ab1de78fa9

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0430 20 KB
5 KB 140ms
140ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 093ebac89b45cf7ceb6d9e336e7f447c2261d7f6c05705651bdba0cc2cd3899b

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 0430 0
499 B 88ms
88ms XHR
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 0430 0
176 B 16ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:53 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 0430 2 KB
2 KB 31ms
31ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=80488336609&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

76515014d87ebcb6c63e79132ef3c13ea16e4988e1b5be43146a600db338fb16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1676

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 4212 2 KB
2 KB 29ms
29ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=8021123254&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

53ecae11403d5d51c1362b9e137450b585e8257f1d5a3b040320c9c2acfcd2a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1659

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 4212 0
176 B 16ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:53 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4212 21 KB
12 KB 150ms
150ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6f851d4b1b5778b1ecb6fa635a4b69c163da328eb60611eb9a0e266cab88898c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 88f07f97-76e5-41a1-b80a-cb7b4b3be97d
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 4212 18 KB
5 KB 146ms
146ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 2fee2e2a5fb595474f80a2e48946b18bcf5fe9f48ea8cf1142adcc4aac9b63d1

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 4212 0
499 B 74ms
74ms XHR
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4212 12 KB
6 KB 98ms
98ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895350822&tk_flint=pbjs_lite_v7.19.0&x_source.tid=772562a2-2833-4ea7-ae52-a21aa0272df0&l_pb_bid_id=12786bafd23ff36&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8725963474741569
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 73a4a3f8f5d9c33f09f24a5a1091ac7baf7c6e8f3a2e85dc7838e37206593427

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame ADE7 20 KB
5 KB 214ms
214ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 025a588614b2117f9d11396f5de8d98a7353db8ca671327199e1caf10505813b

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 openrtb Show response
adx.adform.net/adx/ Frame ADE7 3 KB
2 KB 81ms
80ms XHR
application/json 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f139ca50b937598b422258a306b7229d1f08f72d553617c64751ed7746ac96ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame ADE7 14 KB
8 KB 117ms
116ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895350767&tk_flint=pbjs_lite_v7.19.0&x_source.tid=0c659972-93c8-42ae-9e38-1c70b6016dd9&l_pb_bid_id=6bd5756424f69a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3307075355054663
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2edd5050f07515cf31cf4dd9004fa258e026e7e87fcb77f96c66e97fbcd99b6a

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame ADE7 12 KB
6 KB 154ms
153ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a78367c902677b86885d403511ee59aa0b69f5cf5a83646bc4ec74b0b57ccf39

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6404244f-1500-4cbe-ab70-93b538490736
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame ADE7 0
176 B 20ms
19ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:53 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame ADE7 20 KB
5 KB 145ms
144ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: fe41aaa1ed6e7df7cfbf435e232aa8f6b75acaa3442754c001c382c5f9709619

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame ADE7 2 KB
2 KB 30ms
30ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=61270073233&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

c30d8fad72da999ba035cf6f404830690175561fbcaf961a42ee0028097a1741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1683

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9478 13 KB
7 KB 148ms
148ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f0176eaad150c838655ee5d8ad913f9ed20fe0ba5098034b6fab9fc4cd4a05f1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6eb584c3-bf6f-47ea-92f7-b9f323b3b73a
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 9478 0
499 B 94ms
93ms XHR
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 9478 12 KB
5 KB 91ms
89ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895350844&tk_flint=pbjs_lite_v7.19.0&x_source.tid=d396af97-63e2-4dbd-a26d-85299730f359&l_pb_bid_id=63e70ec7a4412b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7262819076463842
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3dcbca4979844eab52263a3de457abe88e4a9db342ef757fcd8cfffca28a4d7f

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 9478 2 KB
2 KB 29ms
28ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=77042703839&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

78dea314ddfeb101398709101d924c1559405c7b405d807ccb8110380a9513c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1665

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 9478 171 B
561 B 140ms
140ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9478 0
176 B 16ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:53 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame C84F 0
176 B 17ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:53 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame C84F 2 KB
2 KB 29ms
29ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=34509179170&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

4d928b5f740afe75a9c1ecb0861b8288e4bc248ea985a5224ab6bc3a73420886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1666

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame C84F 0
499 B 84ms
83ms XHR
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C84F 12 KB
6 KB 145ms
145ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ec64d76f3e4c5b89804f72cad83212ae95ee4ea6b9a44153541468be533bcd3c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9dfc6675-9771-4812-819d-86c2a52f6f4f
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame C84F 14 KB
8 KB 111ms
111ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895350803&tk_flint=pbjs_lite_v7.19.0&x_source.tid=54c199d8-7e14-4579-b48f-f8fd3ce1cdd2&l_pb_bid_id=10f6b26ca0b5916&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3386435110769668
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 296630726fa5ed4eabfb5906d35114b7e68936ff77213ea816aa1383d6b9677e

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C84F 171 B
556 B 227ms
138ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 71A2 20 KB
5 KB 246ms
142ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: fad56e8cd64f74ce29cf47f57a1d525c3776d928119549bfa7c530d389baabff

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 71A2 0
499 B 84ms
84ms XHR
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 71A2 0
176 B 16ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:53 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 71A2 14 KB
8 KB 128ms
128ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895350882&tk_flint=pbjs_lite_v7.19.0&x_source.tid=37ebe252-fe2d-4188-92eb-5aa1a1c6c111&l_pb_bid_id=89c74f366ca665&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8822496116441947
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ccfacc0f13640cfb3f4b2418a7ced4c21527c23a892ab991164ff0d37e796de9

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 71A2 12 KB
6 KB 138ms
138ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

cc94c9bbc1994c3135ab5ef641898bcb19d0b95ecb70e295583c616b02384e2e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: dca5c875-f059-42ff-9f71-b19ef1b0c92a
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 71A2 2 KB
2 KB 30ms
30ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=60235113841&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

49603d59e651b164d2d10b0cf1d58e1d0630fc7ff88c53ffed7febc3840627a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1663

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 95B9 0
499 B 80ms
80ms XHR
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 95B9 20 KB
5 KB 235ms
133ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: d537736cb25631ac87c7045323d2c6d628434800db7851a168f26ee0ec51ca88

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 95B9 13 KB
7 KB 242ms
149ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a2382480b9b3cfa5c467ec5a319d213b78b3f32dcf1b446b2671a240cbc868bf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e4ff49a5-29ea-44de-818b-1ef7dcf4f714
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 95B9 14 KB
8 KB 107ms
107ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895350753&tk_flint=pbjs_lite_v7.19.0&x_source.tid=a20aa4e3-ed65-4440-95dd-ca0a27ab8f32&l_pb_bid_id=81c4ad7b3cd95b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.004042683989748497
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f75166655748244b5ceb65b34ea7ae26f32655ecf1fa43da042ca3cfaa58c23d

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 95B9 18 KB
5 KB 334ms
234ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 97355379763bf00b7b741c83dee408f258629738c7c8034e4771a0d82a36fe39

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 95B9 2 KB
2 KB 32ms
31ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=60624559550&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

c49e45c8091857aefb1439ad1925ccfb44a42379967aea637557a66e0abcf3d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1662

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 95B9 0
176 B 18ms
18ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:53 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame B8D1 171 B
561 B 232ms
133ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B8D1 12 KB
5 KB 106ms
106ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895350864&tk_flint=pbjs_lite_v7.19.0&x_source.tid=63c60fee-9851-4508-9ac6-bff24439ca43&l_pb_bid_id=4e4c30c5249448&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.32240482222433253
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a01c5a221b74bedb7c8336278eb5669f1991d33333f8c552dbc2316abcfc37d1

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame B8D1 0
499 B 157ms
157ms XHR
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B8D1 21 KB
12 KB 232ms
150ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

da9fea0590445e1013bfe4cb816e314baecbdc7724d8863fcd5766e0fb008c1e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 704a4c27-81fe-48b0-ad5f-14ae283b22fa
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame B8D1 2 KB
2 KB 30ms
30ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=41841352423&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

37a4efac21ac905865e9d4e6cbc4dc4b34ed664b34f2d37b5eaf0c58c0fc6ae4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1681

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame B8D1 0
176 B 16ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:53 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0B8D 12 KB
6 KB 216ms
132ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e7fb06057071103d252bdcb9337a5989f95473da72958f18acb58305e8849b31

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 13 Dec 2022 01:35:53 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: dc590807-b301-49a1-a698-c744a8015397
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 0B8D 2 KB
2 KB 29ms
28ms XHR
application/json 2a02:2638:1::1a

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=10442035229&lsavail=0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::1a , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

faa40322caecfbe89091971ce1ee304c3e01782efc2e1039f159cd0fb39f6ed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1653

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0B8D 18 KB
5 KB 299ms
155ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3064e6459bb2077a733ea430f9f707a2df8c43c849a30d73c0ac55e37ee400ad

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0B8D 20 KB
5 KB 360ms
172ms XHR
application/json 185.86.138.16
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: c7f4979d3521c0cd9a8dea55f7dacc41ca63af1a92a9d9831ddb0293b24b796e

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://flashnetic.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0B8D 14 KB
8 KB 114ms
114ms XHR
application/json 2602:803:c003:200::51

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1670895350781&tk_flint=pbjs_lite_v7.19.0&x_source.tid=f400e29f-1131-414f-8fc8-3f0171ab271a&l_pb_bid_id=1073cbfd9fb7a29&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5683862801181656
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d96935771a56143abd91ec9d9b5198749141220353e92db61821909d363ef285

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 0B8D 0
499 B 102ms
100ms XHR
text/plain 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 0B8D 0
176 B 17ms
16ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://flashnetic.com
date: Tue, 13 Dec 2022 01:35:53 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame D00A 1 KB
1 KB 20ms
19ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6hySndOYzXWS__Fe_uvTDI3j5kggto7jPBI6_rGR9pErFycflZbI5Rmhi8XDu_Q26_iPSMtem97q8ZB0JSq1PUwu_OYHo1IF5Q_0LNFeFg7JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes2EdVqHNfd24sOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ozE4JXCaPuJ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-QB2lcHWVxukSHu7NqUA70v0RdBuZDhu6YYXIQd1e4BpXim3rfB42YWCtU8SE1K4YVshrdQM8Njt5pcBFDwgB108KGiHuRmzpYD9jTA9wD4ksfMEX5By_Xskui0bMBUl7Gt2o9QaDvyxgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fcf8637a53f0aac6a99c49046b5c03f398854c4b371f4324b559d39c8f42e9e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1114
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame D00A 59 KB
25 KB 22ms
22ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 9173 1 KB
1 KB 20ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6kB3crmDNKv4UBGNctTrpXUmOCVbLVYNxJU5JkiVqYUqoL8sPvzXLX2yRoDgrbSgFMtimstrpkHJQjdlPoMfCL5jDvSgfUrnROzIeBYU_NTJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesGUYtvN61XXQsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=vO7qQg4mkfh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-RfLdgNVu4qoPXplxquaSyMSnTRLePsZCwkmR36zPijdQxQvpuVynoRRO84aN3a-tUWeO2WfnWUxBWjWLle26hkPP--1FqfI34D9jTA9wD4ksfMEX5By_Xskui0bMBUl7FAoEqcFNfc9AO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3cb8168a272fceace35a430276ab6b4f2579240eab133bdc8cbd66742981ece9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1110
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 9173 59 KB
25 KB 23ms
23ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1EB4 13 KB
5 KB 39ms
37ms Document
text/html 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 23:35:23 GMT
expires: Tue, 12 Dec 2023 23:35:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A38A 783 B
537 B 48ms
47ms Document
text/html 2a00:1450:4001:811::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

GSE /

Resource Hash

06e1d67613f303112217486e262d3561eaa8a8b192798d189b23cc8017555043

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9ZjUfQFlW2kgR_Ftf5uxUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-9ZjUfQFlW2kgR_Ftf5uxUA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:53 GMT
expires: Tue, 13 Dec 2022 01:35:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1C24
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

56ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:53 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 13 Dec 2022 01:35:53 GMT
location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 1522 34 KB
11 KB 81ms
9ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17c2

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17c2 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame D4D7 1 KB
1 KB 25ms
19ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=hPzTdJMDKIg5v0ENd9o6GfZW2bmGw8clO7ZzS9YLmI1Ugl5JxTR721MM0KY5cE_zN5_ob0fZOSewJMpg2V_QxBh1LMHJJ3lk0d0u2-xKx-PJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckescO8H3y7CrUEsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=azPcNvHoVYN42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-S2YUzo2hZul2buPF5JxMQxJZjiMIjDL5JuSQgE3WHzUbtLxij1L2_lg3-Jn6gKd3sv8blS7G1yaQ9jgx4TmFbhz5sK05aOAaS487kQPD7qPMfMEX5By_Xskui0bMBUl7FvKCtKAhuvEwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e0a24317c4d3f3b0c9d1093ed5a6043e4a2d9379027367fb9706a4f1e765b7f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1112
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame D4D7 59 KB
25 KB 27ms
22ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 0994 1 KB
1 KB 21ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=el6TqoVMDqYb7tNGlrpsfcRcs9ioKD-xUF5UzR3KyZddEAOw4zEnZIPGMD3VRZ1RF5edEVELpTqn125GOSg9QiT3XpZPf5rk_r6OL9_eogfJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesasoVfeTdcMIsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=-HNN12Wpgbd42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-TiyfUUBa-J7ThpJC9mpUBzRLc3XDHBE8UUumzOKOyZrjfJX6OCxjnQTdNS5DnsFFjRtGvEG9tWa-6-tUwHafRpOQNq5iNkiCAD9jTA9wD4ksfMEX5By_Xskui0bMBUl7ERHjUBrsVxsAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

656b65a52b9f2dd39c8f627f593c78454b2b8241ebd2fe71028cab6851ba8906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1108
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 0994 59 KB
25 KB 23ms
22ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 2650 1 KB
1 KB 21ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=52776760;rtbwp=3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0;rtbdata=dvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=NR6vD3u_96l42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOIZsskq0Op52_Lv187g21ptkhM1KAnYn6VX6KkkC2M17Ih1FcgCC3jJPPt1G4hHWK5vcMiNaLAME6wJt5VpXOvY_IAdJ_tTSlq487kQPD7qPMfMEX5By_Xskui0bMBUl7H_UuGAc_PQbAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7c288bcf9c8fadfffec673676cf1731a9f30234683a0d4b382e3c84733f51076

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1125
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 2650 59 KB
25 KB 24ms
24ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame C52D 1 KB
1 KB 23ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=Y7sXdZWOOc-P4tg2rjcZDuV-vAoFg3rR6e5SnFOtbCUCzDYGSodiszRRtJvKKd9iQSrVwV_t9ZSyYnsiak5Wz7IlTwkxmgzbF8nJWJEd0rDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesPx0qJA48hjMsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=goNnsaK182l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T1RyGl5oNeOhLxdbyy5PSNhDUcUOV71ticeZrBkDzKA8GhcRuV4j5-T673vrAXZlSjHIebGTl9-_82Tw25g_wcNcNg2XJOgyC487kQPD7qPMfMEX5By_Xskui0bMBUl7GEW8GBzoZmDQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

addfedd8c972bb103bc66cee092b9cead9d661deeda3eba2b17cac7c74ad0fbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1107
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame C52D 59 KB
25 KB 24ms
22ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame A372 1 KB
1 KB 24ms
24ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=52776760;rtbwp=3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0;rtbdata=E6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Qoj6L5KxVT942u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOIUquuRB6dDAK3m21jRn1toLUhj0OruplRydjVB2b1Bbn0XgsEEHJOfilXC83Ln8ApD7Ie2G3HfFH7cXH6RtSU_nfEg0iTdYXkD9jTA9wD4ksfMEX5By_Xskui0bMBUl7Fjv4RNbzNKFQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3628bd985f73b8559736eaa725a1a85f9a552cab08ec720491191b7df1a930c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1124
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame A372 59 KB
25 KB 25ms
25ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 056F 1 KB
1 KB 26ms
10ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=el6TqoVMDqYxl0wbZ7BTsjDPbCsHC3IuGyi96-iBEXiuGCq_BnXAyVAnoZODnFtPbcnv062g4GWlmXc3im9CjgvvoiRcP8PVuzVMIBRTO13JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesqB15WDlK0ZIsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=NzdvgD9gYJF42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SXOYPggT9YK4oafCEGqmAP39D7MSfrVkeeHqXI7BZTla6tzJEWFgODgIMAiDHzoAnrGU6O_bacNgzVhbT58Z3bjvRZ0QPlrLa487kQPD7qPMfMEX5By_Xskui0bMBUl7FrKxSbT51v4QO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fbd4a9afd2c212b933766c0376e928fd3a3964b819540bf825a703b7574d8e33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1111
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 056F 59 KB
25 KB 41ms
22ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame A3A3 1 KB
1 KB 25ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=nedVi83WsnvuwYG4pwN7wWQfmiISvqpxHJgnhBNEdMF-bIBZuq023dO6EqB0BATo8rexdUz48iFv3-m0nIg9zbxZStwh7Ig57Z88je1ZJrHJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes_HwUFDsxAJYsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZnZyU2CeQMZ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Smz6DiN2xBdd-YgH7ky7JZlUnhqCF6xwOl--QfGPSG_OzfaDIhLmsXlBWf7lXpubTAmCQC1ruH5CSwHNsjD6RfWHGPRR9qDwq487kQPD7qPMfMEX5By_Xskui0bMBUl7GIomjd2CVv1AO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

aa0f747500f655ace4b0deeb78271c64261fea21cecc24a6c59d78b5c600e313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1110
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame A3A3 59 KB
25 KB 29ms
24ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 90A4 1 KB
1 KB 25ms
19ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=USZo8a-cS5k3HSapHNWz6KzboUFQG3yp0;rtbdata=Bn6VM2oCxshsJBJGaugXNeYj2aOaBq3B6L83QIj17HYYOBhAj_cAZTRRtJvKKd9iybm0rP3h1kj2DfAOsQzDQiEQN453GDQEUaFRSbckBQvJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesTbeAlC6eDDFAgpBh3_9PptmhJaxM7bDE7nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=dwM4mnrZthYWcRYtgUbgFKBG_kd7sUIQyQbNzqOyWmxMr4hLISKiONol5kSYxyp8wBT8A18WkWQdSihwuRFs2dLzik8OS_MJdLENeERtvyAFI1e6n61PJYj7Z_ssjYeSohcY6vbxqK860R6LeeqNBqShCn1yzlSyuTNlEnA-3LJnn_WO9d-tmQj9D2es57yWsM7lnDxo7-oXOqVKttkMPA2;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ffc919cf686a508d9144e89fab34ce122aabbc8c2f4376e98f4d66b047f16c92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1099
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 90A4 59 KB
25 KB 27ms
22ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 9EA9 1 KB
1 KB 25ms
23ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=A8iMOn7YAicxKiJTDezZ5f2f3J0MGoLi5odfww-H8VUNjxCDM4_Y3ecxbCA7OgRLTCm29U1ofij6vZ1rUVCusjBQC4jNBJYm2tncKUcnSd7JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesMYvWYadD4kssOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=yDsomYhG62l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R_ukBu4ag5a3bSvRg4jBp3H7xptAqVGZWPJI3fcArP757eVzc-64HRpCtgLd1wnBr6667J5fy7qX4nt2-FdKcpP4u3jTwHNpS487kQPD7qPMfMEX5By_Xskui0bMBUl7E3W_BpddaodwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3207df76aea4eb245d70183ca1acf081652b44577e7d6828294e1ba2551988cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1109
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 9EA9 59 KB
25 KB 30ms
28ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H/1.1 200
OK 75d02d930b.html Show response
tm.ad-srv.net/tm/a/container/html/ Frame 66E6 4 KB
2 KB 253ms
56ms Script
text/html 167.235.32.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAACCuR9E_MFdxcAqnjD8W9rTDX5OVP75-96a2J9QqXg18asgO4Wb41pdjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA0iaD9wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaJeAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyOUD8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTI5%2Fbn%3D97054%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1887888668
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.235.32.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.26.32.235.167.clients.your-server.de
Software: nginx /
Resource Hash: 98b82f06a8fdfd4b87ddcaaa6958ee49d2dda736e8cf6de28a90334725913493

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/231/ Frame 66E6 80 KB
27 KB 19ms
19ms Script
application/x-javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/231/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:53 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Nov 2022 10:07:25 GMT
Server: AkamaiNetStorage
ETag: "48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27455
Expires: Wed, 13 Dec 2023 01:35:53 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 66E6 0
819 B 22ms
21ms Image
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QKbCvQkAhsFAAADANYABQEI-K3fnAYQvv3dt-r2ieoqGN6a8NOG2cPwZio2Cf3Gy-Me4pE_EXq8k4a-v4c_GQAAACCuR9E_ITBXcXAKp4w_KRb2tMNfk5U_MQAAAEDheoQ_MNev7Qw4mFBAyk5IAlCT_PlmWLXyoAFgAGic3MQBeJ72BYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJTdWYoJ2EnLCA0NTI1MzYyLCAwKTt1ZignaScsIDQxMjYxNjksIDApO3VmKCdnJywgMTE0OTM4ODcsIDApO3VmKCdyJywgMjE1OTA3ODU5LCAwKTuSAv0DIUttUWNCZ2pGaUkwVEVKUDgtV1lZQUNDMThxQUJNQUE0QUVBQVNNcE9VTmV2N1F4WUFHQ1dCMmdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCa2U4SzhPRjZsRF9CQWE1ZHZJaHRrcFVfeVFFQUFBQUFBQUR3UDlrQlV6OXZLbEpoN2pfZ0FkbnItd0gxQVFyWG96eVlBZ0NnQWdHMUFnQUFBQUM5QWdBQUFBREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0dBQXdHWUF3RzZBd2xCVFZNek9qWXhNam5nQV93dmdBU2J2ZGtEaUFTY3Zka0RrQVFBbUFRQndRUUFBQUFBQUFBQUFNa0VBQQ2jHEFEWUJBRHhCEQ8oQUFBaUFYeEw2a0YZuAwteEJRARoJATx3UVY3Rks1SDRYcVVQOGtGCRYUQUE4RF9SLigACDJRVQ0b8ENEd1AtQUZ1eER3QmZfRHZRWDRCYkthbEFLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQm5zVXJrZmhlcFFfcUFZRXNnWWtDUQ1LDEFBQUUdjABHHQwASR0MVHVBWUuaApkBIXR4YUplQWpGaUkwVEVNAdh0ZktnQVNBQUtBQXhleFN1Ui1GNmxEODZDVUZOVXpNNk5qRXlPVUQ4TDBsVFAyOHFVbUh1UDFFAXwJAQRGawkIAQEER0UBBgkBAEcdGABIHRgQSGdBaVEREPD9RHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2Vhcm5tZS5jbHViL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7bAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTc2qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDzEwMDU4I0FNUzM6NjEyOdoEAggB4AQB8AST_PlmiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFsKIC-gUECAAQAJAGAJgGALgGAMEGAAABJijwP9AGuzPaBhYKEAEPLgEAYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOL8GQADIB572BdIHDQkRPAE4CNoHBgknaOAHAOoHAggA8AeLvwGKCAIQAJUIAACAP5gIAQ..&s=74d662e011113e72956a244014a1fb53fa2cd6bb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:53 GMT
AN-X-Request-Uuid: bafc481f-ff40-4070-8e44-4a67c3d8e357
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 69D1 1 KB
1 KB 31ms
21ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=nedVi83WsnvrGTbicvU4oaYPmAsr313ySWYaKhB4SylRkGsSQ0eu8U1REz67sdhwk_NyztNUtlOOiS_yYpnDhiYOaG4vBPm6DF2OhZGJg0DJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckeseCfl9291i0MsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=X8t-36h9nYR42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-QqHFCVDKYQGwdS1gx69IWBPnaSym6moQzLK1bfyl92rNIMheK2qV1G8ZXE8_p-CgxcqC6ZP3_v8UgO4kbKKRHjiVaigPj8CtC487kQPD7qPMfMEX5By_Xskui0bMBUl7GT4sDDTmQgWQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c090272509ffc649655fa540aa7dfda0dfac422e567643d6cf3199af99f76e06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1110
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 69D1 59 KB
25 KB 33ms
23ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 4439 1 KB
1 KB 23ms
21ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6kB3crmDNKsWM8u-B9O9gTvyK1tL95FjWESo1RIi1k1UV91viSPRx1AnoZODnFtPmQka40KdyHm1YZZo3kUXGXLmq2F7k582Bw8SFJsAcSHJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes9B64T1zb0aAsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=u0V96RrWX6h42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SmLsoGx7NKPFojyZHjkG7c8tjiCYe453KNRb8TcQu-OG6ZerffyPdz3MpirWevacmVKBsZMbsSOnpPbsBybqHO7pcn6Y5yVtS487kQPD7qPMfMEX5By_Xskui0bMBUl7GPSLnBsB6GAQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

60e404ceb4d84dc814c418fef1bc7909c1cc110c3d57aed19448f3174cd05d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1109
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 4439 59 KB
25 KB 26ms
25ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame E89B 1 KB
1 KB 22ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=pIjprdQVl3zDnit8BXfkBXYFMvGzwv68tn77L2WYW9wZKuSWxLVPfZEOAGbjPBIsxULr_X-qKlkJZAsOfr-2Bj__zz8Adx5q1qHOUHFUD2TJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckestweyTTgh3e8sOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Dmeys1PED1l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-RIOqTe9eBjKWHdsY6M5eKU_h8Dz-v8sHEJj7v1c9EkUxVlpk7jyXHcPGLpIY9-897TiTRhr_v3p2RvwN4xUKSL5ufGupi-kGC487kQPD7qPMfMEX5By_Xskui0bMBUl7EHSfKiolvV7AO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

49a9ea2982764490df8e684accdc64f01a294565609f1d20ec72fa21ec0b1bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1116
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame E89B 59 KB
25 KB 23ms
22ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame A886 1 KB
1 KB 26ms
19ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=R0qCEcXgZSFFrKo8oEky-e-cIFDb3Zlwn4hQAqJ1GQaPEWqxVMPxa5EOAGbjPBIsN2bTBkk7hALfxo9hzdclO-ad-MTVp0wbEjHbWULcdyLJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckestweyTTgh3e8sOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=PIEuGyvXXXh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R748V44QkG42at0E0NF5uYd_mQ5ZOjeBjJe-BeaBGXU7Cz3WbHU3lGTmN4lJGFn7vL-NmpDJUJzoaBwP4h80iECQvqLRQMmiO487kQPD7qPMfMEX5By_Xskui0bMBUl7ELsPf8meMzvwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

528336c7a6b36697e4b59d887f37fd1f06d6b1c1d69e0385db9093a9023421cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1106
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame A886 59 KB
25 KB 28ms
22ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 3F00 1 KB
1 KB 20ms
19ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=Bn6VM2oCxsh3PPOV55lLABHLO7eOUZZCdGVG0m3hGQtWJobxScKznTZ9JNJrNRQT0Tg6Oi8JbQmNNUYEthR8m9Kn_0N8GggcRCl4QzTGvk3JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes-oud5M6wThksOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=qSa5lKNbOYR42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T-U_4_PkKvOAEn0u8UCDXJcaV2rIZ-uYMHSIOSGTPhw-_4r12wTmMaTvNa4PdpnBAhk3WoatXs9tf_t1_4lF9gBIAz7fY1yPq487kQPD7qPMfMEX5By_Xskui0bMBUl7FFlxhuOX0aOAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

24901414315cfb67c0ce29287f0010c8171db87bfc557712bcbd6713e31ad1aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1113
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 3F00 59 KB
25 KB 23ms
22ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame BFE3 1 KB
1 KB 20ms
19ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6kB3crmDNKuGLn04XPWPSErVV_ckqU9qLXJo5HLbTjX3VHuUvcUEydO6EqB0BATowXdz7qlQPQl2MzsghNnt236CkpKrt8FNcc6ug0h1ahjJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckeseWavUdsDT2MsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=C2p2hd2b5HV42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-TVgJBnfLkelLdyFlH6jrbbuNkQ1OEvk30OKK-aMiMtio8D7f9ddppjZUl_FOyH8hGPxu22c7tBtoypF-O_Ox7iCFZ7L1zmW1y487kQPD7qPMfMEX5By_Xskui0bMBUl7FkqXhNhponOQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b6b1451016133a184a0e3083de270e47bb4cc61aa2bbd7ae3cd6234cf5ee05db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1110
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame BFE3 59 KB
25 KB 25ms
24ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:53 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 index_0_250_00000.ts Show response
streaming.playstream.media/storage/videos/3f6d200d-1300-419d-83cc-3bee8e741c83/ 597 KB
598 KB 10ms
10ms XHR
video/mp2t 2400:52e0:1e00::723:1

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.playstream.media/storage/videos/3f6d200d-1300-419d-83cc-3bee8e741c83/index_0_250_00000.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Slovenia, ASN (),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 49a9614e020d85f891cf0b0208a077ad1c806c27e73ead4e01543c27b2f325f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Tue, 13 Dec 2022 01:35:53 GMT
cdn-edgestorageid: 1053
cdn-cachedat: 12/07/2022 07:37:02
cdn-pullzone: 1024237
content-length: 611376
last-modified: Tue, 29 Mar 2022 11:25:31 GMT
server: BunnyCDN-DE1-723
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "6242ecab-95430"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: eb86cbc5a66df88f06941bfc4ee8ab5e
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 501E 34 KB
16 KB 25ms
25ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=el6TqoVMDqZhu6YCf0OCJ3XiGiqIotY4Mcx-asIOX4sYcfaF87gK5Bmhi8XDu_Q20YD3o_e-16P37_NXUdN2SYcjqzBAwiw0fVzRPfRjYWrJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesfB28gUDijSksOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ylQVxy0h3Id42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Qb_6smX1KGRxv1DSGA0RdMnZUVJHm7U4IN672X_Kv1WTGb5GQxU-uwRQTAIouGwYCOUdQWx7eaBE3qgsOAQNWc438McD3LeUID9jTA9wD4ksfMEX5By_Xskui0bMBUl7HUn5BwdnFtagO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H/1.1 200
OK dvbs_src_internal113.js Show response
cdn.doubleverify.com/ Frame 08BB 59 KB
19 KB 31ms
31ms Script
application/javascript 2a02:26f0:6c00::210:ba29

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13361095&cmp=28876501&plc=351842702&sid=884521&dvregion=0&unit=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Oct 2022 09:56:00 GMT
Server: Microsoft-IIS/10.0
ETag: "0b85bd045ecd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19448

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 7DA7 34 KB
16 KB 34ms
34ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=pIjprdQVl3zmDdyNw3cSGVE9X2KlB0r2sGmOhVE9WTXtSsdvslkUhBmhi8XDu_Q2v4-xzsvQ6hkCHauhkDM2VaeOlRnmmlEp7rd2-UIinG_JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesekeP2M9dIFcsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=R4iX0eHrCix42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SVcsUw786y-LUGyr7jp1eKPfy0h_IB6gZ1KpI_22cKeyO4RsFn-ucpMMxhFn7iFYh6fNzOvM7seG3m-HTxGA4Vmg7Klcu1N_wD9jTA9wD4ksfMEX5By_Xskui0bMBUl7FkbBjxSa4glQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame A30D 34 KB
16 KB 34ms
34ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=nedVi83Wsns5y_gHEO1oOq2iFWU34Wb0FFyZcKivfaWB9bPyIGiXx5EOAGbjPBIsM8PBq0CnifYq7vt4QMBDCjmRFfAV0C7HLuBRMnyq9gjJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesau_9YhHhNXcsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=7r-M8NIg3DJ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R8u3pKImRyrNrSwHb7qBseiWKRw4Z--Wz7ZsWXqITBbWdghNpsPngDQCn2rUiYgvpaYnqm_YHRyarYFuYefveqnS4j0MvbFrsD9jTA9wD4ksfMEX5By_Xskui0bMBUl7HZ5-dnmF1x8gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 5226 34 KB
16 KB 35ms
34ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=52776760;rtbwp=3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0;rtbdata=MU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=PH8G59wFgDN42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOLhkwluhosDW-sa8r9BNc91SWT-osaCa81NXGjqFeI9q1nBVAfOGIcw-7m_R-v-Hf1WtMcTT1wXfuIDuAq15YdMCjIRl_x6BFED9jTA9wD4ksfMEX5By_Xskui0bMBUl7HtZSuXXq4oFQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012211060024000/ Frame BFF6 221 KB
60 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Requested by

Host: 1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com
URL: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61592
x-xss-protection: 0
server: sffe
etag: "a2fca7132416d151"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame BFF6 14 KB
5 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: 1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com
URL: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5218
x-xss-protection: 0
server: sffe
etag: "abd4378f71571d78"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame BFF6 94 KB
28 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs

Requested by

Host: 1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com
URL: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28809
x-xss-protection: 0
server: sffe
etag: "dd6615029de85e23"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame BFF6 5 KB
2 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs

Requested by

Host: 1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com
URL: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
etag: "403438c4d550ee88"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012211060024000/v0/ Frame BFF6 40 KB
13 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:82b::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs

Requested by

Host: 1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com
URL: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 09 Dec 2022 13:45:03 GMT
age: 301851
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
etag: "0bacd3f1ce38a7db"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 09 Dec 2023 13:45:03 GMT

GET
H3 200 4895941329911483521
tpc.googlesyndication.com/simgad/ Frame BFF6 17 KB
17 KB 41ms
40ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4895941329911483521?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmSrI4wR5hxhS8HUUhCQsF4S7kL9w

Requested by

Host: 1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com
URL: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

626ffdcc2575c9677dffeca4f410575e8ec91a71aab472d0bf9fef208099ff6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 00:23:01 GMT
x-content-type-options: nosniff
age: 263573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17639
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 10:23:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Dec 2023 00:23:01 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BFF6 2 KB
2 KB 42ms
42ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: 1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com
URL: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 57361
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 13 Dec 2022 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BFF6 295 B
330 B 46ms
45ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: 1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com
URL: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:55:19 GMT
x-content-type-options: nosniff
server: cafe
age: 49235
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 13 Dec 2022 11:55:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BFF6 0
0 48ms
47ms Image
text/html 2a00:1450:4001:811::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTDWuA5riBpeAnhmFCd8nY9oXwGH87VZs2tNo6t1a-NC1QCHmmsbluL5Vkba73klYZtLlezYwdauPaDd0SZdvRWHDxmUA
Requested by: Host: 1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com
URL: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame BFF6 0
0 82ms
82ms Image
text/html 2a00:1450:4001:827::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cb6-S99aXY57VLb2O9u8PyoOzuA_FwarFbZ60_PrJEMCNtwEQASDW5sVYYJXikIKgB6ABsbqnuwLIAQLgAgCoAwHIAwiqBPwBT9DUIcIhhC_zBM7Al0op0d0YIjUCIWJJ-KvdcPixoXe7ZtCZFxL_PlPB5805qZBs3IFjxr5iD63tnMu9IJ86HtB-pE3wPpsLYLeq3BKXx9aXBoyhscwvDhRu5RbCygN3uVbu9_gKrfysnPTIIDJIseng6wseJtDGgHFWh2jQz3-NwQmHvMaCE1u8Xx5uBeNBJ0SUJvMEqKJPkj6g9Y-W1_KpvtQ6uR3mO7iDwZx7neb7BPFjlatV60K_VMSGlulyAcAok-H4JrIUdPX4c7Nd4V5QoRazjTolOjE9oXHAlnY4lgpEhwIgh_Er0nuPY7j61gA7weMxCQT2mZDzwASZ8qbwnATgBAGgBgKAB7fF2MQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ6MgQ0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwPQFQGAFwGyFx4KHAgAEhRwdWItMjEyODc1NzE2NzgxMjY2Mxjc7Wo&sigh=h5bl3szwb4o&uach_m=[UACH]&cid=CAQSOwDq26N9j1sNHd7iSCOo72ClSCivDl6Yo4ihwaGmw30ARTUftKBaefmafUBKJytqJu_LvbZD2FzZQk-1GAEgEw
Requested by: Host: 1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com
URL: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 137E 34 KB
16 KB 28ms
28ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=52776760;rtbwp=3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0;rtbdata=dvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=elQDvTaP-AJ42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOLNEl5eNwM_qxc1BeWi0xHh6reDgpWa5OhQZYntkz8hwjz5TzQ1MQEpCYeQl0TGzfaAyvSK0jPBpd7H0I2JLBFbVmmXAuRovJwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7E6lhanwaplcwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 99E5 34 KB
16 KB 28ms
28ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=ttNmYRvTsQunmS9emcxVN389yDirH5ObxDPw0vN6APreduWji-OQ-FAnoZODnFtPMwMF4_14hWwQsMNaN-onzKNBAZmtQXAYCD6t9pjcdoDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesN2kt0MFgTmosOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=1eVq6w26WOt42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SsN0tmH01sEYB613wE_-Y-sAmyZS3LqHAbdyRaGIQzblH01y219wsKseyBH4HYZS_mgO4blMDzigVgcKltZ74kUCGMpxWpEuwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7E0at5TinmFoAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 17AE 34 KB
16 KB 29ms
28ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=pIjprdQVl3ySv3BQcZTyESFpyzIuExD9-IDL9rSQP86zgixjPE8clp7RJsIFLDe-QYDD5jX1V7eRz_nKojNWsGzyMunvTlGSwpE1mocy1wDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesXTw643e2q1EsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Ltz3FkLvzLh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-S0RQRDqt_Eq7UUDdWkpBFDbtTSpoMPBEgaEb7ErZtSV1SuCS7WvxI55oQQjqC0lfp04fv_0Q-eVAQ4X8xU_Pst72Ljv0LdVPwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7GvPRwYsYeIGAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 2674 34 KB
16 KB 28ms
28ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=TJ4qHFkmLj2xjbj_DSPSdv8uxOp4VadipWElZEXNR7CdflIx-j2gb9O6EqB0BAToBRxu1Oeyvg54EdaJDVWTOG9WF_Ms9DQUf2ZiUkc-_kbJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckess0drL8uHixwsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=9YFKyQKqGg142u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Tcjp1sSc42N6eThQihijlLiIXmNNq0KJDWPl13EhPjIUDZcRt17VZZ2khpvyYMYQaeCsfwlZDVLkujONcrnBbL7torgEaogysD9jTA9wD4ksfMEX5By_Xskui0bMBUl7ElVsqJlgaQcwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 9E94 34 KB
16 KB 23ms
22ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6kB3crmDNKsA1erjN7kBQz-9bdwi6BnBrBdr4bZSs1vPg-k-3Jylr01REz67sdhw2B0rW3xYz1ou2lf76kIC3K3AWcvoosZedRDZMebUfw3JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckess0drL8uHixwsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=o4EgYW9ieAx42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T4BpsGlAektJIkg-SUbE-OGMdrOqyImI8rt4YmCK4s2yPVhEL-LO5gL2ObMjJ1XrrY-QE_NL3A1opHUONa_ylky3yCGs4fa_ED9jTA9wD4ksfMEX5By_Xskui0bMBUl7Egn83A8QeQtAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A3BE 13 KB
5 KB 46ms
36ms Document
text/html 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 23:35:23 GMT
expires: Tue, 12 Dec 2023 23:35:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9371 783 B
536 B 56ms
46ms Document
text/html 2a00:1450:4001:811::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

GSE /

Resource Hash

b1db596e8483345aee95896bb32f6a957fafcc91e080b312d5508c9ac9986a61

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BJt3CHEAVWE2ovB398ToqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-BJt3CHEAVWE2ovB398ToqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:54 GMT
expires: Tue, 13 Dec 2022 01:35:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1C24 34 KB
10 KB 7ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59172
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
DATA 200
OK truncated
/ Frame BFF6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3525ab27fbc0838cea91f8537ea3aacdd57276a3974d7273dfc817916bf2c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 track
track1.aniview.com/ Frame 3911 0
93 B 106ms
105ms Ping
text/plain 35.172.123.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=earnme.club&rs=earnme.club&sid=46118&t=1670895349&cip=185.213.155.176&sn=&tgt=0&osv=10&bv=108.0&brn=Chrome&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=4&d64=59a5a4f1c422226be410a3bbe0767e6c&d63=59a5a4f1c422226be410a3bbe0767e6c&aafaid=&proto=https&uid=1670895349005-915829858807-007682-011-003428&cha=0.7&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.67&cb=29087177909&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.172.123.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-172-123-180.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 71D1 42 B
64 B 72ms
71ms Fetch
image/gif 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTWJF7BEIQvvbBGBlRgjgETSzjgUvT_TvA_UNyPo3hTcEj0MXkuXUJfBsvoMQ_1BJbycNq_I1h5MUNbjQb575shB4&sig=Cg0ArKJSzE2NGsVWusjGEAE&id=lidar2&mcvt=1131&p=1076,298,1200,1303&mtos=1131,1131,1131,1131,1131&tos=1131,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3490001028&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670895348397&rpt=4666&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK da5a133e-fff1-4294-942b-0550436e5296
https://earnme.club/ 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://earnme.club/da5a133e-fff1-4294-942b-0550436e5296
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame D478 34 KB
11 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17c2

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17c2 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1A41 13 KB
5 KB 36ms
36ms Document
text/html 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7231
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 23:35:23 GMT
expires: Tue, 12 Dec 2023 23:35:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0901 783 B
534 B 46ms
45ms Document
text/html 2a00:1450:4001:811::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

GSE /

Resource Hash

55979ef1802ca28d2fea8958c16c44fe2c04b11508a07445912c0527a45a9aca

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EZyurVzuBzn60c7tOGEcTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-EZyurVzuBzn60c7tOGEcTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:54 GMT
expires: Tue, 13 Dec 2022 01:35:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 375F 34 KB
11 KB 9ms
9ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17c2

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17c2 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H/1.1 200
OK analytics.js Show response
s.ads.smartadserver.com/2/884833/ Frame E500 6 KB
3 KB 162ms
28ms Script
text/javascript 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ads.smartadserver.com/2/884833/analytics.js?dt=8848331610101564891000&di=https%3a%2f%2fearnme.club&ui=2051167177128181596&md=1&ap=&sr=smartadserver.com&pp=1999&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-154-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4f6a490cb6ac7685fd31b8f41f2d7d9a5ecb2d768455daa85b5938df0fffc62f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin: *
Content-Length: 2836
Expires: 0

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame E500 34 KB
11 KB 9ms
9ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17c2

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17c2 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 78CD 34 KB
11 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17c2

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17c2 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BC51
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
51ms

Document
text/html

2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com
URL: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:54 GMT
expires: Tue, 13 Dec 2022 01:35:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:54 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 7851 36 KB
16 KB 109ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame FB29
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

9ms
8ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:54 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 13 Dec 2022 01:35:54 GMT
location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 47B9 34 KB
11 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17c2

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17c2 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame D00A 34 KB
16 KB 23ms
22ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6hySndOYzXWS__Fe_uvTDI3j5kggto7jPBI6_rGR9pErFycflZbI5Rmhi8XDu_Q26_iPSMtem97q8ZB0JSq1PUwu_OYHo1IF5Q_0LNFeFg7JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes2EdVqHNfd24sOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ozE4JXCaPuJ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-QB2lcHWVxukSHu7NqUA70v0RdBuZDhu6YYXIQd1e4BpXim3rfB42YWCtU8SE1K4YVshrdQM8Njt5pcBFDwgB108KGiHuRmzpYD9jTA9wD4ksfMEX5By_Xskui0bMBUl7Gt2o9QaDvyxgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 9173 34 KB
16 KB 23ms
23ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6kB3crmDNKv4UBGNctTrpXUmOCVbLVYNxJU5JkiVqYUqoL8sPvzXLX2yRoDgrbSgFMtimstrpkHJQjdlPoMfCL5jDvSgfUrnROzIeBYU_NTJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesGUYtvN61XXQsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=vO7qQg4mkfh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-RfLdgNVu4qoPXplxquaSyMSnTRLePsZCwkmR36zPijdQxQvpuVynoRRO84aN3a-tUWeO2WfnWUxBWjWLle26hkPP--1FqfI34D9jTA9wD4ksfMEX5By_Xskui0bMBUl7FAoEqcFNfc9AO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame D4D7 34 KB
16 KB 21ms
21ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=hPzTdJMDKIg5v0ENd9o6GfZW2bmGw8clO7ZzS9YLmI1Ugl5JxTR721MM0KY5cE_zN5_ob0fZOSewJMpg2V_QxBh1LMHJJ3lk0d0u2-xKx-PJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckescO8H3y7CrUEsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=azPcNvHoVYN42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-S2YUzo2hZul2buPF5JxMQxJZjiMIjDL5JuSQgE3WHzUbtLxij1L2_lg3-Jn6gKd3sv8blS7G1yaQ9jgx4TmFbhz5sK05aOAaS487kQPD7qPMfMEX5By_Xskui0bMBUl7FvKCtKAhuvEwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 0994 34 KB
16 KB 22ms
21ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=el6TqoVMDqYb7tNGlrpsfcRcs9ioKD-xUF5UzR3KyZddEAOw4zEnZIPGMD3VRZ1RF5edEVELpTqn125GOSg9QiT3XpZPf5rk_r6OL9_eogfJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesasoVfeTdcMIsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=-HNN12Wpgbd42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-TiyfUUBa-J7ThpJC9mpUBzRLc3XDHBE8UUumzOKOyZrjfJX6OCxjnQTdNS5DnsFFjRtGvEG9tWa-6-tUwHafRpOQNq5iNkiCAD9jTA9wD4ksfMEX5By_Xskui0bMBUl7ERHjUBrsVxsAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 2650 34 KB
16 KB 23ms
22ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=52776760;rtbwp=3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0;rtbdata=dvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=NR6vD3u_96l42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOIZsskq0Op52_Lv187g21ptkhM1KAnYn6VX6KkkC2M17Ih1FcgCC3jJPPt1G4hHWK5vcMiNaLAME6wJt5VpXOvY_IAdJ_tTSlq487kQPD7qPMfMEX5By_Xskui0bMBUl7H_UuGAc_PQbAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame C52D 34 KB
16 KB 23ms
23ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=Y7sXdZWOOc-P4tg2rjcZDuV-vAoFg3rR6e5SnFOtbCUCzDYGSodiszRRtJvKKd9iQSrVwV_t9ZSyYnsiak5Wz7IlTwkxmgzbF8nJWJEd0rDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesPx0qJA48hjMsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=goNnsaK182l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T1RyGl5oNeOhLxdbyy5PSNhDUcUOV71ticeZrBkDzKA8GhcRuV4j5-T673vrAXZlSjHIebGTl9-_82Tw25g_wcNcNg2XJOgyC487kQPD7qPMfMEX5By_Xskui0bMBUl7GEW8GBzoZmDQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame A372 34 KB
16 KB 24ms
24ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=52776760;rtbwp=3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0;rtbdata=E6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Qoj6L5KxVT942u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOIUquuRB6dDAK3m21jRn1toLUhj0OruplRydjVB2b1Bbn0XgsEEHJOfilXC83Ln8ApD7Ie2G3HfFH7cXH6RtSU_nfEg0iTdYXkD9jTA9wD4ksfMEX5By_Xskui0bMBUl7Fjv4RNbzNKFQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 056F 34 KB
16 KB 24ms
23ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=el6TqoVMDqYxl0wbZ7BTsjDPbCsHC3IuGyi96-iBEXiuGCq_BnXAyVAnoZODnFtPbcnv062g4GWlmXc3im9CjgvvoiRcP8PVuzVMIBRTO13JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesqB15WDlK0ZIsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=NzdvgD9gYJF42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SXOYPggT9YK4oafCEGqmAP39D7MSfrVkeeHqXI7BZTla6tzJEWFgODgIMAiDHzoAnrGU6O_bacNgzVhbT58Z3bjvRZ0QPlrLa487kQPD7qPMfMEX5By_Xskui0bMBUl7FrKxSbT51v4QO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame A3A3 34 KB
16 KB 23ms
23ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=nedVi83WsnvuwYG4pwN7wWQfmiISvqpxHJgnhBNEdMF-bIBZuq023dO6EqB0BATo8rexdUz48iFv3-m0nIg9zbxZStwh7Ig57Z88je1ZJrHJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes_HwUFDsxAJYsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZnZyU2CeQMZ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Smz6DiN2xBdd-YgH7ky7JZlUnhqCF6xwOl--QfGPSG_OzfaDIhLmsXlBWf7lXpubTAmCQC1ruH5CSwHNsjD6RfWHGPRR9qDwq487kQPD7qPMfMEX5By_Xskui0bMBUl7GIomjd2CVv1AO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 90A4 34 KB
16 KB 24ms
23ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=USZo8a-cS5k3HSapHNWz6KzboUFQG3yp0;rtbdata=Bn6VM2oCxshsJBJGaugXNeYj2aOaBq3B6L83QIj17HYYOBhAj_cAZTRRtJvKKd9iybm0rP3h1kj2DfAOsQzDQiEQN453GDQEUaFRSbckBQvJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesTbeAlC6eDDFAgpBh3_9PptmhJaxM7bDE7nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=dwM4mnrZthYWcRYtgUbgFKBG_kd7sUIQyQbNzqOyWmxMr4hLISKiONol5kSYxyp8wBT8A18WkWQdSihwuRFs2dLzik8OS_MJdLENeERtvyAFI1e6n61PJYj7Z_ssjYeSohcY6vbxqK860R6LeeqNBqShCn1yzlSyuTNlEnA-3LJnn_WO9d-tmQj9D2es57yWsM7lnDxo7-oXOqVKttkMPA2;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 9EA9 34 KB
16 KB 24ms
24ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=A8iMOn7YAicxKiJTDezZ5f2f3J0MGoLi5odfww-H8VUNjxCDM4_Y3ecxbCA7OgRLTCm29U1ofij6vZ1rUVCusjBQC4jNBJYm2tncKUcnSd7JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesMYvWYadD4kssOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=yDsomYhG62l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R_ukBu4ag5a3bSvRg4jBp3H7xptAqVGZWPJI3fcArP757eVzc-64HRpCtgLd1wnBr6667J5fy7qX4nt2-FdKcpP4u3jTwHNpS487kQPD7qPMfMEX5By_Xskui0bMBUl7E3W_BpddaodwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 27E3
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

7ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:54 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 13 Dec 2022 01:35:54 GMT
location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 3530 34 KB
11 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17c2

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17c2 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame 113F 34 KB
11 KB 11ms
9ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17c2

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17c2 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 3455 1 KB
2 KB 22ms
19ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=59973788;rtbwp=VLPvAtWBS0AEFrZmp8rZv6zboUFQG3yp0;rtbdata=el6TqoVMDqZMvNrwuwj5L_gh-Krp2vjHtNVHQU4OBy0ISjrEtFpOfDZ9JNJrNRQTHWyHopwZA_vGeKpNH8fNV_6Q018Q_0xzIfeN7JC-XW7J04_xY4TIsqaR6UG2tCLk4xzBRbCjWP1VphNr_nErroI1dDrbif0SU4yEcxci_DWb1Jfou_okYKQckU2Fb4eYRmggcV4l69A5sq1GjnARB3zmVI9sa37EHsgSY50jif5CfsRTXA7rNEBXtIMbdIQoK6795bbid_rgluaqRTTtSEcn7z1MzRlCf7gpsbU7-dDPOHlrY1s6p8N4iOtIBxgX0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=d1Lp7PzCglF42u1ywTJ-2lrE5z_TqIuLhMXjfvPR-5DT_Xu5LeVuf7EkOMSwEW3PscLnfLql09UNU04UiohQU3Zr4kbBOP_qk6uZHsZLLLoxHA33UP0PH2mnAbalgP-j8j9zlpS2mQZuKM90GWTYi8Y_Zsa4g9hCnzYymPlhv7zTmUy7WOFjysfMEX5By_Xskui0bMBUl7Eykz4k76ChXwO8_7rsP1jj0;pui=CQ8Cld2Xq9xLwkVBlejJG2bM8sBoZ15gTaKerHfRIMPer1pltXZUmg2;

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cca9e85045b1b3960a8c9424294b88ef5a8bad4a66f01f386bce88561a837518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1247
expires: -1

GET
H2

200

pixel
cm.adform.net/ Frame 3455
Redirect Chain

https://x.bidswitch.net/sync?ssp=adform
https://x.bidswitch.net/ul_cb/sync?ssp=adform
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dadform%26bsw_param%3D214d1d33-2082-45c3-a55b-0a34460818d7...
https://x.bidswitch.net/sync?dsp_id=80&user_id=1eab6397-d6fc-4c00-b8ed-d02392677828&expires=30&ssp=adform&bsw_param=214d1d33-2082-45c3-a55b-0a34460818d7&gdpr=&gdpr_consent=
https://cm.adform.net/pixel?adform_pid=3&adform_pc=214d1d33-2082-45c3-a55b-0a34460818d7&adform_v=1

43 B
162 B

30ms
19ms

Image
image/gif

37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=3&adform_pc=214d1d33-2082-45c3-a55b-0a34460818d7&adform_v=1
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=bkjnt&e=1070536818601
Protocol: H2
Server: 37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
last-modified: Mon, 14 Nov 2022 09:52:50 GMT
server: nginx
accept-ranges: bytes
etag: "63720ff2-2b"
content-length: 43
content-type: image/gif

Redirect headers

location: //cm.adform.net/pixel?adform_pid=3&adform_pc=214d1d33-2082-45c3-a55b-0a34460818d7&adform_v=1
date: Tue, 13 Dec 2022 01:35:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.adform.net/ Frame 3455
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_sc
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEHwSCrhKgnG9N8jMseLA-UA&google_cver=1&adform_v=1

43 B
162 B

348ms
25ms

Image
image/gif

37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEHwSCrhKgnG9N8jMseLA-UA&google_cver=1&adform_v=1
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=bkjnt&e=1070536818601
Protocol: H2
Server: 37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
last-modified: Mon, 14 Nov 2022 09:52:50 GMT
server: nginx
accept-ranges: bytes
etag: "63720ff2-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEHwSCrhKgnG9N8jMseLA-UA&google_cver=1&adform_v=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame 3455
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d16%26adform_pc%3d$UID
https://cm.adform.net/pixel?adform_pid=16&adform_pc=7413222715571309918

43 B
163 B

391ms
21ms

Image
image/gif

37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=16&adform_pc=7413222715571309918
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=bkjnt&e=1070536818601
Protocol: H2
Server: 37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
last-modified: Mon, 14 Nov 2022 09:52:50 GMT
server: nginx
accept-ranges: bytes
etag: "63720ff2-2b"
content-length: 43
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:54 GMT
AN-X-Request-Uuid: 42179dac-a5a5-4114-9b02-7dc1b111c37b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.adform.net/pixel?adform_pid=16&adform_pc=7413222715571309918
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame 3455
Redirect Chain

https://match.adsby.bidtheatre.com/adformmatch?adform_id=AUID&return_url=https%3a%2f%2fcm.adform.net%2fpixel%3fadform_pid%3d18%26adform_pc%3d$UID
https://cm.adform.net/pixel?adform_pid=18&adform_pc=83dc95dd-0663-4c62-9c29-50b2e51c8f96

43 B
162 B

371ms
24ms

Image
image/gif

37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=18&adform_pc=83dc95dd-0663-4c62-9c29-50b2e51c8f96
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=bkjnt&e=1070536818601
Protocol: H2
Server: 37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
last-modified: Mon, 14 Nov 2022 09:52:50 GMT
server: nginx
accept-ranges: bytes
etag: "63720ff2-2b"
content-length: 43
content-type: image/gif

Redirect headers

Location: https://cm.adform.net/pixel?adform_pid=18&adform_pc=83dc95dd-0663-4c62-9c29-50b2e51c8f96
Date: Tue, 13 Dec 2022 01:35:54 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 3455 59 KB
25 KB 24ms
22ms Script
application/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
server: nginx
x-amz-request-id: tx0000016557d3bb3cc3fe7-00637b6788-32940f80-default
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 501E 8 KB
4 KB 21ms
21ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=el6TqoVMDqZhu6YCf0OCJ3XiGiqIotY4Mcx-asIOX4sYcfaF87gK5Bmhi8XDu_Q20YD3o_e-16P37_NXUdN2SYcjqzBAwiw0fVzRPfRjYWrJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesfB28gUDijSksOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ylQVxy0h3Id42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Qb_6smX1KGRxv1DSGA0RdMnZUVJHm7U4IN672X_Kv1WTGb5GQxU-uwRQTAIouGwYCOUdQWx7eaBE3qgsOAQNWc438McD3LeUID9jTA9wD4ksfMEX5By_Xskui0bMBUl7HUn5BwdnFtagO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=1x;6325;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f60e45bb98ff03273f6a41479c468f94a92f1f6672b094c7fc5ad0be8bc4a598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3315
expires: -1

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame FD3A 180 KB
55 KB 107ms
106ms Document
text/html 2a02:2638:1::4

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CZobVXcS32zw%2BzVVIYyoALW%2B7sq%2FGIREUIouQGDROyeQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euz2zXG016h4ss1qSQBXzdDyqbIT7YE0AiSdgf9dtdOtaIYY0ffDTUYbTvwZ50M_kGaO7IObsR6ErJmovV5dwzb1RlYMmCBblbkERSE-GgP65nu1ktF5qVW0lv7LHF3Nvf3JOzM1Gs12d7n6vQCcOZAaW0rTm21KBDc8yf8Xw7Z9Sv16ULx_mGxDaIj5KJTYVjzxcQ6udS6EB905anNWNyZAjO_hF50m614Eysef3jLXts3HoyFzcPi_Gj9vnzQvIjXi0m1F-vAL7ASXhHyPFRKMtwTPlCbnoOfq_NsBzJ_91VoiNYnBXi-3FypkGacXAPddHsUfoBYmtWUCPqnuFH1SboXwpyus_siBz0TD9bo1SjmEq-qJqAkHDHsSPaIYJghp9GA44c-KrDDk5Ro8CY1oCt6C8i_TbDInkthuoy0MAj3hN1mrETwiEurWJ3Sr1sSNIpk2B7CBILjfLuLfcFYgWwIoYRewi3MMOGyKl8RU1o6-SKhS6N-M7xZOgN-wv3S5FxDHC4iWw2fSWurgIq4Y8wN5Fcj2RC4AquA5M_adIb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

8429278595204bef62476dfe69178533b460a60c5156cb5d43c941f4c0c3d0fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:53 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dpQbxSo7rBllT981rCupaNj_KMim086H6Qe0sIF0SGt-pe6BzRR1jin0ntsE-jFSpkz6t6VRUZsqBDph8HLB7JoY0N2X4RSONNQ5UEuGj0ncxkTnV6RKw9RI24s0WDTYYJVsXlpRXKpDw9TWfwFcnf2o41f5v4o-B2DLclR_KVBzezCcTWYD7EO_QXDGc-ltiOdwR3jsc9rcZ49mitnhXiBLkEpjE0J8nbCWdTI3VHqaTijI"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 90605167
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 tpd
cat.nl.eu.criteo.com/ Frame 5969 43 B
461 B 16ms
15ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/tpd?dd=GRH3BF8xZSUyRjg3ejZOdjEyRyUyRmJxemRWZXFhTGFxVDVsWThuaWxBc0lDU0s4SWtvQzZRa3lWd3JaZlAlMkJZZ1htWE81dVBuM2o4czhScWxlMjBraW0lMkJYJTJGR05VY3pzR0hlWGNabkdrQ3Q3bzFycGRYRVJZRTR6bDMza2dUTFVZOW1jeXJiNk9QQ1J6UkxMJTJGd0xwTThEYlVoanE4MWFEWTh1MDNNQXZHUWRhQnpMaTJ5WnZLa1YlMkJYbjEybFdiR0VoOWVrVDlwTGJoQTdtWEg2NWJEWm5DN0lPN21IclRvcW11OGhOcUFOVDFpUmx2Zm9xSGNJS3BiWEZaaDF5Rm1xUlpVRVBmZlZ2aldQS3VSV29uJTJGOG0xJTJCckpvSTc5MGl3amg5emx5NExyeENKbERxdkwwNXlTTjVmNzdwR00lMkI2MkVjSEYzR2xNaHc1eGtsMlFtUmhXQTl2MHpvSE5vZklwcFJ4SUo4M1AyNE9Vd0JrOVBiTTlGN3UzWHpWa050V1lBZDZoazZIdiUyRjhVcEJsczh6RGJXckp1cmlyNjYyMkplU3ZsOFJDenJhdEJCeUgwdm53ZW9qQ2RFZjBlNGliZkw5ZUVsMWpZRm5ibDZsNkx6ZVlxMUVBYWUwR2xDNGZETjJ4V3RsUXB0d2dOQWNZa3BNWlRMa2NYRHU2R1YlMkJNc3cxWFNyJTJGS0I0

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ymlxdzvm&e=1070536818601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 247474
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H/1.1 200
OK 75d02d930b.html Show response
tm.ad-srv.net/tm/a/container/html/ Frame 016C 4 KB
2 KB 87ms
58ms Script
text/html 167.235.32.26
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAAOCjcM0_MFdxcAqnjD8W9rTDX5OVPxKoJlOa5EQSXg18asgO4Wb51pdjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAPycl4gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521tRb8dwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0D8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96588%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1969683613
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.235.32.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.26.32.235.167.clients.your-server.de
Software: nginx /
Resource Hash: df375ce42a5b2ba54ca7de52194af53687014078957b4d6f03c3165bb377af28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: text/html; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/231/ Frame 016C 80 KB
27 KB 13ms
12ms Script
application/x-javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/231/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Nov 2022 10:07:25 GMT
Server: AkamaiNetStorage
ETag: "48b9fe7fe4120aea6f95a30f505d7b35:1669802845.0694"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27455
Expires: Wed, 13 Dec 2023 01:35:54 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 016C 0
819 B 16ms
14ms Image
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QKbCvQkAhsFAAADANYABQEI-a3fnAYQktCamaWTuaISGN6a8NOG2cPwZio2Cf3Gy-Me4pE_EXq8k4a-v4c_GQAAAOCjcM0_ITBXcXAKp4w_KRb2tMNfk5U_MQAAAEDheoQ_MNuv7Qw4mFBAyk5IAlCT_PlmWLXyoAFgAGi4n8MBeMzyBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJTdWYoJ2EnLCA0NTI1MzYyLCAwKTt1ZignaScsIDQxMjYxNjksIDApO3VmKCdnJywgMTE0OTM4ODcsIDApO3VmKCdyJywgMjE1OTA3ODU5LCAwKTuSAv0DIXoyUFkwd2pGaUkwVEVKUDgtV1lZQUNDMThxQUJNQUE0QUVBQVNNcE9VTnV2N1F4WUFHQ1dCMmdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCa2U4SzhPRjZsRF9CQWE1ZHZJaHRrcFVfeVFFQUFBQUFBQUR3UDlrQlV6OXZLbEpoN2pfZ0FkbnItd0gxQVFyWG96eVlBZ0NnQWdHMUFnQUFBQUM5QWdBQUFBREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNek9qWXdNemZnQV93dmdBU2J2ZGtEaUFTY3Zka0RrQVFBbUFRQndRUUFBQUFBQUFBQUFNa0VBQQ2jHEFEWUJBRHhCEQ8oQUFBaUFXVkw2a0YZuAwteEJRARoJATx3UVY3Rks1SDRYcVVQOGtGCRYUQUE4RF9SLigACDJRVQ0b8ENEd1AtQUZ1eER3QmZfRHZRWDRCYkthbEFLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQm5zVXJrZmhlcFFfcUFZRXNnWWtDUQ1LDEFBQUUdjABHHQwASR0MVHVBWUuaApkBIXRSYjhkd2pGaUkwVEVNAdh0ZktnQVNBQUtBQXhleFN1Ui1GNmxEODZDVUZOVXpNNk5qQXpOMEQ4TDBsVFAyOHFVbUh1UDFFAXwJAQRGawkIAQEER0UBBgkBAEcdGABIHRgQSGdBaVEREPD9RHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2Vhcm5tZS5jbHViL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7bAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTc2qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDzEwMDU4I0FNUzM6NjAzN9oEAggB4AQB8AST_PlmiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFsKIC-gUECAAQAJAGAJgGALgGAMEGAAABJijwP9AGuzPaBhYKEAEPLgEAYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOL8GQADIB8zyBdIHDQkRPAE4CNoHBgknaOAHAOoHAggA8AeLvwGKCAIQAJUIAACAP5gIAQ..&s=2857f0806295f5284b66304cec3101552303a4ab

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:54 GMT
AN-X-Request-Uuid: 03277f3c-2b43-4bf0-bea6-60de5ec370b1
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 2847
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

8ms
8ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:54 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 13 Dec 2022 01:35:54 GMT
location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame A831 34 KB
11 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17c2

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17c2 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame A812 34 KB
11 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17c2

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17c2 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8FF1 261 B
122 B 53ms
50ms Document
text/html 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKaz1ZIDEIzy-JMDGNKs9tsBMAE&v=APEucNVE3nNJv76rjqha0DXNVNpM9SIz2nrkG6jqsIUHZlO1LkRyezZe6h7fB4229BOfFr5WB72R2LkPUhr_mzRV3anRqqjpQqkl3MzHaz3nKk8Vexzvk2AhXfEVnRrAZgqGc__KsQD-3xQndsmMVnauENOTVPw2wCXt_Cfn4hqzs1NfYZ_Umyo

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 102
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 271A 76 KB
27 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27387
x-xss-protection: 0
server: cafe
etag: 15442950961169408521
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 13 Dec 2022 01:35:54 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 271A 42 B
63 B 73ms
71ms Image
image/gif 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DGJEEPKtdLV7uXjHkM_KAGuwftiZDCzZ_jcI68K4UQf1volh6v2lUFHUUdqUyChMtiVKKUgLmdcwKTNWqcEnatMp_atAddxR0y8HilaFVkGKmeW9g

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 271A 0
20 B 72ms
70ms Image
image/gif 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17103072907991035289&x=8&ct=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 a8f6e309-b8d1-4450-8ca5-1b318e1418d9
beacon-ams3.rubiconproject.com/beacon/d/ Frame 271A 43 B
378 B 623ms
17ms Image
image/avif 2602:803:c003:200::57

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/a8f6e309-b8d1-4450-8ca5-1b318e1418d9?oo=0&accountId=17210&siteId=397268&zoneId=2229032&sizeId=15&e=6A1E40E384DA563BCA141B0A21433D632060E825365F6B2EB0C068C7FE4C328DB46927D65B4BF227D8374C90CD6C9F696256DD5F63730948BCC9C943E5FF4362B4F57A58766542B0E6088CF4473F8EC7555F77216059BEB6CB2264786AC6022CF8989C3FD20EF2F23824CF4ABEBF08D203C128FA979B4F85AFDE8EC38C1800E24E6FC96756E5E5711124788482B64A287E363EECF5D7CBB62FDB7ABB433BF23E4D8014DE03ED12351FB70AF7A281D5F593CF2B191D0C6741535FAF19C84C12DE

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

2602:803:c003:200::57 Amsterdam, Netherlands, ASN (),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:54 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame E68E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

281 B
554 B

11ms
10ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:54 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 13 Dec 2022 01:35:54 GMT
location: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server: AkamaiGHost

GET
H/1.1 200
OK sas-banner-1.2.js Show response
ced-ns.sascdn.com/diff/templates/ts/dist/banner/ Frame FC44 34 KB
11 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:3500:12::1730:17c2

General

Check archive.org

Show headers Download Go to

Full URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17c2 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 31 Oct 2022 16:21:13 GMT
Server: AkamaiNetStorage
ETag: "afb0eac064acbd41c02e9f17211f77e2:1667237131.208587"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11137

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 08BB 656 B
671 B 598ms
29ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_456442967049&jsTagObjCallback=__tagObject_callback_456442967049&num=6&ctx=13361095&cmp=28876501&plc=351842702&sid=884521&advid=&adsrv=&unit=300x250&isdvvid=&uid=456442967049&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&brid=3&brver=108&bridua=3&dup=null&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=2&m1=13&noc=4&fcifrms=59&brh=2&fwc=0&fcl=762&flt=13&fec=689&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTau62C%3F%3E6%5D4%3DF3Tau%3F%40C5%5C%3F%60%5C7C%40%3E%5C%40%3F6A%3DFDTauU2%3F4r92%3A%3Fl9EEADTbpTauTau62C%3F%3E6%5D4%3DF3Tar9EEADTbpTauTau62C%3F%3E6%5D4%3DF3Tar9EEADTbpTauTau62C%3F%3E6%5D4%3DF3&dvp_exetime=13.10&callbackName=__verify_callback_456442967049
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: ba485d29492141822454db9db19b51b2b173630ceb8626e0c0bf396d550c4636

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:55 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 12/12/2022 01:35:55

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 7DA7 8 KB
4 KB 24ms
22ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=pIjprdQVl3zmDdyNw3cSGVE9X2KlB0r2sGmOhVE9WTXtSsdvslkUhBmhi8XDu_Q2v4-xzsvQ6hkCHauhkDM2VaeOlRnmmlEp7rd2-UIinG_JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesekeP2M9dIFcsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=R4iX0eHrCix42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SVcsUw786y-LUGyr7jp1eKPfy0h_IB6gZ1KpI_22cKeyO4RsFn-ucpMMxhFn7iFYh6fNzOvM7seG3m-HTxGA4Vmg7Klcu1N_wD9jTA9wD4ksfMEX5By_Xskui0bMBUl7FkbBjxSa4glQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=2x;4066;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

02e19c55b63a4b4ecce58d3a8cf2e222953674ce0458e4bb0d578e3153ca1973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3301
expires: -1

GET
H/1.1

200
OK

request.php Show response
ad.ad-srv.net/ Frame E01C
Redirect Chain

https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2...
https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2...

5 KB
2 KB

86ms
61ms

Document
text/html

144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsuqdsfso%26e%3D1011989061034&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAACCuR9E_MFdxcAqnjD8W9rTDX5OVP75-96a2J9QqXg18asgO4Wb41pdjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA0iaD9wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaJeAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyOUD8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTI5%2Fbn%3D97054%2Fclickenc%3D&uidRedirect=1
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAACCuR9E_MFdxcAqnjD8W9rTDX5OVP75-96a2J9QqXg18asgO4Wb41pdjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA0iaD9wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaJeAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyOUD8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTI5%2Fbn%3D97054%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1887888668
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e850199e8ff047212c59143b03b595f721521b892fc045f3dec8a86665be6e48

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1797
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Dec 2022 01:35:55 GMT
Expires: Tue, 13 Dec 2022 01:35:55 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 44605000004385401467939012172018

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:55 GMT
Expires: Tue, 13 Dec 2022 01:35:55 +0100
Location: request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsuqdsfso%26e%3D1011989061034&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAACCuR9E_MFdxcAqnjD8W9rTDX5OVP75-96a2J9QqXg18asgO4Wb41pdjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA0iaD9wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaJeAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyOUD8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTI5%2Fbn%3D97054%2Fclickenc%3D&uidRedirect=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C8E4 52 KB
17 KB 65ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=suqdsfso&e=1011989061034
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6684
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:55 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12607
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895355.179018,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 66E6 0
819 B 14ms
14ms Script
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QKyDPQkAjIGAAADANYABQEI-K3fnAYQvv3dt-r2ieoqGN6a8NOG2cPwZio2Cf3Gy-Me4pE_EXq8k4a-v4c_GQAAACCuR9E_ITBXcXAKp4w_KRb2tMNfk5U_MQAAAEDheoQ_MNev7Qw4mFBAyk5IAlCT_PlmWLXyoAFgAGic3MQBeJ72BYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJTdWYoJ2EnLCA0NTI1MzYyLCAwKTt1ZignaScsIDQxMjYxNjksIDApO3VmKCdnJywgMTE0OTM4ODcsIDApO3VmKCdyJywgMjE1OTA3ODU5LCAwKTuSAv0DIUttUWNCZ2pGaUkwVEVKUDgtV1lZQUNDMThxQUJNQUE0QUVBQVNNcE9VTmV2N1F4WUFHQ1dCMmdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCa2U4SzhPRjZsRF9CQWE1ZHZJaHRrcFVfeVFFQUFBQUFBQUR3UDlrQlV6OXZLbEpoN2pfZ0FkbnItd0gxQVFyWG96eVlBZ0NnQWdHMUFnQUFBQUM5QWdBQUFBREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0dBQXdHWUF3RzZBd2xCVFZNek9qWXhNam5nQV93dmdBU2J2ZGtEaUFTY3Zka0RrQVFBbUFRQndRUUFBQUFBQUFBQUFNa0VBQQ2jHEFEWUJBRHhCEQ8oQUFBaUFYeEw2a0YZuAwteEJRARoJATx3UVY3Rks1SDRYcVVQOGtGCRYUQUE4RF9SLigACDJRVQ0b8ENEd1AtQUZ1eER3QmZfRHZRWDRCYkthbEFLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQm5zVXJrZmhlcFFfcUFZRXNnWWtDUQ1LDEFBQUUdjABHHQwASR0MVHVBWUuaApkBIXR4YUplQWpGaUkwVEVNAdh0ZktnQVNBQUtBQXhleFN1Ui1GNmxEODZDVUZOVXpNNk5qRXlPVUQ4TDBsVFAyOHFVbUh1UDFFAXwJAQRGawkIAQEER0UBBgkBAEcdGABIHRgQSGdBaVEREPBARHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2Vhcm5tZS5jbHViL_ICEQoGQURWX0lEEgc0NTI1MzYy8gISCgZDUEcBFAwIMTE0ZQEY8gIKCgVDUAEUOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAADwkgQENPREUSAzYxNfICFgoIQ1BHCRJECmZkMjA4Y2I3MzPyAgsKB0NQCRgcAPICEAoFSU8BZggHNDFljxjyAg4KB0lPCSEJSzgTCg9DVVNUT01fTU9ERUwBLhQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcDQoIU1BMSVQBTfDtATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO2wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE4NS4yMTMuMTU1LjE3NqgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA8xMDA1OCNBTVMzOjYxMjnaBAIIAeAEAfAEk_z5ZogFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbCiAvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aa7M9oGFgoQAAAAAAU3DQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOL8GQADIB572BdIHDQkNNwU4CNoHBgknaOAHAOoHAggA8AeLvwGKCAIQAJUIAACAP5gIAQ..&s=ae7052683fdda90ea6f10159fed8fee7c0fabca4&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsuqdsfso%26e%3D1011989061034,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsuqdsfso%26e%3D1011989061034&

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=suqdsfso&e=1011989061034

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:54 GMT
AN-X-Request-Uuid: fdbbbc1c-362c-4cad-9d1b-7839fbbe87d5
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame A30D 8 KB
4 KB 23ms
22ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=nedVi83Wsns5y_gHEO1oOq2iFWU34Wb0FFyZcKivfaWB9bPyIGiXx5EOAGbjPBIsM8PBq0CnifYq7vt4QMBDCjmRFfAV0C7HLuBRMnyq9gjJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesau_9YhHhNXcsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=7r-M8NIg3DJ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R8u3pKImRyrNrSwHb7qBseiWKRw4Z--Wz7ZsWXqITBbWdghNpsPngDQCn2rUiYgvpaYnqm_YHRyarYFuYefveqnS4j0MvbFrsD9jTA9wD4ksfMEX5By_Xskui0bMBUl7HZ5-dnmF1x8gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=3x;3854;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

399183ee75af1ea0eaa8300c67cfddc21ddbdf7ef78613002f14ad3c788bc150

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3305
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 5226 7 KB
4 KB 24ms
22ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=52776760;rtbwp=3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0;rtbdata=MU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=PH8G59wFgDN42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOLhkwluhosDW-sa8r9BNc91SWT-osaCa81NXGjqFeI9q1nBVAfOGIcw-7m_R-v-Hf1WtMcTT1wXfuIDuAq15YdMCjIRl_x6BFED9jTA9wD4ksfMEX5By_Xskui0bMBUl7HtZSuXXq4oFQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=4x;9075;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6a7e3c0d86bfb8637676908385291d0d0186912ff3dc524f9f01f8c9f4843d44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3320
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 137E 7 KB
4 KB 20ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=52776760;rtbwp=3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0;rtbdata=dvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=elQDvTaP-AJ42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOLNEl5eNwM_qxc1BeWi0xHh6reDgpWa5OhQZYntkz8hwjz5TzQ1MQEpCYeQl0TGzfaAyvSK0jPBpd7H0I2JLBFbVmmXAuRovJwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7E6lhanwaplcwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=5x;287;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0fa60e612d125a6275f8d95f57d6981b3aca99dcec15a5a7f96617f270cb610c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3319
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 99E5 8 KB
4 KB 28ms
28ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=ttNmYRvTsQunmS9emcxVN389yDirH5ObxDPw0vN6APreduWji-OQ-FAnoZODnFtPMwMF4_14hWwQsMNaN-onzKNBAZmtQXAYCD6t9pjcdoDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesN2kt0MFgTmosOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=1eVq6w26WOt42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SsN0tmH01sEYB613wE_-Y-sAmyZS3LqHAbdyRaGIQzblH01y219wsKseyBH4HYZS_mgO4blMDzigVgcKltZ74kUCGMpxWpEuwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7E0at5TinmFoAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=6x;9241;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f9c71569e3fa8264df6d385249718329b1bb103e8e22d8a0d91dd350d8868970

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3294
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 17AE 8 KB
4 KB 26ms
26ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=pIjprdQVl3ySv3BQcZTyESFpyzIuExD9-IDL9rSQP86zgixjPE8clp7RJsIFLDe-QYDD5jX1V7eRz_nKojNWsGzyMunvTlGSwpE1mocy1wDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesXTw643e2q1EsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Ltz3FkLvzLh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-S0RQRDqt_Eq7UUDdWkpBFDbtTSpoMPBEgaEb7ErZtSV1SuCS7WvxI55oQQjqC0lfp04fv_0Q-eVAQ4X8xU_Pst72Ljv0LdVPwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7GvPRwYsYeIGAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=7x;9372;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c1dbab658e4bc742cd35850ae59b7cdcaf7d46d5b9000c8f86cac14df44350f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3307
expires: -1

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 0987 88 KB
29 KB 17ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:35:54 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 2674 8 KB
4 KB 25ms
22ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=TJ4qHFkmLj2xjbj_DSPSdv8uxOp4VadipWElZEXNR7CdflIx-j2gb9O6EqB0BAToBRxu1Oeyvg54EdaJDVWTOG9WF_Ms9DQUf2ZiUkc-_kbJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckess0drL8uHixwsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=9YFKyQKqGg142u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Tcjp1sSc42N6eThQihijlLiIXmNNq0KJDWPl13EhPjIUDZcRt17VZZ2khpvyYMYQaeCsfwlZDVLkujONcrnBbL7torgEaogysD9jTA9wD4ksfMEX5By_Xskui0bMBUl7ElVsqJlgaQcwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=8x;7650;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

73d3d9d16fbe6bfdf943bede546789f7cf147f97dd7d158ab47b8b85bde5b056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3308
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 9E94 8 KB
4 KB 24ms
24ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6kB3crmDNKsA1erjN7kBQz-9bdwi6BnBrBdr4bZSs1vPg-k-3Jylr01REz67sdhw2B0rW3xYz1ou2lf76kIC3K3AWcvoosZedRDZMebUfw3JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckess0drL8uHixwsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=o4EgYW9ieAx42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T4BpsGlAektJIkg-SUbE-OGMdrOqyImI8rt4YmCK4s2yPVhEL-LO5gL2ObMjJ1XrrY-QE_NL3A1opHUONa_ylky3yCGs4fa_ED9jTA9wD4ksfMEX5By_Xskui0bMBUl7Egn83A8QeQtAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=9x;9197;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

514a909a7d2b587116059dc6a5d3d0f4feec01db0e9ea4a1a80ad7cca60145cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3294
expires: -1

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FB29 34 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59172
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 6D88 531 B
881 B 112ms
7ms Document
text/html 2a02:26f0:3500:12::1730:17ba

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%228d804ce4-3758-4a91-8524-a131f44c5364%22%2c%22adomain%22%3a%22firmen.tv%22%2c%22page%22%3a%221639337%22%2c%22format%22%3a%2271867%22%2c%22crid%22%3a%2257892097%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222791953%22%2c%22adid%22%3a%2257892097%22%2c%22hash%22%3a%22-364700674608024840%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:55 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Wed, 14 Dec 2022 01:35:55 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame E46C 1 KB
1 KB 22ms
22ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=57892097;rtbwp=em2hP2KdrNeVFKJt-SXORM1zN0I1FqtF6Un-3A;rtbdata=w0gPlZmJKclf-oZP3yqTXtQnEJBpSwWI6S9GNls4EwOTNpx5Gr9VOxvIjdl7RKVdepWnkqbwvCvWzEt_cZvUKzsxOjnXeJux9CPSSKjEKpvJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRo_amOpC4z-tGdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrfiU0ly5wEI78N4iOtIBxgX0

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

62218b396f5c31b199fcc4c3922f8f7eb293e208691d7c8f8dfd0adae52d433d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 999
expires: -1

GET
H/1.1 200
OK aip
itx5.smartadserver.com/h/ Frame E46C 43 B
270 B 470ms
27ms Image
image/gif 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx5.smartadserver.com/h/aip?uii=321798448105451463&tmstp=4449179765&ckid=4885343051249778637&systgt=%24qc%3d1311347762%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24wpc%3d5443%3b%24wpc%3d1273%3b%24wpc%3d12210%3b%24wpc%3d6425%3b%24wpc%3d8630%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d7826%3b%24wpc%3d12265%3b%24wpc%3d12213%3b%24wpc%3d11709%3b%24wpc%3d6222%3b%24wpc%3d11737%3b%24wpc%3d11741%3b%24wpc%3d11748%3b%24wpc%3d12176%3b%24wpc%3d11694%3b%24wpc%3d11690%3b%24wpc%3d12196%3b%24wpc%3d12215%3b%24wpc%3d11700%3b%24wpc%3d11710%3b%24wpc%3d5753%3b%24wpc%3d5917%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5830%3b%24wpc%3d5832%3b%24wpc%3d5833%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5807%3b%24wpc%3d5809%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5920%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5137%3b%24wpc%3d5144%3b%24wpc%3d5145%3b%24wpc%3d7540%3b%24wpc%3d135%3b%24wpc%3d163%3b%24wpc%3d1904%3b%24wpc%3d1906%3b%24wpc%3d5180&acd=1670895352289&envtype=0&opid=a7a9da3a-e6b0-4d63-ad72-64e1933eadfa&opdt=1670895352289&siteid=525642&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=18&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fearnme.club%2f&cappid=4885343051249778637&capp=0&mcrdbt=0&insid=8358291&imgid=0&pgid=1639337&fmtid=71867&isLazy=0&rtb=1&rtbnid=1743&rtbbid=4499714719041530404&rtbh=16723e7d62b34dba2a179af407f0e4ebbdca3eeb&rtblt=638064921522923207&rtbet=0&rtbptnid=22&cftgid=c7388f40f624
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 1C24 0
239 B 441ms
7ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver&khaos=LBLJY5AH-20-1P9G
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 69D1 34 KB
16 KB 23ms
21ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=nedVi83WsnvrGTbicvU4oaYPmAsr313ySWYaKhB4SylRkGsSQ0eu8U1REz67sdhwk_NyztNUtlOOiS_yYpnDhiYOaG4vBPm6DF2OhZGJg0DJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckeseCfl9291i0MsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=X8t-36h9nYR42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-QqHFCVDKYQGwdS1gx69IWBPnaSym6moQzLK1bfyl92rNIMheK2qV1G8ZXE8_p-CgxcqC6ZP3_v8UgO4kbKKRHjiVaigPj8CtC487kQPD7qPMfMEX5By_Xskui0bMBUl7GT4sDDTmQgWQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 4439 34 KB
16 KB 23ms
23ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6kB3crmDNKsWM8u-B9O9gTvyK1tL95FjWESo1RIi1k1UV91viSPRx1AnoZODnFtPmQka40KdyHm1YZZo3kUXGXLmq2F7k582Bw8SFJsAcSHJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes9B64T1zb0aAsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=u0V96RrWX6h42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SmLsoGx7NKPFojyZHjkG7c8tjiCYe453KNRb8TcQu-OG6ZerffyPdz3MpirWevacmVKBsZMbsSOnpPbsBybqHO7pcn6Y5yVtS487kQPD7qPMfMEX5By_Xskui0bMBUl7GPSLnBsB6GAQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame E89B 34 KB
16 KB 24ms
22ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=pIjprdQVl3zDnit8BXfkBXYFMvGzwv68tn77L2WYW9wZKuSWxLVPfZEOAGbjPBIsxULr_X-qKlkJZAsOfr-2Bj__zz8Adx5q1qHOUHFUD2TJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckestweyTTgh3e8sOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Dmeys1PED1l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-RIOqTe9eBjKWHdsY6M5eKU_h8Dz-v8sHEJj7v1c9EkUxVlpk7jyXHcPGLpIY9-897TiTRhr_v3p2RvwN4xUKSL5ufGupi-kGC487kQPD7qPMfMEX5By_Xskui0bMBUl7EHSfKiolvV7AO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame A886 34 KB
16 KB 24ms
23ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=R0qCEcXgZSFFrKo8oEky-e-cIFDb3Zlwn4hQAqJ1GQaPEWqxVMPxa5EOAGbjPBIsN2bTBkk7hALfxo9hzdclO-ad-MTVp0wbEjHbWULcdyLJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckestweyTTgh3e8sOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=PIEuGyvXXXh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R748V44QkG42at0E0NF5uYd_mQ5ZOjeBjJe-BeaBGXU7Cz3WbHU3lGTmN4lJGFn7vL-NmpDJUJzoaBwP4h80iECQvqLRQMmiO487kQPD7qPMfMEX5By_Xskui0bMBUl7ELsPf8meMzvwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 3F00 34 KB
16 KB 28ms
28ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=Bn6VM2oCxsh3PPOV55lLABHLO7eOUZZCdGVG0m3hGQtWJobxScKznTZ9JNJrNRQT0Tg6Oi8JbQmNNUYEthR8m9Kn_0N8GggcRCl4QzTGvk3JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes-oud5M6wThksOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=qSa5lKNbOYR42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T-U_4_PkKvOAEn0u8UCDXJcaV2rIZ-uYMHSIOSGTPhw-_4r12wTmMaTvNa4PdpnBAhk3WoatXs9tf_t1_4lF9gBIAz7fY1yPq487kQPD7qPMfMEX5By_Xskui0bMBUl7FFlxhuOX0aOAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame BFE3 34 KB
16 KB 25ms
23ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6kB3crmDNKuGLn04XPWPSErVV_ckqU9qLXJo5HLbTjX3VHuUvcUEydO6EqB0BATowXdz7qlQPQl2MzsghNnt236CkpKrt8FNcc6ug0h1ahjJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckeseWavUdsDT2MsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=C2p2hd2b5HV42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-TVgJBnfLkelLdyFlH6jrbbuNkQ1OEvk30OKK-aMiMtio8D7f9ddppjZUl_FOyH8hGPxu22c7tBtoypF-O_Ox7iCFZ7L1zmW1y487kQPD7qPMfMEX5By_Xskui0bMBUl7FkqXhNhponOQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C416 0
127 B 17ms
17ms Ping
text/plain 2a02:2638::21

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:54 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0C00
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

56ms
56ms

Image
text/html

2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: 1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com
URL: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Redirect headers

date: Tue, 13 Dec 2022 01:35:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 4495
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

50ms
50ms

Image
text/html

2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: 584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com
URL: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Redirect headers

date: Tue, 13 Dec 2022 01:35:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 4895941329911483521
tpc.googlesyndication.com/simgad/ Frame 0C00 17 KB
17 KB 37ms
36ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4895941329911483521?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmSrI4wR5hxhS8HUUhCQsF4S7kL9w

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

626ffdcc2575c9677dffeca4f410575e8ec91a71aab472d0bf9fef208099ff6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 00:23:01 GMT
x-content-type-options: nosniff
age: 263573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17639
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 10:23:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Dec 2023 00:23:01 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0C00 2 KB
2 KB 39ms
38ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 57361
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 13 Dec 2022 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0C00 295 B
330 B 43ms
42ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:55:19 GMT
x-content-type-options: nosniff
server: cafe
age: 49235
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 13 Dec 2022 11:55:19 GMT

GET
H3 200 4895941329911483521
tpc.googlesyndication.com/simgad/ Frame 4495 17 KB
17 KB 41ms
37ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4895941329911483521?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmSrI4wR5hxhS8HUUhCQsF4S7kL9w

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

626ffdcc2575c9677dffeca4f410575e8ec91a71aab472d0bf9fef208099ff6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 00:23:01 GMT
x-content-type-options: nosniff
age: 263573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17639
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 10:23:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Dec 2023 00:23:01 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4495 2 KB
2 KB 46ms
43ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 57361
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 13 Dec 2022 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4495 295 B
330 B 49ms
46ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:55:19 GMT
x-content-type-options: nosniff
server: cafe
age: 49235
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 13 Dec 2022 11:55:19 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 27E3 34 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59172
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2847 34 KB
10 KB 7ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59172
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame FD3A 2 KB
1 KB 19ms
16ms Image
image/svg+xml 2a02:2638::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CZobVXcS32zw%2BzVVIYyoALW%2B7sq%2FGIREUIouQGDROyeQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euz2zXG016h4ss1qSQBXzdDyqbIT7YE0AiSdgf9dtdOtaIYY0ffDTUYbTvwZ50M_kGaO7IObsR6ErJmovV5dwzb1RlYMmCBblbkERSE-GgP65nu1ktF5qVW0lv7LHF3Nvf3JOzM1Gs12d7n6vQCcOZAaW0rTm21KBDc8yf8Xw7Z9Sv16ULx_mGxDaIj5KJTYVjzxcQ6udS6EB905anNWNyZAjO_hF50m614Eysef3jLXts3HoyFzcPi_Gj9vnzQvIjXi0m1F-vAL7ASXhHyPFRKMtwTPlCbnoOfq_NsBzJ_91VoiNYnBXi-3FypkGacXAPddHsUfoBYmtWUCPqnuFH1SboXwpyus_siBz0TD9bo1SjmEq-qJqAkHDHsSPaIYJghp9GA44c-KrDDk5Ro8CY1oCt6C8i_TbDInkthuoy0MAj3hN1mrETwiEurWJ3Sr1sSNIpk2B7CBILjfLuLfcFYgWwIoYRewi3MMOGyKl8RU1o6-SKhS6N-M7xZOgN-wv3S5FxDHC4iWw2fSWurgIq4Y8wN5Fcj2RC4AquA5M_adIb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Dec 2023 01:35:54 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame FD3A 2 KB
1 KB 19ms
17ms Image
image/svg+xml 2a02:2638::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Dec 2023 01:35:54 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame FD3A 308 B
636 B 16ms
15ms Image
image/svg+xml 2a02:2638::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 08 Dec 2023 01:35:55 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame FD3A 293 B
621 B 16ms
14ms Image
image/svg+xml 2a02:2638::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 08 Dec 2023 01:35:55 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame FD3A 43 B
347 B 20ms
19ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=0z5lJw6tOHIJikPWZX_ERICy1Pdjd19Nkh209okU2Nrn0eTK9Gnb4U7FgOiNnszynTh8VkNetETEIXXeY48QopRW7hrzHBOTxAgBXHDUwICvMZYXNlP12tlO_UGV8qZ-lTTVm5SHNSD1HzlM-uuR25tqPCUqucNHZCQNOI07UgVPkg5jVI2m5ne0ol76fI1m2e0c9c1w-yKuX7Wmqf-OgAlxqSJieUNprPPzgn23gxxnZdGT2p0Z0G1oaKdwr4QeugfM4bc6Dkn6zyXybR9LdbuZtcFKxjScdR8yvz693LLF6UXk99ebkvcqwjcsnu6vj_U3FGnQbNA_T6TMFlybHFULjMBY1JXri7dBwxE74jk-lLQEKRmALyxli0HEyKkFLLbWPGVuyykWl8g-jJu_EyDd4rq97ATUvuAV6PnDi1xdYaQK31x5PJgt1hED_OTK9V0MbjQGivaFEVFA95F8N1tVI0Y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4066463
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame FD3A 44 B
750 B 114ms
113ms Image
image/gif 2600:9000:21f3:d000:1e:a43d:b640:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1670895353
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CZobVXcS32zw%2BzVVIYyoALW%2B7sq%2FGIREUIouQGDROyeQ%3D%7C&c1=JrbohDAzizBCiLKN5O6jHcUN1kWOtPKonljGLpdUOSKK0F5fnLvhuOQxbrkqIR8sLNsWjAKaXMvmIr5gL3euz2zXG016h4ss1qSQBXzdDyqbIT7YE0AiSdgf9dtdOtaIYY0ffDTUYbTvwZ50M_kGaO7IObsR6ErJmovV5dwzb1RlYMmCBblbkERSE-GgP65nu1ktF5qVW0lv7LHF3Nvf3JOzM1Gs12d7n6vQCcOZAaW0rTm21KBDc8yf8Xw7Z9Sv16ULx_mGxDaIj5KJTYVjzxcQ6udS6EB905anNWNyZAjO_hF50m614Eysef3jLXts3HoyFzcPi_Gj9vnzQvIjXi0m1F-vAL7ASXhHyPFRKMtwTPlCbnoOfq_NsBzJ_91VoiNYnBXi-3FypkGacXAPddHsUfoBYmtWUCPqnuFH1SboXwpyus_siBz0TD9bo1SjmEq-qJqAkHDHsSPaIYJghp9GA44c-KrDDk5Ro8CY1oCt6C8i_TbDInkthuoy0MAj3hN1mrETwiEurWJ3Sr1sSNIpk2B7CBILjfLuLfcFYgWwIoYRewi3MMOGyKl8RU1o6-SKhS6N-M7xZOgN-wv3S5FxDHC4iWw2fSWurgIq4Y8wN5Fcj2RC4AquA5M_adIb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:d000:1e:a43d:b640:93a1 , United States, ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
via: 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: VlxD9EkQt4kXsidQS1jGEnd1JkLUHE-2abGeD1_Rrh-iveCWD9oysg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E68E 34 KB
10 KB 14ms
13ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59172
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame 8FF1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEIEUJQoyEt8d2wxvGa7rZbs&google_cver=1

0
525 B

77ms
20ms

Image
text/plain

184.24.4.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEIEUJQoyEt8d2wxvGa7rZbs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKaz1ZIDEIzy-JMDGNKs9tsBMAE&v=APEucNVE3nNJv76rjqha0DXNVNpM9SIz2nrkG6jqsIUHZlO1LkRyezZe6h7fB4229BOfFr5WB72R2LkPUhr_mzRV3anRqqjpQqkl3MzHaz3nKk8Vexzvk2AhXfEVnRrAZgqGc__KsQD-3xQndsmMVnauENOTVPw2wCXt_Cfn4hqzs1NfYZ_Umyo

Protocol

HTTP/1.1

Server

184.24.4.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-24-4-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:55 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Mon, 12 Dec 2022 01:35:55 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEIEUJQoyEt8d2wxvGa7rZbs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame 8FF1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEHwSCrhKgnG9N8jMseLA-UA&google_cver=1&adform_v=1

43 B
162 B

19ms
18ms

Image
image/gif

37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEHwSCrhKgnG9N8jMseLA-UA&google_cver=1&adform_v=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKaz1ZIDEIzy-JMDGNKs9tsBMAE&v=APEucNVE3nNJv76rjqha0DXNVNpM9SIz2nrkG6jqsIUHZlO1LkRyezZe6h7fB4229BOfFr5WB72R2LkPUhr_mzRV3anRqqjpQqkl3MzHaz3nKk8Vexzvk2AhXfEVnRrAZgqGc__KsQD-3xQndsmMVnauENOTVPw2wCXt_Cfn4hqzs1NfYZ_Umyo
Protocol: H2
Server: 37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
last-modified: Mon, 14 Nov 2022 09:52:50 GMT
server: nginx
accept-ranges: bytes
etag: "63720ff2-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEHwSCrhKgnG9N8jMseLA-UA&google_cver=1&adform_v=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A38A 0
0 69ms
69ms Image
text/html 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=4478114197515087&rc=
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 9173 8 KB
4 KB 27ms
26ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6kB3crmDNKv4UBGNctTrpXUmOCVbLVYNxJU5JkiVqYUqoL8sPvzXLX2yRoDgrbSgFMtimstrpkHJQjdlPoMfCL5jDvSgfUrnROzIeBYU_NTJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesGUYtvN61XXQsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=vO7qQg4mkfh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-RfLdgNVu4qoPXplxquaSyMSnTRLePsZCwkmR36zPijdQxQvpuVynoRRO84aN3a-tUWeO2WfnWUxBWjWLle26hkPP--1FqfI34D9jTA9wD4ksfMEX5By_Xskui0bMBUl7FAoEqcFNfc9AO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=10x;1625;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

af74a479b4c2738eea3e9a1956f8370ae4687e145a81287cb1bbd0c35b93d0f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3302
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame D00A 8 KB
4 KB 24ms
21ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6hySndOYzXWS__Fe_uvTDI3j5kggto7jPBI6_rGR9pErFycflZbI5Rmhi8XDu_Q26_iPSMtem97q8ZB0JSq1PUwu_OYHo1IF5Q_0LNFeFg7JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes2EdVqHNfd24sOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ozE4JXCaPuJ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-QB2lcHWVxukSHu7NqUA70v0RdBuZDhu6YYXIQd1e4BpXim3rfB42YWCtU8SE1K4YVshrdQM8Njt5pcBFDwgB108KGiHuRmzpYD9jTA9wD4ksfMEX5By_Xskui0bMBUl7Gt2o9QaDvyxgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=11x;9684;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

14bf033ddf7a5de2b94669fc787bb75e46e0a363062b1fa116fa396fe0beebe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3304
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame D4D7 8 KB
4 KB 22ms
21ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=hPzTdJMDKIg5v0ENd9o6GfZW2bmGw8clO7ZzS9YLmI1Ugl5JxTR721MM0KY5cE_zN5_ob0fZOSewJMpg2V_QxBh1LMHJJ3lk0d0u2-xKx-PJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckescO8H3y7CrUEsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=azPcNvHoVYN42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-S2YUzo2hZul2buPF5JxMQxJZjiMIjDL5JuSQgE3WHzUbtLxij1L2_lg3-Jn6gKd3sv8blS7G1yaQ9jgx4TmFbhz5sK05aOAaS487kQPD7qPMfMEX5By_Xskui0bMBUl7FvKCtKAhuvEwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=12x;2311;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7c589ed2f3f93b46a3aa942a666b81c5cb291ab4bc793cc960fca1269861a3e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3306
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 0994 8 KB
4 KB 21ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=el6TqoVMDqYb7tNGlrpsfcRcs9ioKD-xUF5UzR3KyZddEAOw4zEnZIPGMD3VRZ1RF5edEVELpTqn125GOSg9QiT3XpZPf5rk_r6OL9_eogfJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesasoVfeTdcMIsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=-HNN12Wpgbd42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-TiyfUUBa-J7ThpJC9mpUBzRLc3XDHBE8UUumzOKOyZrjfJX6OCxjnQTdNS5DnsFFjRtGvEG9tWa-6-tUwHafRpOQNq5iNkiCAD9jTA9wD4ksfMEX5By_Xskui0bMBUl7ERHjUBrsVxsAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=13x;5286;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e20df1d628532bf9ce8fc5c14396dae31d0e8433179e8fae41627447ff5c40eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3292
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 2650 7 KB
4 KB 22ms
21ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=52776760;rtbwp=3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0;rtbdata=dvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=NR6vD3u_96l42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOIZsskq0Op52_Lv187g21ptkhM1KAnYn6VX6KkkC2M17Ih1FcgCC3jJPPt1G4hHWK5vcMiNaLAME6wJt5VpXOvY_IAdJ_tTSlq487kQPD7qPMfMEX5By_Xskui0bMBUl7H_UuGAc_PQbAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=14x;9758;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2ebdb46c1a1c3e2a902c237497df6cde96ff73bda3edcea13b566d79aad12cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3316
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame C52D 8 KB
4 KB 23ms
23ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=Y7sXdZWOOc-P4tg2rjcZDuV-vAoFg3rR6e5SnFOtbCUCzDYGSodiszRRtJvKKd9iQSrVwV_t9ZSyYnsiak5Wz7IlTwkxmgzbF8nJWJEd0rDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesPx0qJA48hjMsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=goNnsaK182l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T1RyGl5oNeOhLxdbyy5PSNhDUcUOV71ticeZrBkDzKA8GhcRuV4j5-T673vrAXZlSjHIebGTl9-_82Tw25g_wcNcNg2XJOgyC487kQPD7qPMfMEX5By_Xskui0bMBUl7GEW8GBzoZmDQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=15x;3438;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

a2f2a01d5b79812f5faee18c067756d29268e204b067e1842d704d3adbcb1e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3302
expires: -1

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 881D 42 B
64 B 75ms
74ms Image
image/gif 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv4TBEHwM9T2vlFngJvcjnQaXAVGUOVdPnrJYQ-WC0BW7hKnqFv0ncLHz0i6CeywZJWLiVyuGZ4yRcELutyb6yjz1rIzr6q0_YfDHsPlSXHKQaZkjtYDGOCrUbMtmXb-Rxt0_vQaCdGxQI5e8i9YzTD4m4fAkNvX1OosJJZpBDmzM5gV0aXGgh8EvCHIawJN0KGBbx-GRCRUSpB0hudiwU-FzyjefreNF3Kug31lZnF_4-wSzA0LDrJw858ogbZurs7WzlIASsd3r8n-3y0KzLHKNJijl6ZCR6d__E-8tLvkutZSdpRJ_efoBQHzpGLk4F2vZ_WfdEcfazYIO-Ct42oJQSsJoeaqLkdSuWAneReuUM1g9XTaCPZwUSPxDA0GDOOXJBYnRWsp-f7WYVsG7T0d2DBYkQTZjKkTVVnekN2-qNR7MBEr0dyMhU6kue4uDEoW0KQDksLv5VpvlWmEKk3cJS6KL9c5ulTh92AEqlMR5Qk5v8MFaNMPt3mOoHf0yvvV7HdAH5R84sI0WxOLF0InFgW45nsGD-lGrBKD5j2YQsBs80L2T3TF-5E5h0-aZU6-dq7z2y9z5uRniy-0r-g5PQsvafhwTKQIuCGGyntv-r5WNHoTS9QRT8OGS3bWP0MkcndK4DJ_d5H0KOmcuZW91TUC9jGg2fc5fbokxuDXdMJYcl8AIoDIp2NqbYgY313eZO4AirlXqRX1r9YsbItp3KDZ9yJBFyE3jWW35fieHq0cim3Qtj4ov_vKkcKklAG7OV3n2NzraA69yZLouCNyDfKq4lZdyp02pqQ6h_ydwF84aeMHyOnd9lBMJX35VmUPhbp4LF7Dv13-1LAF4tSS-ErGfYQq_k0C57kcRD_DyqEHmo95Iq7y69toicmdDczj55GAQLy5KZt-dIwGejDIcJ4gFkFB_I0ID3gU1clbl8o5oVQN4qrDdk7GznF4PsMUKzq8_YOwBXIxLWUUqJBCRYsW6B9fKWpUH20aP0Uu1qGDHHjmKABq9xpUf_6gTBArFX4c5AI744tFf9M2YKAhI3fXamb2gKWEi4pApk5gnVlxpxjrqXX6bkZEaWJ-Gz3fd58WdlTt5buPWIDPJOzDqg&sai=AMfl-YTTjIntpiR9eMxCffgDkQT3qZWLvcCyKYVJEdhoLqNN4pciIRceiWQrSf8bD5jNqmVLMHJ3gx3XmtCzT5zropCrARGBUk__ccVBqDTxDzuoGD9oqE2hvEjxvR7OyyDgOs4yThDGv_Iwk1n_wh5yFrXxblUESHYYBsI6&sig=Cg0ArKJSzMdTyEzmmyU9EAE&cid=CAQSSwDq26N9zAdq9dvrH6a7WRuFjehPycwQxHLlWfzked8hQRC2yABcnhi0yvxkiD8UEx3BewoxDEi4SXEgJ9b6DulnQJyaeb6JbXd0CxgBIBM&id=ampim&o=456,688&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1386&mtos=0,0,1386,1386,1386&tos=0,0,1386,0,0&tfs=5251&tls=6637&g=100&h=100&tt=6637&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame A372 7 KB
4 KB 24ms
24ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=52776760;rtbwp=3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0;rtbdata=E6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Qoj6L5KxVT942u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOIUquuRB6dDAK3m21jRn1toLUhj0OruplRydjVB2b1Bbn0XgsEEHJOfilXC83Ln8ApD7Ie2G3HfFH7cXH6RtSU_nfEg0iTdYXkD9jTA9wD4ksfMEX5By_Xskui0bMBUl7Fjv4RNbzNKFQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=16x;103;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

73d2dc93f1dc9fac58c416346a38bd6b4bf49b6feade091aa7ea0bd294ad5002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3320
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 056F 8 KB
4 KB 22ms
21ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=el6TqoVMDqYxl0wbZ7BTsjDPbCsHC3IuGyi96-iBEXiuGCq_BnXAyVAnoZODnFtPbcnv062g4GWlmXc3im9CjgvvoiRcP8PVuzVMIBRTO13JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesqB15WDlK0ZIsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=NzdvgD9gYJF42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SXOYPggT9YK4oafCEGqmAP39D7MSfrVkeeHqXI7BZTla6tzJEWFgODgIMAiDHzoAnrGU6O_bacNgzVhbT58Z3bjvRZ0QPlrLa487kQPD7qPMfMEX5By_Xskui0bMBUl7FrKxSbT51v4QO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=17x;7819;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

be501dea12060c49191862485cbc7e82aacd9fa4e365b94cd760a2b7c16fe201

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3303
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame A3A3 8 KB
4 KB 23ms
23ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=nedVi83WsnvuwYG4pwN7wWQfmiISvqpxHJgnhBNEdMF-bIBZuq023dO6EqB0BATo8rexdUz48iFv3-m0nIg9zbxZStwh7Ig57Z88je1ZJrHJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes_HwUFDsxAJYsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZnZyU2CeQMZ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Smz6DiN2xBdd-YgH7ky7JZlUnhqCF6xwOl--QfGPSG_OzfaDIhLmsXlBWf7lXpubTAmCQC1ruH5CSwHNsjD6RfWHGPRR9qDwq487kQPD7qPMfMEX5By_Xskui0bMBUl7GIomjd2CVv1AO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=18x;4991;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

435899a427374f4173894cf5e81e32ed61a3d77bb53b5465fd983619d3d28560

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3293
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 90A4 8 KB
4 KB 31ms
21ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=USZo8a-cS5k3HSapHNWz6KzboUFQG3yp0;rtbdata=Bn6VM2oCxshsJBJGaugXNeYj2aOaBq3B6L83QIj17HYYOBhAj_cAZTRRtJvKKd9iybm0rP3h1kj2DfAOsQzDQiEQN453GDQEUaFRSbckBQvJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesTbeAlC6eDDFAgpBh3_9PptmhJaxM7bDE7nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=dwM4mnrZthYWcRYtgUbgFKBG_kd7sUIQyQbNzqOyWmxMr4hLISKiONol5kSYxyp8wBT8A18WkWQdSihwuRFs2dLzik8OS_MJdLENeERtvyAFI1e6n61PJYj7Z_ssjYeSohcY6vbxqK860R6LeeqNBqShCn1yzlSyuTNlEnA-3LJnn_WO9d-tmQj9D2es57yWsM7lnDxo7-oXOqVKttkMPA2;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=19x;6572;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

58caccd23b2b2fc0e00e6667dc73b1487cc4a5249994176fd4012a9ffcba4fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3218
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 9EA9 8 KB
4 KB 23ms
21ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=A8iMOn7YAicxKiJTDezZ5f2f3J0MGoLi5odfww-H8VUNjxCDM4_Y3ecxbCA7OgRLTCm29U1ofij6vZ1rUVCusjBQC4jNBJYm2tncKUcnSd7JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesMYvWYadD4kssOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=yDsomYhG62l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R_ukBu4ag5a3bSvRg4jBp3H7xptAqVGZWPJI3fcArP757eVzc-64HRpCtgLd1wnBr6667J5fy7qX4nt2-FdKcpP4u3jTwHNpS487kQPD7qPMfMEX5By_Xskui0bMBUl7E3W_BpddaodwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=20x;2144;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

22b26a0ac382f15f32a0f456a772ac42da81471c10de0f60e3922dc0fba1074b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3306
expires: -1

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 4DF7 531 B
881 B 105ms
8ms Document
text/html 2a02:26f0:3500:12::1730:17ba

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%2245726875-77a6-4cfa-bb73-cec6988c70f2%22%2c%22adomain%22%3a%22beratung.de%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2257914107%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222796514%22%2c%22adid%22%3a%2257914107%22%2c%22hash%22%3a%227119620357779641960%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:55 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Wed, 14 Dec 2022 01:35:55 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 8BC7 967 B
1 KB 22ms
19ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=57914107;rtbwp=t6U2F2EWMU9ythgf51MWyGiIKjg1hTtwFVALSA;rtbdata=C8pQXsG6MGInaXEP9JmiFOVBFqH3xFVvas7a2nU_-OmzEqcjlxIRvraIVzTFqXjpuPNnD07tIllqiwC5SzjbT01S3DLbpjOTtKRn7DZziLHJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_zQ3UQQloec8mpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

079160c7e06b98f02a89b863805f2dcc672037489605074c997718517575616f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 824
expires: -1

GET
H/1.1 200
OK aip
itx5.smartadserver.com/h/ Frame 8BC7 43 B
270 B 205ms
26ms Image
image/gif 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx5.smartadserver.com/h/aip?uii=6805698377046358137&tmstp=2907471388&ckid=4218824312287297358&systgt=%24qc%3d1311347762%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24wpc%3d5443%3b%24wpc%3d1273%3b%24wpc%3d12210%3b%24wpc%3d6425%3b%24wpc%3d8630%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d7826%3b%24wpc%3d12265%3b%24wpc%3d12213%3b%24wpc%3d11709%3b%24wpc%3d6222%3b%24wpc%3d11737%3b%24wpc%3d11741%3b%24wpc%3d11748%3b%24wpc%3d12176%3b%24wpc%3d11694%3b%24wpc%3d11690%3b%24wpc%3d12196%3b%24wpc%3d12215%3b%24wpc%3d11700%3b%24wpc%3d11710%3b%24wpc%3d5753%3b%24wpc%3d5917%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5830%3b%24wpc%3d5832%3b%24wpc%3d5833%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5807%3b%24wpc%3d5809%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5920%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5137%3b%24wpc%3d5144%3b%24wpc%3d5145%3b%24wpc%3d7540%3b%24wpc%3d135%3b%24wpc%3d163%3b%24wpc%3d1904%3b%24wpc%3d1906%3b%24wpc%3d5180&acd=1670895353192&envtype=0&opid=1830d736-9de7-4c67-9364-649085c06b11&opdt=1670895353191&siteid=555020&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=3&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fearnme.club%2f&cappid=4218824312287297358&capp=0&mcrdbt=0&insid=9310545&imgid=0&pgid=1691712&fmtid=88200&isLazy=0&rtb=1&rtbnid=1999&rtbbid=1752623346786105248&rtbh=4369128a4279c22eb6aa89a16275bcfd31ec7229&rtblt=638064921531960988&rtbet=0&rtbptnid=22&cftgid=b448e5b41b8e
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame FB79 531 B
881 B 103ms
8ms Document
text/html 2a02:26f0:3500:12::1730:17ba

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22dfc41772-f53e-48d8-aa34-25f8b588fb9a%22%2c%22adomain%22%3a%22beratung.de%22%2c%22page%22%3a%221643378%22%2c%22format%22%3a%2271867%22%2c%22crid%22%3a%2256680285%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222734923%22%2c%22adid%22%3a%2256680285%22%2c%22hash%22%3a%22-5756273547007671342%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:55 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Wed, 14 Dec 2022 01:35:55 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 2A6C 1 KB
1 KB 21ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=56680285;rtbwp=zUi57vGt5nKTHPsQ2bnybJKuVObYMBE5yw3PRw;rtbdata=-0zUFzE6t5t_IRPvTPxcZ-H-auXvF8cnTJPvBNmSDLYFkqBCj8BOyISaE_Zh8bPLjp2cf6dT8KZuimXNwQpa6R7qBcHyD6lM6Jk7-YbVvWLJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRrbPiSuQrZ68GdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrevnFFEaS7agsN4iOtIBxgX0

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8f8cf9772d485a041ed2b4b667ad9885ab47f8b74886835d2de7670e05cb1a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 999
expires: -1

GET
H/1.1 200
OK aip
itx5.smartadserver.com/h/ Frame 2A6C 43 B
270 B 195ms
27ms Image
image/gif 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx5.smartadserver.com/h/aip?uii=7508513678964288426&tmstp=1641708454&ckid=3958765635947364295&systgt=%24qc%3d1311347762%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24wpc%3d5443%3b%24wpc%3d1273%3b%24wpc%3d12210%3b%24wpc%3d6425%3b%24wpc%3d8630%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d7826%3b%24wpc%3d12265%3b%24wpc%3d12213%3b%24wpc%3d11709%3b%24wpc%3d6222%3b%24wpc%3d11737%3b%24wpc%3d11741%3b%24wpc%3d11748%3b%24wpc%3d12176%3b%24wpc%3d11694%3b%24wpc%3d11690%3b%24wpc%3d12196%3b%24wpc%3d12215%3b%24wpc%3d11700%3b%24wpc%3d11710%3b%24wpc%3d5753%3b%24wpc%3d5917%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5830%3b%24wpc%3d5832%3b%24wpc%3d5833%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5807%3b%24wpc%3d5809%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5920%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5137%3b%24wpc%3d5144%3b%24wpc%3d5145%3b%24wpc%3d7540%3b%24wpc%3d135%3b%24wpc%3d163%3b%24wpc%3d1904%3b%24wpc%3d1906%3b%24wpc%3d5180&acd=1670895353235&envtype=0&opid=448429eb-5058-4532-9404-72fccca6812e&opdt=1670895353234&siteid=527999&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=18&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fearnme.club%2f&cappid=3958765635947364295&capp=0&mcrdbt=0&insid=8358291&imgid=0&pgid=1643378&fmtid=71867&isLazy=0&rtb=1&rtbnid=1743&rtbbid=5739927207655202737&rtbh=23d9c6771ca10e6970af9650ae7eec535d11624c&rtblt=638064921532429441&rtbet=0&rtbptnid=22&cftgid=9baac442d456
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 3455 34 KB
16 KB 21ms
21ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=59973788;rtbwp=VLPvAtWBS0AEFrZmp8rZv6zboUFQG3yp0;rtbdata=el6TqoVMDqZMvNrwuwj5L_gh-Krp2vjHtNVHQU4OBy0ISjrEtFpOfDZ9JNJrNRQTHWyHopwZA_vGeKpNH8fNV_6Q018Q_0xzIfeN7JC-XW7J04_xY4TIsqaR6UG2tCLk4xzBRbCjWP1VphNr_nErroI1dDrbif0SU4yEcxci_DWb1Jfou_okYKQckU2Fb4eYRmggcV4l69A5sq1GjnARB3zmVI9sa37EHsgSY50jif5CfsRTXA7rNEBXtIMbdIQoK6795bbid_rgluaqRTTtSEcn7z1MzRlCf7gpsbU7-dDPOHlrY1s6p8N4iOtIBxgX0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=d1Lp7PzCglF42u1ywTJ-2lrE5z_TqIuLhMXjfvPR-5DT_Xu5LeVuf7EkOMSwEW3PscLnfLql09UNU04UiohQU3Zr4kbBOP_qk6uZHsZLLLoxHA33UP0PH2mnAbalgP-j8j9zlpS2mQZuKM90GWTYi8Y_Zsa4g9hCnzYymPlhv7zTmUy7WOFjysfMEX5By_Xskui0bMBUl7Eykz4k76ChXwO8_7rsP1jj0;pui=CQ8Cld2Xq9xLwkVBlejJG2bM8sBoZ15gTaKerHfRIMPer1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 501E 32 KB
8 KB 173ms
11ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame 501E 2 KB
2 KB 172ms
10ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=el6TqoVMDqZhu6YCf0OCJ3XiGiqIotY4Mcx-asIOX4sYcfaF87gK5Bmhi8XDu_Q20YD3o_e-16P37_NXUdN2SYcjqzBAwiw0fVzRPfRjYWrJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesfB28gUDijSksOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17MMZYu-qCtQ25mz8FOyQjSJcpbGPEGo8MCvZhEBkHI_cJoG9QWsDzBkh1VVYBJ_O0267zOAy-nMYYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIN7C6ZbD3_Kdny1jGJ6ICNKmE4jqDcmLs7hpot9jjjRDislSvaT8pY9UJA2W73mpOFM8U683dBGYKxPBYXw7dFk_iEyDDukn-NSWbwUcQnj44rXpmTozSPnMD_rxmhFoK7RCaBZL4zyQVpY85awadnBrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR8B2GmaDHJd9v2YCfR6PJpzuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: d4fc02281636eb949dd4bff91fbe07df0c55e6dc241fd49bac240074584d37fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:55 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 501E 35 B
468 B 19ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=5NpYvO-7nF_ds_ji_bYtmC-H9hP76mQoDwUTFvuwshcJDwKV3Zer3EvCRUGV6Mkb-p2x1Bz_iVdXDvq_j6XNiGQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1

200
OK

request.php Show response
ad.ad-srv.net/ Frame DA23
Redirect Chain

https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2...
https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2...

5 KB
2 KB

84ms
59ms

Document
text/html

144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkdonne%26e%3D1070536818601&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAAOCjcM0_MFdxcAqnjD8W9rTDX5OVPxKoJlOa5EQSXg18asgO4Wb51pdjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAPycl4gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521tRb8dwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0D8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96588%2Fclickenc%3D&uidRedirect=1
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAAOCjcM0_MFdxcAqnjD8W9rTDX5OVPxKoJlOa5EQSXg18asgO4Wb51pdjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAPycl4gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521tRb8dwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0D8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96588%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1969683613
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 2f7bf6e4e67fa007bf77670ceead344df6541db34e7bebb11962d96b2f3e99f2

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1797
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Dec 2022 01:35:55 GMT
Expires: Tue, 13 Dec 2022 01:35:55 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 47471400004385301467939012172018

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:55 GMT
Expires: Tue, 13 Dec 2022 01:35:55 +0100
Location: request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkdonne%26e%3D1070536818601&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAAOCjcM0_MFdxcAqnjD8W9rTDX5OVPxKoJlOa5EQSXg18asgO4Wb51pdjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAPycl4gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521tRb8dwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0D8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96588%2Fclickenc%3D&uidRedirect=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A812 52 KB
17 KB 53ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kdonne&e=1070536818601
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6683
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:55 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12541
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220034-HHN
X-Timer: S1670895355.179102,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 016C 0
819 B 15ms
15ms Script
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QKyDPQkAjIGAAADANYABQEI-a3fnAYQktCamaWTuaISGN6a8NOG2cPwZio2Cf3Gy-Me4pE_EXq8k4a-v4c_GQAAAOCjcM0_ITBXcXAKp4w_KRb2tMNfk5U_MQAAAEDheoQ_MNuv7Qw4mFBAyk5IAlCT_PlmWLXyoAFgAGi4n8MBeMzyBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJTdWYoJ2EnLCA0NTI1MzYyLCAwKTt1ZignaScsIDQxMjYxNjksIDApO3VmKCdnJywgMTE0OTM4ODcsIDApO3VmKCdyJywgMjE1OTA3ODU5LCAwKTuSAv0DIXoyUFkwd2pGaUkwVEVKUDgtV1lZQUNDMThxQUJNQUE0QUVBQVNNcE9VTnV2N1F4WUFHQ1dCMmdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCa2U4SzhPRjZsRF9CQWE1ZHZJaHRrcFVfeVFFQUFBQUFBQUR3UDlrQlV6OXZLbEpoN2pfZ0FkbnItd0gxQVFyWG96eVlBZ0NnQWdHMUFnQUFBQUM5QWdBQUFBREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNek9qWXdNemZnQV93dmdBU2J2ZGtEaUFTY3Zka0RrQVFBbUFRQndRUUFBQUFBQUFBQUFNa0VBQQ2jHEFEWUJBRHhCEQ8oQUFBaUFXVkw2a0YZuAwteEJRARoJATx3UVY3Rks1SDRYcVVQOGtGCRYUQUE4RF9SLigACDJRVQ0b8ENEd1AtQUZ1eER3QmZfRHZRWDRCYkthbEFLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQm5zVXJrZmhlcFFfcUFZRXNnWWtDUQ1LDEFBQUUdjABHHQwASR0MVHVBWUuaApkBIXRSYjhkd2pGaUkwVEVNAdh0ZktnQVNBQUtBQXhleFN1Ui1GNmxEODZDVUZOVXpNNk5qQXpOMEQ4TDBsVFAyOHFVbUh1UDFFAXwJAQRGawkIAQEER0UBBgkBAEcdGABIHRgQSGdBaVEREPBARHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2Vhcm5tZS5jbHViL_ICEQoGQURWX0lEEgc0NTI1MzYy8gISCgZDUEcBFAwIMTE0ZQEY8gIKCgVDUAEUOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAADwkgQENPREUSAzYxNfICFgoIQ1BHCRJECmZkMjA4Y2I3MzPyAgsKB0NQCRgcAPICEAoFSU8BZggHNDFljxjyAg4KB0lPCSEJSzgTCg9DVVNUT01fTU9ERUwBLhQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcDQoIU1BMSVQBTfDtATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO2wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE4NS4yMTMuMTU1LjE3NqgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA8xMDA1OCNBTVMzOjYwMzfaBAIIAeAEAfAEk_z5ZogFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbCiAvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aa7M9oGFgoQAAAAAAU3DQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOL8GQADIB8zyBdIHDQkNNwU4CNoHBgknaOAHAOoHAggA8AeLvwGKCAIQAJUIAACAP5gIAQ..&s=f3f25ae4e545c08661ead70b2c0f5ce470b1d7d8&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkdonne%26e%3D1070536818601,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkdonne%26e%3D1070536818601&

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kdonne&e=1070536818601

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:55 GMT
AN-X-Request-Uuid: 570a0160-b560-4a0e-8742-34f2e6043c33
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dis.aspx Show response
widget.nl.eu.criteo.com/dis/ Frame 43AF 26 B
423 B 157ms
16ms Document
text/html 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.nl.eu.criteo.com/dis/dis.aspx?pu=189812&cb=6397d6fa7732e33f64e566b9d46a6dc6&r=https%3a%2f%2fflashnetic.com%2f

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8013c528ac4b5769b0b92d558d0e4e8fc5ce3db53e16d59b84bd249b29faa294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:35:55 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1333533
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1C24
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8LVaw3piQ5aBX-vACMZ1vg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8LVaw3piQ5aBX-vACMZ1vg

43 B
479 B

38ms
37ms

Image
image/gif

54.239.38.253
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8LVaw3piQ5aBX-vACMZ1vg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Protocol

HTTP/1.1

Server

54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: TRJWJA1XPGAREWWBAN8Q
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8LVaw3piQ5aBX-vACMZ1vg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C24
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTI0ZjYyNWExMjcyMTkzNjVkZTQ1NTk5ZjUyMWQ3NGEzNzgxNWE2Mw

170 B
188 B

49ms
48ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTI0ZjYyNWExMjcyMTkzNjVkZTQ1NTk5ZjUyMWQ3NGEzNzgxNWE2Mw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTI0ZjYyNWExMjcyMTkzNjVkZTQ1NTk5ZjUyMWQ3NGEzNzgxNWE2Mw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1C24
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDY6Qh9Lo4xgPUAmMlVW32E&google_cver=1

0
239 B

46ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDY6Qh9Lo4xgPUAmMlVW32E&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDY6Qh9Lo4xgPUAmMlVW32E&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 1C24
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBLJY5AH-20-1P9G

0
708 B

213ms
187ms

Image
text/plain

2620:1ec:21::14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBLJY5AH-20-1P9G
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: B2A841ACCE69456E81EB4D117069AA3A Ref B: FRAEDGE1212 Ref C: 2022-12-13T01:35:55Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXvq6QewAVydaz68n1jIg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBLJY5AH-20-1P9G
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1C24
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0u6c5rXoQkGgZz_tk1cUsw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0u6c5rXoQkGgZz_tk1cUsw

43 B
479 B

115ms
115ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0u6c5rXoQkGgZz_tk1cUsw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:56 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4BTQTRBY8E74JV1C1ZXF
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0u6c5rXoQkGgZz_tk1cUsw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1C24
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJMSlk1QUgtMjAtMVA5Rw==

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJMSlk1QUgtMjAtMVA5Rw==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJMSlk1QUgtMjAtMVA5Rw==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1C24
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/Gbdwqrbf7f5fp06EDeHYxMn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xJpbu0tE2oIV.4uWljEigZ76nSbDVXG7JNh5tA--~A

0
239 B

8ms
7ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xJpbu0tE2oIV.4uWljEigZ76nSbDVXG7JNh5tA--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-xJpbu0tE2oIV.4uWljEigZ76nSbDVXG7JNh5tA--~A
content-length: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 1C24 70 B
265 B 176ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 271A 0
20 B 70ms
69ms Ping
image/gif 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=46561633237&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 271A 0
20 B 83ms
83ms Ping
image/gif 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=46561633237&version=m202209210101&ct=2&x=8&cor=17103072907991036000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 271A 65 KB
30 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOLqh8SPv_Aog0NR55Vi8BXbfm7LPCZRkiCYQbNU77cNFDi35c0kSkn4szPFnwHJcbf0jP717m1cUKLohGlKzgHqF2_g5hAEfaTWXUo74iyvoUeAAJK38twKG_Eh_Sfn-VwBys89jwflQsVv6uofwCIR2UYOJSUnK0FS3NHeHU0ga9CiM&cry=1&dbm_d=AKAmf-BkupPWNzoEslHUxwTW2pFm0Fedb52-sxmO6CxuH6mY_hk7mglvgPZxzS_-V68iw3W_G12Htc4rVs-9E04rv5UE1F02XJ0EMRvY4a1c3TypfnZjuY9jYF88Pge5Gr_op-xXhLcPKEWi-yGN309tEQZwZ1wZu9j0q_SRKbFIOb6Oz4Jo0mfpHX4mT0N3DsccNSHscxF4NI0gCrClEhvPryvr91NMgO-VIr7JvmKD7AGAgWYP776yV6Yk8ODBITF29Tk4amAZJ_TlrbinHRl38rqNwDxIvlLyy4ocY4tXnl2dGk_k7LlR-8qd2EjiW9D_sD1Auclfdcow4Q6VvVv-bfZ25gMjJ6410ulVZN_sJrOPrlmFPK1xszs1B860eCGkCcTaB2kazSCxUWzUgdc7NiEIjzpSFx7_T5nX3lckSY8UhlvCOKDFhNb86_4-qGq1xL0EHnB_iU2ggtVl4UF-yvjiO3lGLBVXiONISDc4dbBPcZAB1p1Ae9r277j-z8MA9ayi8be1yPyQocWh3W0-BoDtAiL_yUTai71GiSZdPtAs5SZAVRVt3lJPLu01IaLgC3E373jkni6tcghSLONvYcRmV9heWqyrjnMtXAT_dvYu3AqpParqnEpGfDKKJbqmyr12Y2xbrfaHQL_MTwvztYzXIg12YpHQv2sSY6DNirlXylQogp9XRQJf8OHi4tM__6Qq2GUdjobiOMz4OrIukTlHjdq2ejZSObwC2hTMc3L2BdZ-mNLjlMsNHYHbXqB_Zg2wZ4Am6qdT8dSYmaSX_wrrB0YcKHzO_9OdYnym1gPZELsBPBi0w1Xui18Ba-ICMqxilEsHO_vVZmZ1wJRpPyY7DmQusVAYMNwaxdYQcqplJIrZ901X9I0G8qOxWs3Zn_xN_aS8AnThNAuh1kniO97UdZD-tP48-GuWerzhYVuRJQRHgsJnQK0QsdCWRp_8Ee7nu4Czn8xml_9AqOTZFZh4yd9In0RJwfZZ_OSU4iO-q6cv092UIzPuQOiUQ0AVJNJmxU5sxmHe2c6a-8erlYIgGnbnnXh8YdUEt-exbnEbiMyilDnidkcgY-NnW0Musw6VLm4fPoeHnDGY1bkXkop_4ivu5Qb4L0YJ5euygX7Fd7Z7jtjYfQMBAmgjR2ScNUi0DB91ozyhlvVZoqYT9Dr4E-JjlAjFhi9GbnPeGIQjywR9_7Ph3dBiqtoOhOealRDUFbvyWMxsk4NL0XdQBDHHpVajhnU200CD_mqBp6WztoUWnwkkFPqeuqAd4Q1QlgwTYlRUlZJLMr7VQ30MmoGLGRisK-S4uViuUMBTDujctDe5XTSO0Ecvo4rtBEY5o3iz2BXDi63L1QuzupHECeW4Bc8wQCl7DMcTjFQqmDThE9wJ1BT39w0sy_AAHyBEE4k-qKmxAh7jFeZj7reKZ1kH6fvk-NhRv_YXoY8lxGkAIVdm6HdSv6gX6dVZhtbvYvlcqL5Z3RalhFd6r0iHWoPHCIfCzO0vmceXlYc10_Z1IvNPMkT0Jmql5QOoopSurxQX-wqernzA1b0QUEM0O1OU6cp7IbruQLoVYbVfklv_j-TShVhGqh4TOlfYCr6Evx_m8WXf7vDGs9Ls5APnak7GH7ksRRg9GUCrUDL41zrWot8XO5E7UgCRKXTFLUXgXzJnPgA3YC5gQyc-fkOLEDpD5q_QNoXxyNChnvp0UeR-myxBNr-I2sswKuJRBsBLR3fj7Ejkpawbt03wL0EjjpZjBB5sUtJyAaOsCzKhJ5dm-mtqjIlTqr2eWYz2ZBK80rI-adEdpvUvTd89cBXh4PEW-suH1CW0H7F-EFT2T_2rSR90WDit_NnGcSvSIRhsGLYMyCnFFbZy_yFbQX9K6VM-saE7PVQh7CA1Nu1hUjtiGxq2z0aoW-4RCnzMD7aygKhaxMNVV1NPlog3INqUOM2KFtZsSG1Of6vPVM5-UcMSNoPFh-nE8pSHL70FobN182KE9qOqN7Hc5-q3aUIr074x6KASa5Jh9mcNq4fk6XYEb78UyIRilTElF38jImB6vmqZfPlwtTtlZxSk_WT8ukc1JE7bAVO4H4PnPwmeLGGC_4oXCyTpCRyQZVDP2k47aZ6qwxGSBDIXfVZ36gLEdCdJr38ROfLKRAzWMmIQB31u8eUXEZlOBo7gynWzxsGVdRISt0Raba_Z8HP6RITFeRYRWP-cPyukrk54sEqU_FIl-EQi3sRdHKzk3S4YdJBwSSjHRVOQVVKdnmVBak-cY7psX_SOqyh-f5EOSXNkU97clD9e6lvtJUbyjqzPbboZlcIbVNLQ8ej2lyS-UzGEe6VNvxkw4egfxv64kHuGwPqDpdMhw5Dh7v7GRQIdTYlM9ZvfSBV-bI4Swh7o1RALKax3PB8_Pl0ooEfQrois69sgn7PIm0sHkLV30g8IoAX0KOEff54aOBpUXSOE3sOjsY2ZBBewA-TNU8fhAvwZDVOxdAz0Hi_6CHhp244TW5U2pmdey86nqNI-fKlNwSmVMuQXCUvBJnEBH6yEy9OWpj8WlcG5QGnlLySKQTXBj8483qXyC6zN528glffBd9KP0dyLavacO4IYy_UVDurpW5yCsUD4XFOtV0n4nCy5xGVLHs8ChtoZ8Djy-tQ045aTcpFmH_0ohG8RqNslBALgBQGnqO9uEsr7CV1ZqbmKylNd7KsXVNjMLiPYu_PmWjQs2QzwJz3rPv0A9BsUr0_End92l6MAf_ck4SYGQ9Mnj69BcymltO4kLBSekkLhD_8C1bYpn7yU3KFJQ7cfxCb9ZBdWNvznl_Ht3Vr65tggj_URTeYjFvmReDQs5f4G6voiQJpTOz-FHEUBC1cw4gH5Y0TCwV-llkP23qSPB9u-CT2Dwh_sFUZTwHTaKBObTXGqMwMCgwTpvexJRBkqAOj4ZszsMUhPZqBoRvHkTzawrNv2Xu8KguUWd2bh8W-9Esg4VBvjrJUPtSjgJxCSmao29o9Npmg5gbaVveFnLOzMJ4Qklzrr8MWUYv3lEIT2S9YJ5oCSKug_8o6XQP_Q1prJ-YnMVsDZutIWd_Xmtr5FziYCB6kYoFfg4_aPzIFnU10Ys69-czSOO4hnbG6KrNIkhXmqf0cYita2rrhcepR2tkviAX_b7YaxrUpp7NmamdHsad3v2QTlM4lU69ZOxIKACoG7rCP7NhzSgAuSMR_3KmlS2N1PJjeMh4eCjIzs3aI0rXFlF6-pdYjQGPBq2euMjkKln0weyUboeX4b9COyqj476KmwoDVMz6oRc9hlXGQ2iNjrsQ8DL8yy32ryTLCVAWe6_x6JSWDeUofUyf6MJJwsd5Ojm3hekN2LipJQ-0h-f_3uH5JWnR7Piomqg9bHgAWUmwyiZgj8Qj33TZiMipRpbgtf2y43SxROnbdC3SIP6bAa_7ayQ6bHN_Xh5p-OMPn7U2FKu_GpjVYJgjQ8qOAfsW_biuTvAVxCZkyWSY--JnsFRYEcglXYP9zRNRqwzx-MqyqsGdugPGKKUrtX6XE8PXFayZRFsPQpQiKUSXKV3vX2_nqzZ7slp9O1HlzbXdlqMjDyzXg&pr=8%3A8AFFBC91AAFB785E&cid=CAASBORo6Rg&dv3_ver=m202209210101&rfl=https%3A%2F%2Fearnme.club%2F&ds=l&xdt=1&iif=1&cor=17103072907991036000&adk=1146448895&idt=65&cac=0&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

f2e84baa09b6522065865ae1e76e94ffa1e5469ec53c31579405f2f2c7316238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30585
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 3ED4 531 B
881 B 99ms
7ms Document
text/html 2a02:26f0:3500:12::1730:17ba

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22d79ba4d2-2302-451a-afc9-797067e9222d%22%2c%22adomain%22%3a%22firmen.tv%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2257892097%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222791953%22%2c%22adid%22%3a%2257892097%22%2c%22hash%22%3a%22-364700674608024840%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:55 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Wed, 14 Dec 2022 01:35:55 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 0550 967 B
1 KB 20ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=57892097;rtbwp=boiAhbMWi2EyOmpRE12kgGrAPs1Fvmio11s9UA;rtbdata=QbDIfGAuKeEH1MQ_220M9ATb70SElGa9xV07ZZotB6z5rq9aZskuf-wGnqiburzajWx22vlVDWhvY5J2i7tqw32INWQAw618_HLhW4zVJHTJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_TjbJk6k5dowmpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e35f27aae5bde0d96a30c05c0f467112db85155f5caeaae3f508b82f7b498d35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 819
expires: -1

GET
H/1.1 200
OK aip
itx5.smartadserver.com/h/ Frame 0550 43 B
270 B 127ms
26ms Image
image/gif 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx5.smartadserver.com/h/aip?uii=621749321316379817&tmstp=8640309641&ckid=5864872980905623480&systgt=%24qc%3d1311347762%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24wpc%3d5443%3b%24wpc%3d1273%3b%24wpc%3d12210%3b%24wpc%3d6425%3b%24wpc%3d8630%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d7826%3b%24wpc%3d12265%3b%24wpc%3d12213%3b%24wpc%3d11709%3b%24wpc%3d6222%3b%24wpc%3d11737%3b%24wpc%3d11741%3b%24wpc%3d11748%3b%24wpc%3d12176%3b%24wpc%3d11694%3b%24wpc%3d11690%3b%24wpc%3d12196%3b%24wpc%3d12215%3b%24wpc%3d11700%3b%24wpc%3d11710%3b%24wpc%3d5753%3b%24wpc%3d5917%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5830%3b%24wpc%3d5832%3b%24wpc%3d5833%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5807%3b%24wpc%3d5809%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5920%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5137%3b%24wpc%3d5144%3b%24wpc%3d5145%3b%24wpc%3d7540%3b%24wpc%3d135%3b%24wpc%3d163%3b%24wpc%3d1904%3b%24wpc%3d1906%3b%24wpc%3d5180&acd=1670895353343&envtype=0&opid=89217003-6620-4ceb-9226-45494960628f&opdt=1670895353342&siteid=555020&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=3&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fearnme.club%2f&cappid=5864872980905623480&capp=0&mcrdbt=0&insid=9310545&imgid=0&pgid=1691712&fmtid=88200&isLazy=0&rtb=1&rtbnid=1999&rtbbid=8343635675577368887&rtbh=6c2cd55bb7844dd5629418e14570d6684f9c3cf9&rtblt=638064921533463153&rtbet=0&rtbptnid=22&cftgid=506d0cc4ef55
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame DDCA 531 B
881 B 98ms
8ms Document
text/html 2a02:26f0:3500:12::1730:17ba

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22fc937f9d-cf74-4661-a627-4331887373f0%22%2c%22adomain%22%3a%22firmen.tv%22%2c%22page%22%3a%221643378%22%2c%22format%22%3a%2271867%22%2c%22crid%22%3a%2257891877%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222791953%22%2c%22adid%22%3a%2257891877%22%2c%22hash%22%3a%22-8011877618419582598%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:55 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Wed, 14 Dec 2022 01:35:55 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 4D6F 1 KB
1 KB 26ms
26ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=57891877;rtbwp=YwLdZAffQSZ5UvQAn7j9749_L0n8PiuFtuRhlQ;rtbdata=zY97pVFQ0ISsvTdgIq9K-4WFDKWnWIXE4uL-QZRU4Cjc6Oo_p3L3bRjZZe9Yka9bbRyukJPQQYHkZ-rOAW3qDtftHXqtEgqI5CpeuK_ZSzPJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRkgzbYpeynkqGdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrfiU0ly5wEI78N4iOtIBxgX0

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6c6aa9826b852ac7410654486268a950ec8930067e7b68940554dcdf558a8b8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1005
expires: -1

GET
H/1.1 200
OK aip
itx5.smartadserver.com/h/ Frame 4D6F 43 B
270 B 105ms
27ms Image
image/gif 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx5.smartadserver.com/h/aip?uii=407304761142103100&tmstp=2435858059&ckid=354201108575059772&systgt=%24qc%3d1311347762%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24wpc%3d5443%3b%24wpc%3d1273%3b%24wpc%3d12210%3b%24wpc%3d6425%3b%24wpc%3d8630%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d7826%3b%24wpc%3d12265%3b%24wpc%3d12213%3b%24wpc%3d11709%3b%24wpc%3d6222%3b%24wpc%3d11737%3b%24wpc%3d11741%3b%24wpc%3d11748%3b%24wpc%3d12176%3b%24wpc%3d11694%3b%24wpc%3d11690%3b%24wpc%3d12196%3b%24wpc%3d12215%3b%24wpc%3d11700%3b%24wpc%3d11710%3b%24wpc%3d5753%3b%24wpc%3d5917%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5830%3b%24wpc%3d5832%3b%24wpc%3d5833%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5807%3b%24wpc%3d5809%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5920%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5137%3b%24wpc%3d5144%3b%24wpc%3d5145%3b%24wpc%3d7540%3b%24wpc%3d135%3b%24wpc%3d163%3b%24wpc%3d1904%3b%24wpc%3d1906%3b%24wpc%3d5180&acd=1670895353450&envtype=0&opid=1bc3e509-b9d6-4a4d-a18d-59a6c3fd4a5a&opdt=1670895353450&siteid=527999&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=18&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fearnme.club%2f&cappid=354201108575059772&capp=0&mcrdbt=0&insid=8358291&imgid=0&pgid=1643378&fmtid=71867&isLazy=0&rtb=1&rtbnid=1743&rtbbid=825911478230607517&rtbh=a862c9bdff2491d4ffb3939d9206ecb47dc9222e&rtblt=638064921534534615&rtbet=0&rtbptnid=22&cftgid=c7388f40f624
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame BFF6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

46ms
46ms

Image
text/html

2a00:1450:4001:812::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: 1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com
URL: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H3
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Redirect headers

date: Tue, 13 Dec 2022 01:35:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 4895941329911483521
tpc.googlesyndication.com/simgad/ Frame BFF6 17 KB
17 KB 46ms
46ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4895941329911483521?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmSrI4wR5hxhS8HUUhCQsF4S7kL9w

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

626ffdcc2575c9677dffeca4f410575e8ec91a71aab472d0bf9fef208099ff6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 00:23:01 GMT
x-content-type-options: nosniff
age: 263574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17639
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 10:23:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Dec 2023 00:23:01 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BFF6 2 KB
2 KB 47ms
47ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 09:39:53 GMT
x-content-type-options: nosniff
server: cafe
age: 57362
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 13 Dec 2022 09:39:53 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BFF6 295 B
330 B 48ms
47ms Image
image/png 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:55:19 GMT
x-content-type-options: nosniff
server: cafe
age: 49236
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 13 Dec 2022 11:55:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9371 0
0 91ms
72ms Image
text/html 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=2464667968466042&rc=
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 118ms
29ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?oz_pl=1&ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&_x=1
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/884833/analytics.js?dt=8848331610101564891000&di=https%3a%2f%2fearnme.club&ui=2051167177128181596&md=1&ap=&sr=smartadserver.com&pp=1999&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:35:55 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.ads.smartadserver.com/2/2.86.0/ Frame E500 171 KB
54 KB 29ms
28ms Script
text/javascript 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ads.smartadserver.com/2/2.86.0/main.js

Requested by

Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/884833/analytics.js?dt=8848331610101564891000&di=https%3a%2f%2fearnme.club&ui=2051167177128181596&md=1&ap=&sr=smartadserver.com&pp=1999&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-154-165.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4cf8b51ee99974fc1dcbb68bf4cf750c294a98ff687ca27a391151974145f4cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin: *
Content-Length: 54882
Expires: Thu, 20 Aug 2054 19:30:21 GMT

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 861C 531 B
881 B 16ms
8ms Document
text/html 2a02:26f0:3500:12::1730:17ba

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%2296047b2e-0f4c-4ff4-a6cf-0b4a212e86de%22%2c%22adomain%22%3a%22beratung.de%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2256680285%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222734923%22%2c%22adid%22%3a%2256680285%22%2c%22hash%22%3a%22-5756273547007671342%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:55 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Wed, 14 Dec 2022 01:35:55 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 7711 967 B
1 KB 20ms
19ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=56680285;rtbwp=vXgnwwQaEhSLbrKOIVyWtolpchFwPv_3-oI_bA;rtbdata=RjLxfiHQw_jn7xi34bmqsy3c7UBwKD7QOm4MkqbVaBA-smWuS6dadgWa4mCAamGjiCR-qtG58IVvItvqXyf6-hMpVG1pj7EseXOI19JDVgrJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_mMRNgj-rLtUmpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

292f7115965ad95abeb234e702a8ce0b437917f481a61bdf2d6f314516b58a64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 822
expires: -1

GET
H/1.1 200
OK aip
itx5.smartadserver.com/h/ Frame 7711 43 B
270 B 19ms
18ms Image
image/gif 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx5.smartadserver.com/h/aip?uii=3246401845424817880&tmstp=8157434015&ckid=3498670653092560853&systgt=%24qc%3d1311347762%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24wpc%3d5443%3b%24wpc%3d1273%3b%24wpc%3d12210%3b%24wpc%3d6425%3b%24wpc%3d8630%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d7826%3b%24wpc%3d12265%3b%24wpc%3d12213%3b%24wpc%3d11709%3b%24wpc%3d6222%3b%24wpc%3d11737%3b%24wpc%3d11741%3b%24wpc%3d11748%3b%24wpc%3d12176%3b%24wpc%3d11694%3b%24wpc%3d11690%3b%24wpc%3d12196%3b%24wpc%3d12215%3b%24wpc%3d11700%3b%24wpc%3d11710%3b%24wpc%3d5753%3b%24wpc%3d5917%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5830%3b%24wpc%3d5832%3b%24wpc%3d5833%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5807%3b%24wpc%3d5809%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5920%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5137%3b%24wpc%3d5144%3b%24wpc%3d5145%3b%24wpc%3d7540%3b%24wpc%3d135%3b%24wpc%3d163%3b%24wpc%3d1904%3b%24wpc%3d1906%3b%24wpc%3d5180&acd=1670895353638&envtype=0&opid=1f433ef0-866a-4a0a-84c2-2b41950999ca&opdt=1670895353637&siteid=555020&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=3&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fearnme.club%2f&cappid=3498670653092560853&capp=0&mcrdbt=0&insid=9310545&imgid=0&pgid=1691712&fmtid=88200&isLazy=0&rtb=1&rtbnid=1999&rtbbid=1872739224003791605&rtbh=7b5db11cfe651114dc0aba10533266528907bcbd&rtblt=638064921536410756&rtbet=0&rtbptnid=22&cftgid=551b95468669
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame BC82 531 B
881 B 9ms
7ms Document
text/html 2a02:26f0:3500:12::1730:17ba

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22115c2d96-ca39-4af7-bd70-80df00929f72%22%2c%22adomain%22%3a%22beratung.de%22%2c%22page%22%3a%221643378%22%2c%22format%22%3a%2271867%22%2c%22crid%22%3a%2257914107%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222796514%22%2c%22adid%22%3a%2257914107%22%2c%22hash%22%3a%227119620357779641960%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:55 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Wed, 14 Dec 2022 01:35:55 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame FEDE 1 KB
1 KB 22ms
18ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=57914107;rtbwp=HRV1L2z-HaNNQo2Apx0fqOYVnSw5dp_BT75gOA;rtbdata=C2bzdA4hVWzs9trUd7zLVWNFZOanHEf4M9UGUdmrwiwY4O4CnIdG40KNea_3_9qz-4sMx71iAGuKOTwk41EmjrzEY2yzrFxVgtMcHaC8kqTJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRpueZ4dcGCvgGdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrevnFFEaS7agsN4iOtIBxgX0

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

207020ee62bca527b1fb22c32b5ee59f11e1b9213d0c7901f95e3334530e311d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 996
expires: -1

GET
H/1.1 200
OK aip
itx5.smartadserver.com/h/ Frame FEDE 43 B
270 B 20ms
19ms Image
image/gif 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx5.smartadserver.com/h/aip?uii=8312745645014620910&tmstp=9630633019&ckid=7108540220989669172&systgt=%24qc%3d1311347762%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24wpc%3d5443%3b%24wpc%3d1273%3b%24wpc%3d12210%3b%24wpc%3d6425%3b%24wpc%3d8630%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d7826%3b%24wpc%3d12265%3b%24wpc%3d12213%3b%24wpc%3d11709%3b%24wpc%3d6222%3b%24wpc%3d11737%3b%24wpc%3d11741%3b%24wpc%3d11748%3b%24wpc%3d12176%3b%24wpc%3d11694%3b%24wpc%3d11690%3b%24wpc%3d12196%3b%24wpc%3d12215%3b%24wpc%3d11700%3b%24wpc%3d11710%3b%24wpc%3d5753%3b%24wpc%3d5917%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5830%3b%24wpc%3d5832%3b%24wpc%3d5833%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5807%3b%24wpc%3d5809%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5920%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5137%3b%24wpc%3d5144%3b%24wpc%3d5145%3b%24wpc%3d7540%3b%24wpc%3d135%3b%24wpc%3d163%3b%24wpc%3d1904%3b%24wpc%3d1906%3b%24wpc%3d5180&acd=1670895353799&envtype=0&opid=4ec1fc37-18f5-4719-adaf-e2c42716acc8&opdt=1670895353799&siteid=527999&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=18&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fearnme.club%2f&cappid=7108540220989669172&capp=0&mcrdbt=0&insid=8358291&imgid=0&pgid=1643378&fmtid=71867&isLazy=0&rtb=1&rtbnid=1743&rtbbid=6032347784871771618&rtbh=3fc95b165684191f8d991b664b4403e81ec95f64&rtblt=638064921538024757&rtbet=0&rtbptnid=22&cftgid=9baac442d456
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame 95B7 531 B
881 B 7ms
7ms Document
text/html 2a02:26f0:3500:12::1730:17ba

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%227425eac6-6529-429c-bfd6-89bea630f6ad%22%2c%22adomain%22%3a%22beratung.de%22%2c%22page%22%3a%221643378%22%2c%22format%22%3a%2271867%22%2c%22crid%22%3a%2257914107%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222796514%22%2c%22adid%22%3a%2257914107%22%2c%22hash%22%3a%227119620357779641960%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:55 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Wed, 14 Dec 2022 01:35:55 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 15E8 1 KB
1 KB 20ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=57914107;rtbwp=nWwrKoCBlz6HGt-U83xIK71BzXRAhF7GE6q8_Q;rtbdata=xiHm6YAi-vVmr_3gZKRm98o9mQGY2QuHISffqLP7hA4tKTyUe4hs4hOKuvwmQ4wO_s_x9blzkuGytvWJqDnzen-16bq5Ws4PbvDITuqjyFbJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRrtdS2MB8-ROGdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrcEoKrUDHIGNMN4iOtIBxgX0

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3ca49ffede4c122326a45744dbb2e293b023cc9d6c85bba18c3924c60fd30d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 1000
expires: -1

GET
H/1.1 200
OK aip
itx5.smartadserver.com/h/ Frame 15E8 43 B
270 B 18ms
18ms Image
image/gif 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx5.smartadserver.com/h/aip?uii=1459509002574196360&tmstp=2513885839&ckid=3016560917713944337&systgt=%24qc%3d1311347762%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24wpc%3d5443%3b%24wpc%3d1273%3b%24wpc%3d12210%3b%24wpc%3d6425%3b%24wpc%3d8630%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d7826%3b%24wpc%3d12265%3b%24wpc%3d12213%3b%24wpc%3d11709%3b%24wpc%3d6222%3b%24wpc%3d11737%3b%24wpc%3d11741%3b%24wpc%3d11748%3b%24wpc%3d12176%3b%24wpc%3d11694%3b%24wpc%3d11690%3b%24wpc%3d12196%3b%24wpc%3d12215%3b%24wpc%3d11700%3b%24wpc%3d11710%3b%24wpc%3d5753%3b%24wpc%3d5917%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5830%3b%24wpc%3d5832%3b%24wpc%3d5833%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5807%3b%24wpc%3d5809%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5920%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5137%3b%24wpc%3d5144%3b%24wpc%3d5145%3b%24wpc%3d7540%3b%24wpc%3d135%3b%24wpc%3d163%3b%24wpc%3d1904%3b%24wpc%3d1906%3b%24wpc%3d5180&acd=1670895353649&envtype=0&opid=df12c6b2-2529-467e-a7bc-9347087518f9&opdt=1670895353650&siteid=527999&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=18&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fearnme.club%2f&cappid=3016560917713944337&capp=0&mcrdbt=0&insid=8358291&imgid=0&pgid=1643378&fmtid=71867&isLazy=0&rtb=1&rtbnid=1743&rtbbid=4729774426942358769&rtbh=08131b4bae64b4ea6bc5f91cb9e255db951185fa&rtblt=638064921536594600&rtbet=0&rtbptnid=22&cftgid=9baac442d456
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame C86D 531 B
881 B 10ms
7ms Document
text/html 2a02:26f0:3500:12::1730:17ba

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%2293cac6ce-079e-44b3-8344-f7c394fd0c98%22%2c%22adomain%22%3a%22beratung.de%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2257914107%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222796514%22%2c%22adid%22%3a%2257914107%22%2c%22hash%22%3a%227119620357779641960%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:55 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Wed, 14 Dec 2022 01:35:55 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 76B2 967 B
1 KB 23ms
19ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=57914107;rtbwp=CjkTFq2MfMBS5qqFQ7YbLmtTm_xCLhNaVswVWA;rtbdata=ke90qzTFtgwUEGpwB2OIqC4RsVuxr1GI3JBvhZb6xGvOc7CsNg_ScpQ6P-edhvCJURcl37Kesj0aunzkbEvh61f1DkI7YuDkw3ZguOXyGLrJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_EpdKVVJPub9h8aTD3DHXZeu8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

51424787f51e54d80bdcb1a292c4ce73fccf77a1a187646bc6319a07c30e85e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 825
expires: -1

GET
H/1.1 200
OK aip
itx5.smartadserver.com/h/ Frame 76B2 43 B
270 B 21ms
18ms Image
image/gif 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx5.smartadserver.com/h/aip?uii=6530686234621071956&tmstp=9739791955&ckid=6189458313892757258&systgt=%24qc%3d1311347762%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24wpc%3d5443%3b%24wpc%3d1273%3b%24wpc%3d12210%3b%24wpc%3d6425%3b%24wpc%3d8630%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d7826%3b%24wpc%3d12265%3b%24wpc%3d12213%3b%24wpc%3d11709%3b%24wpc%3d6222%3b%24wpc%3d11737%3b%24wpc%3d11741%3b%24wpc%3d11748%3b%24wpc%3d12176%3b%24wpc%3d11694%3b%24wpc%3d11690%3b%24wpc%3d12196%3b%24wpc%3d12215%3b%24wpc%3d11700%3b%24wpc%3d11710%3b%24wpc%3d5753%3b%24wpc%3d5917%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5830%3b%24wpc%3d5832%3b%24wpc%3d5833%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5807%3b%24wpc%3d5809%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5920%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5137%3b%24wpc%3d5144%3b%24wpc%3d5145%3b%24wpc%3d7540%3b%24wpc%3d135%3b%24wpc%3d163%3b%24wpc%3d1904%3b%24wpc%3d1906%3b%24wpc%3d5180&acd=1670895353822&envtype=0&opid=2e4a546c-34c0-4c52-bc27-ba0e882c3846&opdt=1670895353821&siteid=555020&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=3&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fearnme.club%2f&cappid=6189458313892757258&capp=0&mcrdbt=0&insid=9310545&imgid=0&pgid=1691712&fmtid=88200&isLazy=0&rtb=1&rtbnid=1999&rtbbid=1046697751493953756&rtbh=0bfd484c52b757fa3df428c28418842d42a2b8a1&rtblt=638064921538251804&rtbet=0&rtbptnid=22&cftgid=b448e5b41b8e
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame E688 531 B
881 B 10ms
7ms Document
text/html 2a02:26f0:3500:12::1730:17ba

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22f6f9f84a-18a5-4ec5-9727-76d7129ca1d8%22%2c%22adomain%22%3a%22iwd-marketing.de%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2256129379%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222717825%22%2c%22adid%22%3a%2256129379%22%2c%22hash%22%3a%228242811467456899294%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:55 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Wed, 14 Dec 2022 01:35:55 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame C6F8 967 B
1 KB 24ms
21ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=56129379;rtbwp=e4NwOcW29uF7feEByOXVe6J0jcoeHMvkpZFDJQ;rtbdata=wne0tGld-9ln1ew8_xv8abSxUM8Ag-rBFx-TXaKZ6P-6lPtbCRI087HxLXDO7UtQZaJ2yecpWLs_8jAC91urPWwneLafaP4DLmkf3M6pIyHJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_wEqmWq2V8i5h8aTD3DHXZUaZE5fSFo-peTqcoE3up6MpcWlM66LloJcp1C8rulQawVlJQDJVhiYuouAqghP3omnlVwJhAxQOQeEimShqzcc1

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

86f8b82974626dfa71e801856f321aa8e82f289dcbb390bfb7482b677ef3f7e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 822
expires: -1

GET
H/1.1 200
OK aip
itx5.smartadserver.com/h/ Frame C6F8 43 B
270 B 21ms
19ms Image
image/gif 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx5.smartadserver.com/h/aip?uii=4123768843232459728&tmstp=9316060403&ckid=7019787943043301358&systgt=%24qc%3d1311347762%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24wpc%3d5443%3b%24wpc%3d1273%3b%24wpc%3d12210%3b%24wpc%3d6425%3b%24wpc%3d8630%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d7826%3b%24wpc%3d12265%3b%24wpc%3d12213%3b%24wpc%3d11709%3b%24wpc%3d6222%3b%24wpc%3d11737%3b%24wpc%3d11741%3b%24wpc%3d11748%3b%24wpc%3d12176%3b%24wpc%3d11694%3b%24wpc%3d11690%3b%24wpc%3d12196%3b%24wpc%3d12215%3b%24wpc%3d11700%3b%24wpc%3d11710%3b%24wpc%3d5753%3b%24wpc%3d5917%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5830%3b%24wpc%3d5832%3b%24wpc%3d5833%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5807%3b%24wpc%3d5809%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5920%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5137%3b%24wpc%3d5144%3b%24wpc%3d5145%3b%24wpc%3d7540%3b%24wpc%3d135%3b%24wpc%3d163%3b%24wpc%3d1904%3b%24wpc%3d1906%3b%24wpc%3d5180&acd=1670895353920&envtype=0&opid=e70b9906-4a5d-4493-bdd3-8e9b6571a4c1&opdt=1670895353920&siteid=555020&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=3&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fearnme.club%2f&cappid=7019787943043301358&capp=0&mcrdbt=0&insid=9310545&imgid=0&pgid=1691712&fmtid=88200&isLazy=0&rtb=1&rtbnid=1999&rtbbid=5391276862519701572&rtbh=202c68df04a0dd9407a7419cf4b7cbb6cd637091&rtblt=638064921539231977&rtbet=0&rtbptnid=22&cftgid=0834611b7af8
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame C729 95 B
223 B 55ms
15ms Image
image/png 162.55.236.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.236.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/png
date: Tue, 13 Dec 2022 01:35:55 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 /
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame BD39 95 B
222 B 54ms
16ms Image
image/png 162.55.236.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.236.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/png
date: Tue, 13 Dec 2022 01:35:55 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0901 0
0 70ms
69ms Image
text/html 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=707367829888826&rc=
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 1EB4 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 501E 34 KB
15 KB 21ms
21ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H/1.1 200
OK st.min.html Show response
apps.sascdn.com/rtb/transparency/handler/ Frame F79E 531 B
881 B 7ms
7ms Document
text/html 2a02:26f0:3500:12::1730:17ba

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.sascdn.com/rtb/transparency/handler/st.min.html?%7b%22bid%22%3a%22141412d3-3bd5-43a6-99c0-2361f0aebaea%22%2c%22adomain%22%3a%22firmen.tv%22%2c%22page%22%3a%221691712%22%2c%22format%22%3a%2288200%22%2c%22crid%22%3a%2254901439%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2267241%22%2c%22cid%22%3a%222665998%22%2c%22adid%22%3a%2254901439%22%2c%22hash%22%3a%225095588509565445259%22%7d
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17ba Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 531
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:55 GMT
ETag: "cf77ec65ee9c36afad6942d47dda53fb:1613657530.934096"
Expires: Wed, 14 Dec 2022 01:35:55 GMT
Last-Modified: Thu, 18 Feb 2021 14:12:04 GMT
Server: AkamaiNetStorage

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame D7ED 967 B
1 KB 24ms
23ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=54901439;rtbwp=q5a_MJdgwArOEnF-cs_Mf-K0uQ2FiQ1xeo6mxg;rtbdata=aJKsiFVwk3mzCj2t8fHuYsKt-_ZI8256HlPvdGq1jL9jjnZSQn0X6VRzmorgIzdabsOEUD14wmr3F-MMmKRb7Z9K_U2srmWWp561Scw3SK7JdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_oZCp-QDaIvImpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQapFFk3vNLoIIuouAqghP3omAC5HLFvl7DQeEimShqzcc1

Requested by

Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d5b5f26ce8eaac0feb14e0709bca90e36f7e6d6769927a55680e8d44842d48bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 825
expires: -1

GET
H/1.1 200
OK aip
itx5.smartadserver.com/h/ Frame D7ED 43 B
270 B 22ms
22ms Image
image/gif 185.86.138.124
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itx5.smartadserver.com/h/aip?uii=3092035088764928255&tmstp=4914020921&ckid=2051167177128181596&systgt=%24qc%3d1311347762%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0%3b%24b%3d16999%3b%24o%3d11100%3b%24wpc%3d5443%3b%24wpc%3d1273%3b%24wpc%3d12210%3b%24wpc%3d6425%3b%24wpc%3d8630%3b%24wpc%3d1335%3b%24wpc%3d1336%3b%24wpc%3d1337%3b%24wpc%3d1338%3b%24wpc%3d1339%3b%24wpc%3d1340%3b%24wpc%3d1342%3b%24wpc%3d1343%3b%24wpc%3d1344%3b%24wpc%3d1345%3b%24wpc%3d7823%3b%24wpc%3d7826%3b%24wpc%3d12265%3b%24wpc%3d12213%3b%24wpc%3d11709%3b%24wpc%3d6222%3b%24wpc%3d11737%3b%24wpc%3d11741%3b%24wpc%3d11748%3b%24wpc%3d12176%3b%24wpc%3d11694%3b%24wpc%3d11690%3b%24wpc%3d12196%3b%24wpc%3d12215%3b%24wpc%3d11700%3b%24wpc%3d11710%3b%24wpc%3d5753%3b%24wpc%3d5917%3b%24wpc%3d5823%3b%24wpc%3d5825%3b%24wpc%3d5828%3b%24wpc%3d5830%3b%24wpc%3d5832%3b%24wpc%3d5833%3b%24wpc%3d5801%3b%24wpc%3d5804%3b%24wpc%3d5805%3b%24wpc%3d5807%3b%24wpc%3d5809%3b%24wpc%3d5771%3b%24wpc%3d5774%3b%24wpc%3d6205%3b%24wpc%3d6207%3b%24wpc%3d6235%3b%24wpc%3d6237%3b%24wpc%3d6239%3b%24wpc%3d6241%3b%24wpc%3d5985%3b%24wpc%3d5986%3b%24wpc%3d5989%3b%24wpc%3d5990%3b%24wpc%3d5993%3b%24wpc%3d5994%3b%24wpc%3d5962%3b%24wpc%3d5965%3b%24wpc%3d5967%3b%24wpc%3d5968%3b%24wpc%3d5971%3b%24wpc%3d5920%3b%24wpc%3d5933%3b%24wpc%3d5935%3b%24wpc%3d5137%3b%24wpc%3d5144%3b%24wpc%3d5145%3b%24wpc%3d7540%3b%24wpc%3d135%3b%24wpc%3d163%3b%24wpc%3d1904%3b%24wpc%3d1906%3b%24wpc%3d5180&acd=1670895353249&envtype=0&opid=cd2e3a17-0d40-42f9-9a28-9ac20ffa39b5&opdt=1670895353248&siteid=555020&tgt=%24dt%3d1t&gdpr=1&visit=S&statid=3&imptype=0&intgtype=3&pgDomain=https%3a%2f%2fearnme.club%2f&cappid=2051167177128181596&capp=0&mcrdbt=0&insid=9310545&imgid=0&pgid=1691712&fmtid=88200&isLazy=0&rtb=1&rtbnid=1999&rtbbid=4330773382780807964&rtbh=05b3151043646d1fac17a53aa6b75bf9fc9542c5&rtblt=638064921532528229&rtbet=0&rtbptnid=22&cftgid=78b99fa039c9
Requested by: Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.124 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 01:35:54 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame A3BE 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 271A 30 KB
11 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOLqh8SPv_Aog0NR55Vi8BXbfm7LPCZRkiCYQbNU77cNFDi35c0kSkn4szPFnwHJcbf0jP717m1cUKLohGlKzgHqF2_g5hAEfaTWXUo74iyvoUeAAJK38twKG_Eh_Sfn-VwBys89jwflQsVv6uofwCIR2UYOJSUnK0FS3NHeHU0ga9CiM&cry=1&dbm_d=AKAmf-BkupPWNzoEslHUxwTW2pFm0Fedb52-sxmO6CxuH6mY_hk7mglvgPZxzS_-V68iw3W_G12Htc4rVs-9E04rv5UE1F02XJ0EMRvY4a1c3TypfnZjuY9jYF88Pge5Gr_op-xXhLcPKEWi-yGN309tEQZwZ1wZu9j0q_SRKbFIOb6Oz4Jo0mfpHX4mT0N3DsccNSHscxF4NI0gCrClEhvPryvr91NMgO-VIr7JvmKD7AGAgWYP776yV6Yk8ODBITF29Tk4amAZJ_TlrbinHRl38rqNwDxIvlLyy4ocY4tXnl2dGk_k7LlR-8qd2EjiW9D_sD1Auclfdcow4Q6VvVv-bfZ25gMjJ6410ulVZN_sJrOPrlmFPK1xszs1B860eCGkCcTaB2kazSCxUWzUgdc7NiEIjzpSFx7_T5nX3lckSY8UhlvCOKDFhNb86_4-qGq1xL0EHnB_iU2ggtVl4UF-yvjiO3lGLBVXiONISDc4dbBPcZAB1p1Ae9r277j-z8MA9ayi8be1yPyQocWh3W0-BoDtAiL_yUTai71GiSZdPtAs5SZAVRVt3lJPLu01IaLgC3E373jkni6tcghSLONvYcRmV9heWqyrjnMtXAT_dvYu3AqpParqnEpGfDKKJbqmyr12Y2xbrfaHQL_MTwvztYzXIg12YpHQv2sSY6DNirlXylQogp9XRQJf8OHi4tM__6Qq2GUdjobiOMz4OrIukTlHjdq2ejZSObwC2hTMc3L2BdZ-mNLjlMsNHYHbXqB_Zg2wZ4Am6qdT8dSYmaSX_wrrB0YcKHzO_9OdYnym1gPZELsBPBi0w1Xui18Ba-ICMqxilEsHO_vVZmZ1wJRpPyY7DmQusVAYMNwaxdYQcqplJIrZ901X9I0G8qOxWs3Zn_xN_aS8AnThNAuh1kniO97UdZD-tP48-GuWerzhYVuRJQRHgsJnQK0QsdCWRp_8Ee7nu4Czn8xml_9AqOTZFZh4yd9In0RJwfZZ_OSU4iO-q6cv092UIzPuQOiUQ0AVJNJmxU5sxmHe2c6a-8erlYIgGnbnnXh8YdUEt-exbnEbiMyilDnidkcgY-NnW0Musw6VLm4fPoeHnDGY1bkXkop_4ivu5Qb4L0YJ5euygX7Fd7Z7jtjYfQMBAmgjR2ScNUi0DB91ozyhlvVZoqYT9Dr4E-JjlAjFhi9GbnPeGIQjywR9_7Ph3dBiqtoOhOealRDUFbvyWMxsk4NL0XdQBDHHpVajhnU200CD_mqBp6WztoUWnwkkFPqeuqAd4Q1QlgwTYlRUlZJLMr7VQ30MmoGLGRisK-S4uViuUMBTDujctDe5XTSO0Ecvo4rtBEY5o3iz2BXDi63L1QuzupHECeW4Bc8wQCl7DMcTjFQqmDThE9wJ1BT39w0sy_AAHyBEE4k-qKmxAh7jFeZj7reKZ1kH6fvk-NhRv_YXoY8lxGkAIVdm6HdSv6gX6dVZhtbvYvlcqL5Z3RalhFd6r0iHWoPHCIfCzO0vmceXlYc10_Z1IvNPMkT0Jmql5QOoopSurxQX-wqernzA1b0QUEM0O1OU6cp7IbruQLoVYbVfklv_j-TShVhGqh4TOlfYCr6Evx_m8WXf7vDGs9Ls5APnak7GH7ksRRg9GUCrUDL41zrWot8XO5E7UgCRKXTFLUXgXzJnPgA3YC5gQyc-fkOLEDpD5q_QNoXxyNChnvp0UeR-myxBNr-I2sswKuJRBsBLR3fj7Ejkpawbt03wL0EjjpZjBB5sUtJyAaOsCzKhJ5dm-mtqjIlTqr2eWYz2ZBK80rI-adEdpvUvTd89cBXh4PEW-suH1CW0H7F-EFT2T_2rSR90WDit_NnGcSvSIRhsGLYMyCnFFbZy_yFbQX9K6VM-saE7PVQh7CA1Nu1hUjtiGxq2z0aoW-4RCnzMD7aygKhaxMNVV1NPlog3INqUOM2KFtZsSG1Of6vPVM5-UcMSNoPFh-nE8pSHL70FobN182KE9qOqN7Hc5-q3aUIr074x6KASa5Jh9mcNq4fk6XYEb78UyIRilTElF38jImB6vmqZfPlwtTtlZxSk_WT8ukc1JE7bAVO4H4PnPwmeLGGC_4oXCyTpCRyQZVDP2k47aZ6qwxGSBDIXfVZ36gLEdCdJr38ROfLKRAzWMmIQB31u8eUXEZlOBo7gynWzxsGVdRISt0Raba_Z8HP6RITFeRYRWP-cPyukrk54sEqU_FIl-EQi3sRdHKzk3S4YdJBwSSjHRVOQVVKdnmVBak-cY7psX_SOqyh-f5EOSXNkU97clD9e6lvtJUbyjqzPbboZlcIbVNLQ8ej2lyS-UzGEe6VNvxkw4egfxv64kHuGwPqDpdMhw5Dh7v7GRQIdTYlM9ZvfSBV-bI4Swh7o1RALKax3PB8_Pl0ooEfQrois69sgn7PIm0sHkLV30g8IoAX0KOEff54aOBpUXSOE3sOjsY2ZBBewA-TNU8fhAvwZDVOxdAz0Hi_6CHhp244TW5U2pmdey86nqNI-fKlNwSmVMuQXCUvBJnEBH6yEy9OWpj8WlcG5QGnlLySKQTXBj8483qXyC6zN528glffBd9KP0dyLavacO4IYy_UVDurpW5yCsUD4XFOtV0n4nCy5xGVLHs8ChtoZ8Djy-tQ045aTcpFmH_0ohG8RqNslBALgBQGnqO9uEsr7CV1ZqbmKylNd7KsXVNjMLiPYu_PmWjQs2QzwJz3rPv0A9BsUr0_End92l6MAf_ck4SYGQ9Mnj69BcymltO4kLBSekkLhD_8C1bYpn7yU3KFJQ7cfxCb9ZBdWNvznl_Ht3Vr65tggj_URTeYjFvmReDQs5f4G6voiQJpTOz-FHEUBC1cw4gH5Y0TCwV-llkP23qSPB9u-CT2Dwh_sFUZTwHTaKBObTXGqMwMCgwTpvexJRBkqAOj4ZszsMUhPZqBoRvHkTzawrNv2Xu8KguUWd2bh8W-9Esg4VBvjrJUPtSjgJxCSmao29o9Npmg5gbaVveFnLOzMJ4Qklzrr8MWUYv3lEIT2S9YJ5oCSKug_8o6XQP_Q1prJ-YnMVsDZutIWd_Xmtr5FziYCB6kYoFfg4_aPzIFnU10Ys69-czSOO4hnbG6KrNIkhXmqf0cYita2rrhcepR2tkviAX_b7YaxrUpp7NmamdHsad3v2QTlM4lU69ZOxIKACoG7rCP7NhzSgAuSMR_3KmlS2N1PJjeMh4eCjIzs3aI0rXFlF6-pdYjQGPBq2euMjkKln0weyUboeX4b9COyqj476KmwoDVMz6oRc9hlXGQ2iNjrsQ8DL8yy32ryTLCVAWe6_x6JSWDeUofUyf6MJJwsd5Ojm3hekN2LipJQ-0h-f_3uH5JWnR7Piomqg9bHgAWUmwyiZgj8Qj33TZiMipRpbgtf2y43SxROnbdC3SIP6bAa_7ayQ6bHN_Xh5p-OMPn7U2FKu_GpjVYJgjQ8qOAfsW_biuTvAVxCZkyWSY--JnsFRYEcglXYP9zRNRqwzx-MqyqsGdugPGKKUrtX6XE8PXFayZRFsPQpQiKUSXKV3vX2_nqzZ7slp9O1HlzbXdlqMjDyzXg&pr=8%3A8AFFBC91AAFB785E&cid=CAASBORo6Rg&dv3_ver=m202209210101&rfl=https%3A%2F%2Fearnme.club%2F&ds=l&xdt=1&iif=1&cor=17103072907991036000&adk=1146448895&idt=65&cac=0&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 13:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11387
x-xss-protection: 0
server: cafe
etag: 8197878782792770439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 13:06:00 GMT

GET
H2 200 6321807540938277565
s0.2mdn.net/simgad/ Frame 271A 58 KB
59 KB 138ms
36ms Image
image/jpeg 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6321807540938277565

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

2f6ae09f162a58db11ce25f964fb7a8d545d59c6b4e2dbad902ed299968872f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 11:26:15 GMT
x-content-type-options: nosniff
age: 310180
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59448
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 08:14:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 11:26:15 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 271A 153 KB
47 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:35:55 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 271A 8 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:19:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 01:19:11 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 271A 0
0 159ms
73ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrZb_xoDyDHcbFpAfRuuTIRvybLgZxb2ysUTmLJn2pPHcokr2acstbRcmbygd7BKPEZq5ch98iH9J5rSJCY1zNArmEuXQZg2rbMtNbzpKTy1RED1c99PfGBq34bBt4LKDxbni4cJPNXFnreO4F87DHrz4zLreiYw_x1knF3LtwP0BEPtcz_HkLjKNI5drZV-tkCM9TvuKv6o-iJwVXFxgoJ5Zw-gx1fq4IhJAralCb05A_Ih2h54700oJsdx1xW-4CM-nLtMwfGa6AEn70nslytqvYd-ymoA_NmDxi-0Uo1wzOANsTdKpSUs-bDY7CyEq6rcSEyZ3MlMI-QqbVT8X3yA9jfZ845PxfK0LymfgQpcvvh7NQAEf5U1AyoeOR_gHQ3sQ83VDhNp7mA-xO3oQrydSSjXWUkJEf4TVJ1L-jBcUX8uOknZeQ4KAWdNikRu6Gtv2mogi-f9C967e_jTd1g2_Nnrtn8RvPv0ITRPSar3cOfxQBbvuW4rPEk5ti_uCPn0QNyZDBrkvDpuzvy8I1XENNIXQzaU15yfkAH4GoqzbJe2NfCfKCzecNoF3J_sVzUmm8BuTW9MIyo4v7eFSQfTC53BEsj6AYARcV0Zq-Vy8-rBpG21eObHq1iaEQAWrKpJB2WINbHGdHbupqeTri4M6r826-HDeIcV79RC6e5nI3eNpG99mLyXAJ2-NJ0TZlTmoKELQ6EnWfymYw1lWNz8mOzoKkpCchuPdU4E1cOG_OnEprWqkrUOXHToZKs1OJ8hheqeZ0BUsoBpWEs16vdFyfJvnkTa34OlgQCPrCo2O2zEKFx9eG09cfA3n6KIVgGOQI2TingoNGfF3PQs_Y8Sxgr9Qu4juyZHq361z7zWZEL6xUHcgZcCkWX4deMzmvmeuvaquE-LYNNUeVyT1ly4afdKwYGKVjJuysLtEjXG_fSlnn7-cFe8CCdDVK7D9IyDIe_WfCBiiAuAMxUBMH_V4pKC_CGE_zyqBUC8iWJwRuFIiZVPnHBHy61VDFRD27JmMwDHmYreimWgTssS0vhWzIse7wvvmZ4Xh7tLGU0BgFZenbeaf1YJk_uGrEIMnf8Z9lt3II8emW-4ws2eq97pFWGEhEovn0W_nU4Q3GUr_4ByAn7V65BFXwLWAKbh7pzxUeeElIZM0-&sai=AMfl-YRbh8p3C9zs7tVGm4FiiSCXS6qbfsptqU0njSQS9z9nnGQTzXCKD_HZ7fjzsPneSKB6-OZNEoBg048AP7kyKV54bb2rY-RtM5B3gYvm2bMj81GkmFWbR6TbS9_QSSf1oRuOn3mG1g&sig=Cg0ArKJSzBqBAY4YMdtcEAE&uach_m=[UACH]&pr=8:8AFFBC91AAFB785E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221207.23741&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 13 Dec 2022 01:35:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 01:35:55 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 271A 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 07:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325770
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 07:06:25 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C8E4 0
747 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:55 GMT
AN-X-Request-Uuid: a20026f5-1664-42a0-b0ed-53c416019660
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A812 0
747 B 20ms
19ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:55 GMT
AN-X-Request-Uuid: 48025919-efe0-44fd-8f8c-168e510d96c4
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 08BB 0
229 B 58ms
23ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=731d4d3ac974408c8e66206e29d9690f&vfdur=601&cbust=1670895355614251
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal113.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:55 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 12/12/2022 01:35:55

GET
H2 200 globalpassback_300x250.gif
cdn.besafe.global/ Frame 08BB 13 KB
14 KB 71ms
7ms Image
image/gif 2600:9000:2057:d000:8:455e:4a00:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.besafe.global/globalpassback_300x250.gif
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d000:8:455e:4a00:93a1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36819ca2340b20813e1d2eecff934810e65167f054d1f62cdbaf774f0136bfb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:04:41 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jul 2022 20:03:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 66675
etag: "d52875943b6fe3d6acebdddae888df6c"
x-amz-meta-sha256: 36819ca2340b20813e1d2eecff934810e65167f054d1f62cdbaf774f0136bfb4
content-type: image/gif
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 13504
x-amz-cf-id: YEC0Un10UCkWkF9GW00r48hhyA9hePBgWsxuEqm2ooNx4c5FUEAEPQ==
x-amz-meta-s3b-last-modified: 20190925T154054Z

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 08BB 27 KB
10 KB 140ms
106ms Script
text/javascript 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?sz=300x250&c=307801502&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=307801502&sz=300x250&js=st_dapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-85.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

6b1fa95a8ff9ad6a7560602756837daeedd22091fd9d0f85ae7e9168bd0fdd13

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA2-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: XdZuHIerHKQ9clzfN1Q3qq4c-RZPGmT0d-Au2GjIJK5Ca2Ys8LMc6A==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A41 36 KB
16 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 7711 34 KB
16 KB 22ms
21ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=56680285;rtbwp=vXgnwwQaEhSLbrKOIVyWtolpchFwPv_3-oI_bA;rtbdata=RjLxfiHQw_jn7xi34bmqsy3c7UBwKD7QOm4MkqbVaBA-smWuS6dadgWa4mCAamGjiCR-qtG58IVvItvqXyf6-hMpVG1pj7EseXOI19JDVgrJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_mMRNgj-rLtUmpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame FEDE 34 KB
16 KB 44ms
43ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=57914107;rtbwp=HRV1L2z-HaNNQo2Apx0fqOYVnSw5dp_BT75gOA;rtbdata=C2bzdA4hVWzs9trUd7zLVWNFZOanHEf4M9UGUdmrwiwY4O4CnIdG40KNea_3_9qz-4sMx71iAGuKOTwk41EmjrzEY2yzrFxVgtMcHaC8kqTJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRpueZ4dcGCvgGdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrevnFFEaS7agsN4iOtIBxgX0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 15E8 34 KB
16 KB 46ms
45ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=57914107;rtbwp=nWwrKoCBlz6HGt-U83xIK71BzXRAhF7GE6q8_Q;rtbdata=xiHm6YAi-vVmr_3gZKRm98o9mQGY2QuHISffqLP7hA4tKTyUe4hs4hOKuvwmQ4wO_s_x9blzkuGytvWJqDnzen-16bq5Ws4PbvDITuqjyFbJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRrtdS2MB8-ROGdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrcEoKrUDHIGNMN4iOtIBxgX0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame FD3A 12 KB
6 KB 35ms
34ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Dec 2023 01:35:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FD3A 1 KB
2 KB 19ms
15ms Image
image/webp 2a02:2638::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

54673873b4cdd4e6da9d13577fb5315ff7dc8ee9be6787cb412394e995751f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=396765
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1398
expires: Sat, 17 Dec 2022 15:48:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FD3A 1 KB
1 KB 21ms
17ms Image
image/png 2a02:2638::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

74024ec471def17a6d2835f88223678a094f8c10ccda405a0543445c31945519

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1050
expires: Tue, 13 Dec 2022 01:35:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FD3A 3 KB
3 KB 21ms
19ms Image
image/webp 2a02:2638::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

bf6ef9f2ec28cdef4f1e3b49e7c0b2a6f05c027fed9f2d685dc7815a2a76c355

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=478917
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2732
expires: Sun, 18 Dec 2022 14:37:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FD3A 1 KB
2 KB 21ms
20ms Image
image/webp 2a02:2638::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

4dfb6311f1957e1e105e976bdd215e563d021b8bc3101a03000379b5775ff6b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1410
expires: Fri, 08 Dec 2023 01:35:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FD3A 5 KB
5 KB 21ms
20ms Image
image/webp 2a02:2638::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e02f46e85f6770be2421ab66bd10b74fbc709975e876588ece1965fd533aec1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1458
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4662
expires: Tue, 13 Dec 2022 02:00:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FD3A 3 KB
3 KB 18ms
18ms Image
image/webp 2a02:2638::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

c38e076da21dc997a97ba46c2464b656b9ab308a34318c250fb42b77e0588172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1155249
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3064
expires: Mon, 26 Dec 2022 10:30:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FD3A 11 KB
11 KB 21ms
19ms Image
image/png 2a02:2638::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=76&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=y9MaZ2kysatRTgIoZYWcMJ4C

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29822426
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10911
expires: Thu, 23 Nov 2023 05:36:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FD3A 1 KB
1 KB 33ms
31ms Image
image/webp 2a02:2638::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoPwC-2965DE.gif%3Feb%3D1&v=3&w=400&s=ZjkQ5I-56oZpupDblCrnY27-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

a9c3152b1f921defaf879a7f6514623aa21e0656a12f143b20cde6648ff5036c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1226
expires: Tue, 13 Dec 2022 01:35:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FD3A 2 KB
2 KB 35ms
33ms Image
image/webp 2a02:2638::c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoTenneT-TSO-GmbH-110384DE-2007171017.gif%3Feb%3D1&v=3&w=400&s=K-3PJr51hfvcuiN6lIIUrs0k&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

f926209935ca9f8bafca9b4a40545b04af2fbe2f1a256036e4d6bbe2d048b8a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:54 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=40305
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1874
expires: Tue, 13 Dec 2022 12:47:41 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame FD3A 0
127 B 40ms
39ms Ping
text/plain 2a02:2638::21

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=dpQbxSo7rBllT981rCupaNj_KMim086H6Qe0sIF0SGt-pe6BzRR1jin0ntsE-jFSpkz6t6VRUZsqBDph8HLB7JoY0N2X4RSONNQ5UEuGj0ncxkTnV6RKw9RI24s0WDTYYJVsXlpRXKpDw9TWfwFcnf2o41f5v4o-B2DLclR_KVBzezCcTWYD7EO_QXDGc-ltiOdwR3jsc9rcZ49mitnhXiBLkEpjE0J8nbCWdTI3VHqaTijI&sds=2&rev=83862.2&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame FD3A 2 KB
1 KB 42ms
40ms Image
image/svg+xml 2a02:2638::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Dec 2023 01:35:55 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame FD3A 2 KB
1 KB 42ms
42ms Image
image/svg+xml 2a02:2638::3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Dec 2023 01:35:55 GMT

GET
H/1.1 200
OK viewability Show response
ad18.ad-srv.net/ Frame DA23 0
150 B 235ms
13ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad18.ad-srv.net/viewability?s=47471400004385301467939012172018&a=ebba3d9a&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkdonne%26e%3D1070536818601&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAAOCjcM0_MFdxcAqnjD8W9rTDX5OVPxKoJlOa5EQSXg18asgO4Wb51pdjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAPycl4gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521tRb8dwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0D8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96588%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:56 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
ad.ad-srv.net/ Frame 9539
Redirect Chain

https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=91be23a18b3eDu_b6bObJyZjNmgjNYA3VGAjpQA0zHIYy8mY_Hml20fCapXWQ9YDiLXh...
https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=91be23a18b3eDu_b6bObJyZjNmgjNYA3VGAjpQA0zHIYy8mY_Hml20fCapXWQ9YDiLXh...

5 KB
2 KB

74ms
36ms

Document
text/html

144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=91be23a18b3eDu_b6bObJyZjNmgjNYA3VGAjpQA0zHIYy8mY_Hml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=47471400004385301467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fp9bgiwqovj0u8i5%3Ftprde%3D&uidRedirect=1
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkdonne%26e%3D1070536818601&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAAOCjcM0_MFdxcAqnjD8W9rTDX5OVPxKoJlOa5EQSXg18asgO4Wb51pdjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAPycl4gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521tRb8dwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0D8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96588%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: c119710b71ee981ff6d18c6dac3d00f96c9453aa7c8e02db90edfbb11bfce9a3

Request headers

Referer: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkdonne%26e%3D1070536818601&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAAOCjcM0_MFdxcAqnjD8W9rTDX5OVPxKoJlOa5EQSXg18asgO4Wb51pdjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAPycl4gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521tRb8dwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0D8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96588%2Fclickenc%3D&uidRedirect=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1572
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Dec 2022 01:35:56 GMT
Expires: Tue, 13 Dec 2022 01:35:56 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 24697600004385701649441012172018

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:55 GMT
Expires: Tue, 13 Dec 2022 01:35:55 +0100
Location: request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=91be23a18b3eDu_b6bObJyZjNmgjNYA3VGAjpQA0zHIYy8mY_Hml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=47471400004385301467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fp9bgiwqovj0u8i5%3Ftprde%3D&uidRedirect=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
DATA 200
OK truncated
/ Frame DA23 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/cynamics/tools/js/ Frame DA23 851 B
1 KB 241ms
9ms Script
application/javascript 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkdonne%26e%3D1070536818601&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAAOCjcM0_MFdxcAqnjD8W9rTDX5OVPxKoJlOa5EQSXg18asgO4Wb51pdjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAPycl4gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521tRb8dwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0D8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96588%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 Tuttlingen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:56 GMT
Last-Modified: Tue, 03 May 2016 20:55:13 GMT
Server: nginx
ETag: "57291031-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK viewability Show response
ad18.ad-srv.net/ Frame E01C 0
150 B 228ms
13ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad18.ad-srv.net/viewability?s=44605000004385401467939012172018&a=d9c627a8&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsuqdsfso%26e%3D1011989061034&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAACCuR9E_MFdxcAqnjD8W9rTDX5OVP75-96a2J9QqXg18asgO4Wb41pdjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA0iaD9wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaJeAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyOUD8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTI5%2Fbn%3D97054%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:56 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
ad.ad-srv.net/ Frame 003C
Redirect Chain

https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=6d9163666083fUDs4va84H7b7q9LtUmggOZ3DyPJ8qdLBT55zuIeJGi_QMOieXJYh89-...
https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=6d9163666083fUDs4va84H7b7q9LtUmggOZ3DyPJ8qdLBT55zuIeJGi_QMOieXJYh89-...

5 KB
2 KB

62ms
35ms

Document
text/html

144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=6d9163666083fUDs4va84H7b7q9LtUmggOZ3DyPJ8qdLBT55zuIeJGi_QMOieXJYh89-NcSnNhB8i1jx7Uxnzhn2qAR94NRvI1vsgHlNw4blJEJJ1xS9SQOmpqzEp3BaUiGgea3hwilTJJLOTlOxcknGDNsfgWhTaVpnQob3SruDRvNBfomSTNr&subid=44605000004385401467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fpbtqwpcg7ki48v1%3Ftprde%3D&uidRedirect=1
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsuqdsfso%26e%3D1011989061034&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAACCuR9E_MFdxcAqnjD8W9rTDX5OVP75-96a2J9QqXg18asgO4Wb41pdjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA0iaD9wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaJeAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyOUD8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTI5%2Fbn%3D97054%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: f6d9d95a0594ee4d71d14f131cf8345e091091bf66be36d912aec92771b0c52e

Request headers

Referer: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsuqdsfso%26e%3D1011989061034&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAACCuR9E_MFdxcAqnjD8W9rTDX5OVP75-96a2J9QqXg18asgO4Wb41pdjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA0iaD9wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaJeAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyOUD8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTI5%2Fbn%3D97054%2Fclickenc%3D&uidRedirect=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1573
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Dec 2022 01:35:56 GMT
Expires: Tue, 13 Dec 2022 01:35:56 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 62487700004385601649441012172018

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:55 GMT
Expires: Tue, 13 Dec 2022 01:35:55 +0100
Location: request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=6d9163666083fUDs4va84H7b7q9LtUmggOZ3DyPJ8qdLBT55zuIeJGi_QMOieXJYh89-NcSnNhB8i1jx7Uxnzhn2qAR94NRvI1vsgHlNw4blJEJJ1xS9SQOmpqzEp3BaUiGgea3hwilTJJLOTlOxcknGDNsfgWhTaVpnQob3SruDRvNBfomSTNr&subid=44605000004385401467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fpbtqwpcg7ki48v1%3Ftprde%3D&uidRedirect=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
DATA 200
OK truncated
/ Frame E01C 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/cynamics/tools/js/ Frame E01C 851 B
1 KB 236ms
10ms Script
application/javascript 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsuqdsfso%26e%3D1011989061034&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAACCuR9E_MFdxcAqnjD8W9rTDX5OVP75-96a2J9QqXg18asgO4Wb41pdjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA0iaD9wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaJeAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyOUD8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTI5%2Fbn%3D97054%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 Tuttlingen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:56 GMT
Last-Modified: Tue, 03 May 2016 20:55:13 GMT
Server: nginx
ETag: "57291031-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 76B2 34 KB
16 KB 41ms
28ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=57914107;rtbwp=CjkTFq2MfMBS5qqFQ7YbLmtTm_xCLhNaVswVWA;rtbdata=ke90qzTFtgwUEGpwB2OIqC4RsVuxr1GI3JBvhZb6xGvOc7CsNg_ScpQ6P-edhvCJURcl37Kesj0aunzkbEvh61f1DkI7YuDkw3ZguOXyGLrJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_EpdKVVJPub9h8aTD3DHXZeu8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame C6F8 34 KB
16 KB 41ms
29ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=56129379;rtbwp=e4NwOcW29uF7feEByOXVe6J0jcoeHMvkpZFDJQ;rtbdata=wne0tGld-9ln1ew8_xv8abSxUM8Ag-rBFx-TXaKZ6P-6lPtbCRI087HxLXDO7UtQZaJ2yecpWLs_8jAC91urPWwneLafaP4DLmkf3M6pIyHJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_wEqmWq2V8i5h8aTD3DHXZUaZE5fSFo-peTqcoE3up6MpcWlM66LloJcp1C8rulQawVlJQDJVhiYuouAqghP3omnlVwJhAxQOQeEimShqzcc1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 7DA7 32 KB
8 KB 27ms
15ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame 7DA7 2 KB
2 KB 23ms
11ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=pIjprdQVl3zmDdyNw3cSGVE9X2KlB0r2sGmOhVE9WTXtSsdvslkUhBmhi8XDu_Q2v4-xzsvQ6hkCHauhkDM2VaeOlRnmmlEp7rd2-UIinG_JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesekeP2M9dIFcsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17AC2O2N9A10opfGDJE9HZUO9nibwhW1jaSvZhEBkHI_cJoG9QWsDzBkD7nkL9m7DiSBD4WIT5ePsYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIDoDWQQdoDSy6EhqtDSWEHQ_L3MOqieVcDs0ruxrTHEZTbmz62WADnl1zXOOQe6QY4zFF7kz9hsk-4XDfjaHqTcKaA6nicBPseDIXSV44hYQ4rXpmTozSPnMD_rxmhFoKzWJro81gZBX2O_3J4z2dA5rq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRGSaF_lGlkdZoVCRWfIwEGjuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: e21250275f309ebc467c74db2e7e5a9fb23f5fbc1aada0b098387165921742be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:55 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 7DA7 35 B
468 B 29ms
18ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=EbiSz6OwT5gbKKFIf3t-qdk8lvAL0J15DwUTFvuwshcJDwKV3Zer3EvCRUGV6Mkbe8Z-pRyoIjHfIJCxOujWuGQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame A30D 32 KB
8 KB 42ms
30ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame A30D 2 KB
2 KB 22ms
12ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=nedVi83Wsns5y_gHEO1oOq2iFWU34Wb0FFyZcKivfaWB9bPyIGiXx5EOAGbjPBIsM8PBq0CnifYq7vt4QMBDCjmRFfAV0C7HLuBRMnyq9gjJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesau_9YhHhNXcsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17F8Yxsrg2ehw0y3MVHqcy56-v_8xUO9xwSvZhEBkHI_cJoG9QWsDzBkyQ6DT3tB3ISd7xcqkAcPdYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIFzi0pukx6wu5fpCa1QzQrFNH9hkxthG4zugUj2beSvTb-MmQXLeVI8yNqQIU8uo1HH6IW0B38dh1N6AXS_0tYuSy7mLzaDKoOrgQtEsqCtw4rXpmTozSPnMD_rxmhFoKxevcvz4vmvpWHn8CsoOzUprq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRH27A3lI1JyJoVCRWfIwEGjuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: d916ec556171da2363098a48450e2c1725097ee84e84663c2cde258e379f0b29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:55 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame A30D 35 B
468 B 30ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=H2lZeRNA2hn_unnwYn_h0n91-_zek6yXDwUTFvuwshcJDwKV3Zer3EvCRUGV6Mkbu3_ccD0hNT5KF2e_SkU8mWQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 5226 35 KB
13 KB 247ms
24ms Script
application/javascript 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 587858
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEgy%2BwxRxYm3%2FvDy%2Bmp%2FVG0EKDBgRkN8fLouub17eBAStkJ656IAJb%2FyIb14c3u9PXh8dTNhjBem3dykikzWP%2B0w1UGiQ2NUdJH1Jhg60ZrFbwdpOm2L3fGtl9PCfeAU2w%2BSx%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 778af74748d292c9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Dec 2022 06:18:08 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 5226 35 B
468 B 29ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=52776760&csi=4XKrWIsJqJxWqp_zdDAJbAl-Kf6JAs2PLPBQa8oKLK4JDwKV3Zer3EvCRUGV6MkbBFEEdndy_PdpmWsZMxsr6WQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 137E 35 KB
12 KB 248ms
27ms Script
application/javascript 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 587858
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgvVsmuMpafwV9FgeuVaYX6TTWawZsXSp3R4%2BqoOBkp%2Bd2dxZWjOKmIqfzXfegs4TCstVgi9HtL45nNsdnkxsojK%2Bskq0bYyyk52Nd4%2BoBgSpGvofxByG9WxhqSLLPlX5foFyOM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 778af74748d392c9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Dec 2022 06:18:08 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 137E 35 B
468 B 30ms
23ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=52776760&csi=R6dJMHOiu500h_YrT7OfZw0qQLmaXvOwLPBQa8oKLK4JDwKV3Zer3EvCRUGV6Mkbpew9RKMqwkq_zkyW4uc5wmQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 99E5 32 KB
8 KB 39ms
31ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame 99E5 2 KB
2 KB 21ms
13ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=ttNmYRvTsQunmS9emcxVN389yDirH5ObxDPw0vN6APreduWji-OQ-FAnoZODnFtPMwMF4_14hWwQsMNaN-onzKNBAZmtQXAYCD6t9pjcdoDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesN2kt0MFgTmosOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17MBG3kk3KdVJfhoREAwAoqReYw_UxOrGfSvZhEBkHI_cJoG9QWsDzBkVO8TClUps9qgIWOP1knuEYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIJtg5oaFFH-5YedKwI5KqtCO9wMp-nf3ZFmNfixCh20W3NCATQElP4wlAHk-xpOC1CH63ycwm7TfWzrtEz7kL9GHYevDaxcr2xCn-uH05T954rXpmTozSPnMD_rxmhFoK-B7Q89A-cheWs3YUhMctt1rq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR4sq1G-TayuxoVCRWfIwEGjuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: c0a7466f935bd45172a588eb763429df7bda9ab919c2fa241efa9b7bb1c5a805

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:55 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 99E5 35 B
468 B 27ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=IgTSPO_1acSjSlN7n-rLGsWvoC9eDMdtDwUTFvuwshcJDwKV3Zer3EvCRUGV6Mkby2SZFCrr4RudXkaTm0m0g2QBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 17AE 32 KB
8 KB 39ms
32ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame 17AE 2 KB
2 KB 19ms
12ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=pIjprdQVl3ySv3BQcZTyESFpyzIuExD9-IDL9rSQP86zgixjPE8clp7RJsIFLDe-QYDD5jX1V7eRz_nKojNWsGzyMunvTlGSwpE1mocy1wDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesXTw643e2q1EsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17D6DefE6Mc-BP6I0IVF5oElKhYzMFQH5WivZhEBkHI_cJoG9QWsDzBlo_5Ie-z-nZhILOIA61IlBYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIGRgxI_AzVSpa_fkYsQf8s0PSbpwrAVJhV3TDWfDeqfeXGHkVFgBcDOGxPMHvN2edaTZ87-O2soFS-EhQaCNucKXhpy5tUMwUKecKbQJR_wv4rXpmTozSPnMD_rxmhFoK1c-2bwUKXHzbC-nGWd8s81rq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRdpq_tmp_XixoVCRWfIwEGjuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 0227225b4e8b87d21a49783e52caf545ef47516b85b14087be79eb8fbff09d77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:55 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 17AE 35 B
468 B 28ms
22ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=RcUAeDq2EMyaGafwxoqQE3HdWkVH7G8eDwUTFvuwshcJDwKV3Zer3EvCRUGV6MkbcfHjxW_p_nXtyD_0G-yzbmQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 2674 32 KB
8 KB 45ms
39ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame 2674 2 KB
2 KB 31ms
25ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=TJ4qHFkmLj2xjbj_DSPSdv8uxOp4VadipWElZEXNR7CdflIx-j2gb9O6EqB0BAToBRxu1Oeyvg54EdaJDVWTOG9WF_Ms9DQUf2ZiUkc-_kbJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckess0drL8uHixwsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17MBy28sy6KMM61o6Ql0wXMDgt3sm-_h2hSvZhEBkHI_cJoG9QWsDzBlGWXBmC_q05zD9Q1dnaMSRYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIBtxg9MDdXQE0pRzXvGYyQs6TpZY6UqVPnGGdQVn7E-j73D_N8ifuJXDnp2w4xn2u3LJhEsIQ5Xnee7diXkN-QG1cQMo6pGGCKEMXkc7w01b4rXpmTozSPnMD_rxmhFoK4nCXpfWa3LxfqlSBre6sLprq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRmArYgWa2mT5oVCRWfIwEGjuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: b063714d9e7e3c9a79c2f801af76a0a28d2bd296672da316d23ade01abfcace9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:55 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 2674 35 B
468 B 24ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=BMFrvaPpC6IEUmSCtb4uXel5UcHZtP0lDwUTFvuwshcJDwKV3Zer3EvCRUGV6MkbwjE9lkf6Yx3tRIIhrJeQpGQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 9E94 32 KB
8 KB 45ms
40ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame 9E94 2 KB
2 KB 19ms
14ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=6kB3crmDNKsA1erjN7kBQz-9bdwi6BnBrBdr4bZSs1vPg-k-3Jylr01REz67sdhw2B0rW3xYz1ou2lf76kIC3K3AWcvoosZedRDZMebUfw3JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckess0drL8uHixwsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17PK8e6d4h0NUzWXR6j3a_MQh6loRpvAGrivZhEBkHI_cJoG9QWsDzBlk6PVdaGkbtiGeFMVfGZToYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIJARaPTGWE9CCh2DGbQYvjpe82O6-LhNZ83EWb3heq5Wj6rASBpWCUGlkRoZ8nPa5XwFQ7lyGLnn4zz4n9Ycl4r5BHjm-qQoqebfACWDpHiA4rXpmTozSPnMD_rxmhFoK0oP8_YWsr38EK-bw1jvrmRrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRgkesmTuxZuZoVCRWfIwEGjuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 24b22be35003424b00f5b18f034fd784a2919c4195bfb4137d6ab845c4a91323

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:55 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 9E94 35 B
468 B 27ms
22ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=OT2r_7MNxvUWk8isVMXeo4UPMo3jP5eZDwUTFvuwshcJDwKV3Zer3EvCRUGV6Mkb3P__hBDlrygoPzTeH5niymQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 69D1 8 KB
4 KB 26ms
25ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=nedVi83WsnvrGTbicvU4oaYPmAsr313ySWYaKhB4SylRkGsSQ0eu8U1REz67sdhwk_NyztNUtlOOiS_yYpnDhiYOaG4vBPm6DF2OhZGJg0DJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckeseCfl9291i0MsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=X8t-36h9nYR42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-QqHFCVDKYQGwdS1gx69IWBPnaSym6moQzLK1bfyl92rNIMheK2qV1G8ZXE8_p-CgxcqC6ZP3_v8UgO4kbKKRHjiVaigPj8CtC487kQPD7qPMfMEX5By_Xskui0bMBUl7GT4sDDTmQgWQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=21x;10800;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1b345f3e04b56ea7847f1359c4cb0713c1def1377bc7347a7ff9c06f3ad94655

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3307
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 4439 8 KB
4 KB 20ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6kB3crmDNKsWM8u-B9O9gTvyK1tL95FjWESo1RIi1k1UV91viSPRx1AnoZODnFtPmQka40KdyHm1YZZo3kUXGXLmq2F7k582Bw8SFJsAcSHJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes9B64T1zb0aAsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=u0V96RrWX6h42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SmLsoGx7NKPFojyZHjkG7c8tjiCYe453KNRb8TcQu-OG6ZerffyPdz3MpirWevacmVKBsZMbsSOnpPbsBybqHO7pcn6Y5yVtS487kQPD7qPMfMEX5By_Xskui0bMBUl7GPSLnBsB6GAQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=22x;1684;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1b951b019597abfe48ba12156151bad7af288b9ed834f0ade5d34af17a22fe68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3310
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame E89B 8 KB
4 KB 31ms
19ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=pIjprdQVl3zDnit8BXfkBXYFMvGzwv68tn77L2WYW9wZKuSWxLVPfZEOAGbjPBIsxULr_X-qKlkJZAsOfr-2Bj__zz8Adx5q1qHOUHFUD2TJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckestweyTTgh3e8sOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Dmeys1PED1l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-RIOqTe9eBjKWHdsY6M5eKU_h8Dz-v8sHEJj7v1c9EkUxVlpk7jyXHcPGLpIY9-897TiTRhr_v3p2RvwN4xUKSL5ufGupi-kGC487kQPD7qPMfMEX5By_Xskui0bMBUl7EHSfKiolvV7AO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=23x;9721;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6f0e3b338536ca60d62e75995cf3c3143dee05fb978cc5f31dfa0a610c477707

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3310
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame A886 8 KB
4 KB 25ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=R0qCEcXgZSFFrKo8oEky-e-cIFDb3Zlwn4hQAqJ1GQaPEWqxVMPxa5EOAGbjPBIsN2bTBkk7hALfxo9hzdclO-ad-MTVp0wbEjHbWULcdyLJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckestweyTTgh3e8sOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=PIEuGyvXXXh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R748V44QkG42at0E0NF5uYd_mQ5ZOjeBjJe-BeaBGXU7Cz3WbHU3lGTmN4lJGFn7vL-NmpDJUJzoaBwP4h80iECQvqLRQMmiO487kQPD7qPMfMEX5By_Xskui0bMBUl7ELsPf8meMzvwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=24x;3675;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e9b8b03a84dc45a30ca886bf10f8d81b8fe7e30497956329defe23d65095aa9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3302
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 3F00 8 KB
4 KB 20ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=Bn6VM2oCxsh3PPOV55lLABHLO7eOUZZCdGVG0m3hGQtWJobxScKznTZ9JNJrNRQT0Tg6Oi8JbQmNNUYEthR8m9Kn_0N8GggcRCl4QzTGvk3JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes-oud5M6wThksOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=qSa5lKNbOYR42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T-U_4_PkKvOAEn0u8UCDXJcaV2rIZ-uYMHSIOSGTPhw-_4r12wTmMaTvNa4PdpnBAhk3WoatXs9tf_t1_4lF9gBIAz7fY1yPq487kQPD7qPMfMEX5By_Xskui0bMBUl7FFlxhuOX0aOAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=25x;2336;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e917ce1f760bff13ffca93970bfa8669dc84b66316654aa99d615ebacd409e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3303
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame BFE3 8 KB
4 KB 25ms
24ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=60048282;rtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;rtbdata=6kB3crmDNKuGLn04XPWPSErVV_ckqU9qLXJo5HLbTjX3VHuUvcUEydO6EqB0BATowXdz7qlQPQl2MzsghNnt236CkpKrt8FNcc6ug0h1ahjJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckeseWavUdsDT2MsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=C2p2hd2b5HV42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-TVgJBnfLkelLdyFlH6jrbbuNkQ1OEvk30OKK-aMiMtio8D7f9ddppjZUl_FOyH8hGPxu22c7tBtoypF-O_Ox7iCFZ7L1zmW1y487kQPD7qPMfMEX5By_Xskui0bMBUl7FkqXhNhponOQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=26x;10562;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2e62b0b483c3dbcd06d15c832e2068f1db595e0e2f8ed02584ef936128c900a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3296
expires: -1

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 9173 32 KB
8 KB 15ms
9ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame 9173 2 KB
2 KB 21ms
16ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=6kB3crmDNKv4UBGNctTrpXUmOCVbLVYNxJU5JkiVqYUqoL8sPvzXLX2yRoDgrbSgFMtimstrpkHJQjdlPoMfCL5jDvSgfUrnROzIeBYU_NTJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesGUYtvN61XXQsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17JsVaBiQ30Y_6TpZMt_KfYzKT9VYMHiboSvZhEBkHI_cJoG9QWsDzBn_tlp4832UotOcabnSN2SOYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIIQGoNbk-s4oC_BE1CDYNwvcqzfnZompmbv1DEge74uCi-nbTXmwr_uc23ZAPAlQnNlpp_WtEeQM2Wn9TGX44JgplVnfdRTeclOVIqwKN55w4rXpmTozSPnMD_rxmhFoKzROMlGGe6iuGJ9mo626PpJrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRweDf9XIDlpr4O-guf7YkdzuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: ed64681c89dcc5485cc6b7640b4544a2ace9fa28f386b4ebc77445966d2ee723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:55 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 9173 35 B
468 B 24ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=vwO4kM4MZpmfxeoIRV07rQXQCyKAgjOVDwUTFvuwshcJDwKV3Zer3EvCRUGV6Mkbh1cJ0MfLTgPd2hAFTcR1HmQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 0994 32 KB
8 KB 16ms
13ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame 0994 2 KB
2 KB 19ms
16ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=el6TqoVMDqYb7tNGlrpsfcRcs9ioKD-xUF5UzR3KyZddEAOw4zEnZIPGMD3VRZ1RF5edEVELpTqn125GOSg9QiT3XpZPf5rk_r6OL9_eogfJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesasoVfeTdcMIsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17GgTB9Ayd6Nu4wrclQR54e685eB-ZosCzSvZhEBkHI_cJoG9QWsDzBneB3BfhDUkOc_dF8_fK3BhYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIGZ-EQns79LWZrXozCnacxof3qLrzDATx_De-HWXpHHcXICQspCdHsLUouMD1eXeevvRy5tfNAuWU8arxRZQoD47R4-WwAy1cin_ISY_3udc4rXpmTozSPnMD_rxmhFoK-W3WvpleCIJi2SGrFDkI81rq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRv3BDCeEJtBb4O-guf7YkdzuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: ac398155a8059324068a96cbfed173bdacc0a18b2b0d300e98a6ccd4193faf1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:55 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 0994 35 B
468 B 22ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=OBpIdeeqMy_nCjP9diV9Tw2PulqxhaufDwUTFvuwshcJDwKV3Zer3EvCRUGV6Mkbirrqwl3wbOUUlHUgs9fJtmQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 2650 35 KB
12 KB 180ms
37ms Script
application/javascript 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 587858
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftzICuRkxcaCepoZE5cBxjY3HIa7GPqavy5kipM34BZGPuu%2FzLiluxburSvGniqltFFPKVXuPYNlkV0KK0CQEzpe0y0kO9CyurOIMwyymmJsZa49AvWdHdil6kogcqaTTMIqVNI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 778af74748d492c9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Dec 2022 06:18:08 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 2650 35 B
468 B 36ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=52776760&csi=RoHrEx8baiD2Y4RsL__tfjimjRuYRAsiLPBQa8oKLK4JDwKV3Zer3EvCRUGV6MkbeNcg2ep_VX7V1PJ_LiRDmWQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame D00A 32 KB
8 KB 24ms
9ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame D00A 2 KB
2 KB 28ms
14ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=6hySndOYzXWS__Fe_uvTDI3j5kggto7jPBI6_rGR9pErFycflZbI5Rmhi8XDu_Q26_iPSMtem97q8ZB0JSq1PUwu_OYHo1IF5Q_0LNFeFg7JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes2EdVqHNfd24sOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17Ef1PgsvfTkwvBWSwYsoK9i-4wSt8kziSivZhEBkHI_cJoG9QWsDzBlA1whvxiF0AWyyDn9QDoliYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIKbl8TWDRZCMnE9vCaWYKl2Wb-zxTaO8fTBgyLsNN0fjewRAP4ibU3ej3_zeVagWEYZUOu4lqFbywbenasZ8IN6XyztqpZrn1SG-s4gYI_oc4rXpmTozSPnMD_rxmhFoK9kUWndKCONbUwpzT0hjO25rq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR6o7YPNaJkE_4O-guf7YkdzuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 177d734369ce45900b28418a9e0cdfccf3c606da148bf55e625e0a59b7fdc98f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:55 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame D00A 35 B
468 B 33ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=yRJSE3hujojK_qnmmdYZ-ITyGWlXmsIjDwUTFvuwshcJDwKV3Zer3EvCRUGV6Mkbr3nHscL8T1lGbH1alslZemQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame C52D 32 KB
8 KB 24ms
11ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame C52D 2 KB
2 KB 28ms
15ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=Y7sXdZWOOc-P4tg2rjcZDuV-vAoFg3rR6e5SnFOtbCUCzDYGSodiszRRtJvKKd9iQSrVwV_t9ZSyYnsiak5Wz7IlTwkxmgzbF8nJWJEd0rDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesPx0qJA48hjMsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17JmiGRh_hv-i_zW2JOSySxNH2_p-BqMbOivZhEBkHI_cJoG9QWsDzBnyZzSN3JD68OjJQ5R1nsC3YJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIOk57TEtfmfJM2NFtpzpmaAGiU5jQ81vacMll7Z5D4Ocn7sOZ-K6g5lTTRRw2gZjkdbAf8gsdZWMEYV3S3RZXI8JPsByBKxJXPfch21Jw1Z2fchxHaVNerPMD_rxmhFoK3o51cVb-xcfn_LtLwJFYCBrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRHXxkN2MvTh_4O-guf7YkdzuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 5e1d1fd991134d14507adc22afc194142d3e4001d0da7e0851305b100e359566

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:55 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame C52D 35 B
468 B 35ms
22ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=Xe5ehf0dFbyNVit2iK49-pdL_dL1pIOkDwUTFvuwshcJDwKV3Zer3EvCRUGV6MkbzleYPpvbjteW_7AU3PNiSGQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame D4D7 32 KB
8 KB 11ms
10ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame D4D7 2 KB
2 KB 15ms
14ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=hPzTdJMDKIg5v0ENd9o6GfZW2bmGw8clO7ZzS9YLmI1Ugl5JxTR721MM0KY5cE_zN5_ob0fZOSewJMpg2V_QxBh1LMHJJ3lk0d0u2-xKx-PJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckescO8H3y7CrUEsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17IvYhWeYM2cJenR4zzNUlyrYfltm2YVkTCvZhEBkHI_cJoG9QWsDzBl9Ms4oTp_MCUMHqCi_zvd_YJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIDmGruYsJkk73gbI1_AQTm-FsSqpxRmdSvXgxDKyno4rdyBBFcn44x_gfdV6eZQ4HaIWrbC6hoBr-L5fqH45Axhr2jWzgucT8ctolXlQQDr8fchxHaVNerPMD_rxmhFoK3CAU8abZJ9uGpf2G29wBVVrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRj9MzvtcfbgT4O-guf7YkdzuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: e7dd3e1255adb51c5e44d8129a793877d4d213a7f805a8a8d4e74785aca8d999

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:55 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame D4D7 35 B
468 B 23ms
22ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=tzkh8yHu9MF3hBDtonKA3PpSeGZmD9h-DwUTFvuwshcJDwKV3Zer3EvCRUGV6MkbN-H8w283Ne8Jjr9KipMgN2QBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/jsmetrics/ Frame D4D7 43 B
208 B 22ms
21ms Image
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/jsmetrics/?sid=276&rid=10528&cid=33528&adfserve=1002&asset=22&deviceType=Desktop

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=pxx&e=1011989061034

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 14 Nov 2022 09:52:50 GMT
server: nginx
etag: "63720ff2-2b"
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame A372 35 KB
12 KB 144ms
25ms Script
application/javascript 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 587858
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWIuvQRlPzShd0uWJyCMhziTDZwBxl4hh8b0DV5DUeS3Pmqqtu3uDGsTOTfDBypzcwpYSCaxayITvbt3KWIIl7F5tCySP7%2BUAjrTjRK8TlnNGhIFdP9XkyrXuCYip9dwOXLeowQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 778af74748d592c9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 06 Dec 2022 06:18:08 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame A372 35 B
468 B 21ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=52776760&csi=kJjAnNkbnZX6Q8vqgLEXQhJqBXyTSsRFLPBQa8oKLK4JDwKV3Zer3EvCRUGV6Mkbu5nJiSaWMU7kPoZz2u14KWQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 056F 32 KB
8 KB 52ms
29ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame 056F 2 KB
2 KB 34ms
11ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=el6TqoVMDqYxl0wbZ7BTsjDPbCsHC3IuGyi96-iBEXiuGCq_BnXAyVAnoZODnFtPbcnv062g4GWlmXc3im9CjgvvoiRcP8PVuzVMIBRTO13JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesqB15WDlK0ZIsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17BTm0q_P_cbZyAQhyDtLC0X5JbXTyK4L6CvZhEBkHI_cJoG9QWsDzBkibNCqSYZ4RNqHPh2rMriTYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIN_L_iOsU8s6i7GOS1VHJ7YMI5sIBc_yMXmY7kTcWy4tzZB-KVlYOADtMEpZr9It-x7VXldrmy5Ot3Ro43eNrhIAkO_X2m7xTjf8Dbazjy18fchxHaVNerPMD_rxmhFoK7eUT8bBEc-RVfjw38Mm-nlrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoKfXVBgUfuH4O-guf7YkdzuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 4c9bb31944fd92a2e8f70383ec2587c7b4090244e8b761ae6f9a6383ee840fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:55 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 056F 35 B
468 B 43ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=o3rSu8p0Zg0XGH2ylAObIffbRziXClmiDwUTFvuwshcJDwKV3Zer3EvCRUGV6Mkb7gPyOcZwyoEVmiUc3T0vUGQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame A3A3 32 KB
8 KB 49ms
30ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame A3A3 2 KB
2 KB 30ms
12ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=nedVi83WsnvuwYG4pwN7wWQfmiISvqpxHJgnhBNEdMF-bIBZuq023dO6EqB0BATo8rexdUz48iFv3-m0nIg9zbxZStwh7Ig57Z88je1ZJrHJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes_HwUFDsxAJYsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17MEyhVf3YZurJLpsL3vChhiygqK2BPuanivZhEBkHI_cJoG9QWsDzBmefx9OCBYxK1baeTd56ab1YJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIEYT6foR4Ef9tUhjyNKYLq89fb8BBjHTrTFPg-mjtXRvGz36fqeMNbwlBIaTou60y_UAnjxOaYGp80RfLrkfb82J0y8QJ8NHsV1bOFngFcoPfchxHaVNerPMD_rxmhFoK-uad65qrgDENV-BVN-W79prq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR0udSj6MoTvT4O-guf7YkdzuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 6746d66aa779b4783173d6fbf4f83a8d7984de2de366b4ef491c943be24add84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:55 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame A3A3 35 B
468 B 42ms
24ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=x32S6P3BJ2i3SRZGr2glDCSDl85GoMWgDwUTFvuwshcJDwKV3Zer3EvCRUGV6MkbhawzOcxJbY6Uipr8ulim8WQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 90A4 32 KB
8 KB 50ms
32ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame 90A4 2 KB
2 KB 23ms
13ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=USZo8a-cS5k3HSapHNWz6KzboUFQG3yp0;crtbdata=Bn6VM2oCxshsJBJGaugXNeYj2aOaBq3B6L83QIj17HYYOBhAj_cAZTRRtJvKKd9iybm0rP3h1kj2DfAOsQzDQiEQN453GDQEUaFRSbckBQvJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesTbeAlC6eDDFAgpBh3_9PptmhJaxM7bDE7nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17PXMGtUiNYHmkEImNWUUG2NeebxzM7Oq6CvZhEBkHI_cJoG9QWsDzBlBVbdekCkBPWAvaa1T9du0KzUgJW84h3pkwpx8sIKJgTIMbDP56G59tC0QiFi2EhNHcxAaOI_3lqY4EkQwDCFdHhvah-yX1Bhbjzw_7dmKwRS1sS4_bxSpKUk2JNz9KhbrrI4RlVgr5WbMsLYKcoP0wTs-p88o_dHi5OFau4XkbW_jdQCFda1WmtZExxQvfaAhL2ZKY8k8lsP_XnMiEfXiCMPcreEvob2uFqwhPKLxp8yECIRnbFRCYaJU2uM20NklDKZN0ytZUcKQNGfQuvo_-DvoLn-2JHc7joi6uMgg0g2;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: d4e5d51ba22f40e63ab5a24b3625938d6ded9884b78ae57c0441682f96f3c488

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:55 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 90A4 35 B
468 B 28ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=H8ZEX0_LIMrpl1Dtkrxwn8EnKBnN1ghgDwUTFvuwshcJDwKV3Zer3EvCRUGV6MkbD1tzbaZEu1QJjMOPAZMiFWQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/jsmetrics/ Frame 90A4 43 B
208 B 34ms
25ms Image
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/jsmetrics/?sid=276&rid=10528&cid=33528&adfserve=971&asset=24&deviceType=Desktop

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=epztovze&e=1011989061034

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 14 Nov 2022 09:52:50 GMT
server: nginx
etag: "63720ff2-2b"
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 9EA9 32 KB
8 KB 42ms
33ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame 9EA9 2 KB
2 KB 22ms
14ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=A8iMOn7YAicxKiJTDezZ5f2f3J0MGoLi5odfww-H8VUNjxCDM4_Y3ecxbCA7OgRLTCm29U1ofij6vZ1rUVCusjBQC4jNBJYm2tncKUcnSd7JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesMYvWYadD4kssOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17EsLVOVbMCTrHqkUp7oyWSKcbJ7M7hIGNivZhEBkHI_cJoG9QWsDzBmwutm3L8peLevFFHt_7wqWYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIFavBoJIL1lTGj7rBJUSZkYXDn9s_vp-NafTfriSnhGhR9YtHO9TEMrCRCnF8iAg9nGIXgzOWdIJrNjOa9GgGE2nVMA_ns7BqKjVVx1lQtdqfchxHaVNerPMD_rxmhFoKzB7XYbM8Z9AG5SHpzvh6tdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRPcQwlJZIcVP4O-guf7YkdzuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 5b8230a755298ac32eade3d026e4bd42ac12f1e29712eb9b9d03bc9f5c838196

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:55 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 9EA9 35 B
468 B 30ms
23ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=9iMdINypCcvOo8DVKvXeLNU0IbPPwt0BDwUTFvuwshcJDwKV3Zer3EvCRUGV6MkbnUcv7_cqRXrt1KFFwkHmp2QBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 3455 8 KB
4 KB 29ms
26ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=59973788;rtbwp=VLPvAtWBS0AEFrZmp8rZv6zboUFQG3yp0;rtbdata=el6TqoVMDqZMvNrwuwj5L_gh-Krp2vjHtNVHQU4OBy0ISjrEtFpOfDZ9JNJrNRQTHWyHopwZA_vGeKpNH8fNV_6Q018Q_0xzIfeN7JC-XW7J04_xY4TIsqaR6UG2tCLk4xzBRbCjWP1VphNr_nErroI1dDrbif0SU4yEcxci_DWb1Jfou_okYKQckU2Fb4eYRmggcV4l69A5sq1GjnARB3zmVI9sa37EHsgSY50jif5CfsRTXA7rNEBXtIMbdIQoK6795bbid_rgluaqRTTtSEcn7z1MzRlCf7gpsbU7-dDPOHlrY1s6p8N4iOtIBxgX0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=d1Lp7PzCglF42u1ywTJ-2lrE5z_TqIuLhMXjfvPR-5DT_Xu5LeVuf7EkOMSwEW3PscLnfLql09UNU04UiohQU3Zr4kbBOP_qk6uZHsZLLLoxHA33UP0PH2mnAbalgP-j8j9zlpS2mQZuKM90GWTYi8Y_Zsa4g9hCnzYymPlhv7zTmUy7WOFjysfMEX5By_Xskui0bMBUl7Eykz4k76ChXwO8_7rsP1jj0;pui=CQ8Cld2Xq9xLwkVBlejJG2bM8sBoZ15gTaKerHfRIMPer1pltXZUmg2;;js=1;adfxid=27x;416;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d8bc530813505fc3e4d30358def81f78b2c8afbe77892d78c54749d9b1279ff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 3752
expires: -1

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 66E6 0
840 B 19ms
17ms Ping
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QKbCvQkAhsFAAADANYABQEI-K3fnAYQvv3dt-r2ieoqGN6a8NOG2cPwZio2Cf3Gy-Me4pE_EXq8k4a-v4c_GQAAACCuR9E_ITBXcXAKp4w_KRb2tMNfk5U_MQAAAEDheoQ_MNev7Qw4mFBAyk5IAlCT_PlmWLXyoAFgAGic3MQBeJ72BYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJTdWYoJ2EnLCA0NTI1MzYyLCAwKTt1ZignaScsIDQxMjYxNjksIDApO3VmKCdnJywgMTE0OTM4ODcsIDApO3VmKCdyJywgMjE1OTA3ODU5LCAwKTuSAv0DIUttUWNCZ2pGaUkwVEVKUDgtV1lZQUNDMThxQUJNQUE0QUVBQVNNcE9VTmV2N1F4WUFHQ1dCMmdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCa2U4SzhPRjZsRF9CQWE1ZHZJaHRrcFVfeVFFQUFBQUFBQUR3UDlrQlV6OXZLbEpoN2pfZ0FkbnItd0gxQVFyWG96eVlBZ0NnQWdHMUFnQUFBQUM5QWdBQUFBREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0dBQXdHWUF3RzZBd2xCVFZNek9qWXhNam5nQV93dmdBU2J2ZGtEaUFTY3Zka0RrQVFBbUFRQndRUUFBQUFBQUFBQUFNa0VBQQ2jHEFEWUJBRHhCEQ8oQUFBaUFYeEw2a0YZuAwteEJRARoJATx3UVY3Rks1SDRYcVVQOGtGCRYUQUE4RF9SLigACDJRVQ0b8ENEd1AtQUZ1eER3QmZfRHZRWDRCYkthbEFLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQm5zVXJrZmhlcFFfcUFZRXNnWWtDUQ1LDEFBQUUdjABHHQwASR0MVHVBWUuaApkBIXR4YUplQWpGaUkwVEVNAdh0ZktnQVNBQUtBQXhleFN1Ui1GNmxEODZDVUZOVXpNNk5qRXlPVUQ4TDBsVFAyOHFVbUh1UDFFAXwJAQRGawkIAQEER0UBBgkBAEcdGABIHRgQSGdBaVEREPD9RHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2Vhcm5tZS5jbHViL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7bAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTc2qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDzEwMDU4I0FNUzM6NjEyOdoEAggB4AQB8AST_PlmiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFsKIC-gUECAAQAJAGAJgGALgGAMEGAAABJijwP9AGuzPaBhYKEAEPLgEAYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOL8GQADIB572BdIHDQkRPAE4CNoHBgknaOAHAOoHAggA8AeLvwGKCAIQAJUIAACAP5gIAQ..&s=74d662e011113e72956a244014a1fb53fa2cd6bb&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=8662165811987353362&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957783&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:55 GMT
AN-X-Request-Uuid: 0ae4665a-54e8-4617-a638-ad672905fcd6
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 016C 0
840 B 38ms
20ms Ping
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QKbCvQkAhsFAAADANYABQEI-a3fnAYQktCamaWTuaISGN6a8NOG2cPwZio2Cf3Gy-Me4pE_EXq8k4a-v4c_GQAAAOCjcM0_ITBXcXAKp4w_KRb2tMNfk5U_MQAAAEDheoQ_MNuv7Qw4mFBAyk5IAlCT_PlmWLXyoAFgAGi4n8MBeMzyBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJTdWYoJ2EnLCA0NTI1MzYyLCAwKTt1ZignaScsIDQxMjYxNjksIDApO3VmKCdnJywgMTE0OTM4ODcsIDApO3VmKCdyJywgMjE1OTA3ODU5LCAwKTuSAv0DIXoyUFkwd2pGaUkwVEVKUDgtV1lZQUNDMThxQUJNQUE0QUVBQVNNcE9VTnV2N1F4WUFHQ1dCMmdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCa2U4SzhPRjZsRF9CQWE1ZHZJaHRrcFVfeVFFQUFBQUFBQUR3UDlrQlV6OXZLbEpoN2pfZ0FkbnItd0gxQVFyWG96eVlBZ0NnQWdHMUFnQUFBQUM5QWdBQUFBREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNek9qWXdNemZnQV93dmdBU2J2ZGtEaUFTY3Zka0RrQVFBbUFRQndRUUFBQUFBQUFBQUFNa0VBQQ2jHEFEWUJBRHhCEQ8oQUFBaUFXVkw2a0YZuAwteEJRARoJATx3UVY3Rks1SDRYcVVQOGtGCRYUQUE4RF9SLigACDJRVQ0b8ENEd1AtQUZ1eER3QmZfRHZRWDRCYkthbEFLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQm5zVXJrZmhlcFFfcUFZRXNnWWtDUQ1LDEFBQUUdjABHHQwASR0MVHVBWUuaApkBIXRSYjhkd2pGaUkwVEVNAdh0ZktnQVNBQUtBQXhleFN1Ui1GNmxEODZDVUZOVXpNNk5qQXpOMEQ4TDBsVFAyOHFVbUh1UDFFAXwJAQRGawkIAQEER0UBBgkBAEcdGABIHRgQSGdBaVEREPD9RHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2Vhcm5tZS5jbHViL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7bAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTc2qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDzEwMDU4I0FNUzM6NjAzN9oEAggB4AQB8AST_PlmiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFsKIC-gUECAAQAJAGAJgGALgGAMEGAAABJijwP9AGuzPaBhYKEAEPLgEAYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOL8GQADIB8zyBdIHDQkRPAE4CNoHBgknaOAHAOoHAggA8AeLvwGKCAIQAJUIAACAP5gIAQ..&s=2857f0806295f5284b66304cec3101552303a4ab&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=8662165811987353362&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957787&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:56 GMT
AN-X-Request-Uuid: d2d22b1e-61df-430a-ac0b-0f65905fc7c9
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame E46C 34 KB
16 KB 24ms
22ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=57892097;rtbwp=em2hP2KdrNeVFKJt-SXORM1zN0I1FqtF6Un-3A;rtbdata=w0gPlZmJKclf-oZP3yqTXtQnEJBpSwWI6S9GNls4EwOTNpx5Gr9VOxvIjdl7RKVdepWnkqbwvCvWzEt_cZvUKzsxOjnXeJux9CPSSKjEKpvJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRo_amOpC4z-tGdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrfiU0ly5wEI78N4iOtIBxgX0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 8BC7 34 KB
16 KB 24ms
22ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=57914107;rtbwp=t6U2F2EWMU9ythgf51MWyGiIKjg1hTtwFVALSA;rtbdata=C8pQXsG6MGInaXEP9JmiFOVBFqH3xFVvas7a2nU_-OmzEqcjlxIRvraIVzTFqXjpuPNnD07tIllqiwC5SzjbT01S3DLbpjOTtKRn7DZziLHJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_zQ3UQQloec8mpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 2A6C 34 KB
16 KB 25ms
23ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=56680285;rtbwp=zUi57vGt5nKTHPsQ2bnybJKuVObYMBE5yw3PRw;rtbdata=-0zUFzE6t5t_IRPvTPxcZ-H-auXvF8cnTJPvBNmSDLYFkqBCj8BOyISaE_Zh8bPLjp2cf6dT8KZuimXNwQpa6R7qBcHyD6lM6Jk7-YbVvWLJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRrbPiSuQrZ68GdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrevnFFEaS7agsN4iOtIBxgX0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 0550 34 KB
16 KB 30ms
29ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=57892097;rtbwp=boiAhbMWi2EyOmpRE12kgGrAPs1Fvmio11s9UA;rtbdata=QbDIfGAuKeEH1MQ_220M9ATb70SElGa9xV07ZZotB6z5rq9aZskuf-wGnqiburzajWx22vlVDWhvY5J2i7tqw32INWQAw618_HLhW4zVJHTJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_TjbJk6k5dowmpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 4D6F 34 KB
16 KB 30ms
30ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=57891877;rtbwp=YwLdZAffQSZ5UvQAn7j9749_L0n8PiuFtuRhlQ;rtbdata=zY97pVFQ0ISsvTdgIq9K-4WFDKWnWIXE4uL-QZRU4Cjc6Oo_p3L3bRjZZe9Yka9bbRyukJPQQYHkZ-rOAW3qDtftHXqtEgqI5CpeuK_ZSzPJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRkgzbYpeynkqGdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrfiU0ly5wEI78N4iOtIBxgX0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame D7ED 34 KB
16 KB 22ms
21ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=54901439;rtbwp=q5a_MJdgwArOEnF-cs_Mf-K0uQ2FiQ1xeo6mxg;rtbdata=aJKsiFVwk3mzCj2t8fHuYsKt-_ZI8256HlPvdGq1jL9jjnZSQn0X6VRzmorgIzdabsOEUD14wmr3F-MMmKRb7Z9K_U2srmWWp561Scw3SK7JdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_oZCp-QDaIvImpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQapFFk3vNLoIIuouAqghP3omAC5HLFvl7DQeEimShqzcc1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:25:43 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 7DA7 34 KB
15 KB 28ms
22ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame A30D 34 KB
15 KB 30ms
24ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 5226 34 KB
15 KB 30ms
25ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 137E 34 KB
15 KB 31ms
25ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 99E5 34 KB
15 KB 31ms
26ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 17AE 34 KB
15 KB 32ms
27ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 2674 34 KB
15 KB 32ms
28ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 9E94 34 KB
15 KB 30ms
29ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame 501E 3 KB
2 KB 13ms
12ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Djroovvefi%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Djroovvefi%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=0&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3Del6TqoVMDqZhu6YCf0OCJ3XiGiqIotY4Mcx%2DasIOX4sYcfaF87gK5Bmhi8XDu%5FQ20YD3o%5Fe%2D16P37%5FNXUdN2SYcjqzBAwiw0fVzRPfRjYWrJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesfB28gUDijSksOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1%5F9LZPiJ37%2DKQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17MMZYu%2DqCtQ25mz8FOyQjSJcpbGPEGo8MCvZhEBkHI%5FcJoG9QWsDzBkh1VVYBJ%5FO0267zOAy%2DnMYYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIN7C6ZbD3%5FKdny1jGJ6ICNKmE4jqDcmLs7hpot9jjjRDislSvaT8pY9UJA2W73mpOFM8U683dBGYKxPBYXw7dFk%5FiEyDDukn%2DNSWbwUcQnj44rXpmTozSPnMD%5FrxmhFoK7RCaBZL4zyQVpY85awadnBrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR8B2GmaDHJd9v2YCfR6PJpzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=el6TqoVMDqZhu6YCf0OCJ3XiGiqIotY4Mcx-asIOX4sYcfaF87gK5Bmhi8XDu_Q20YD3o_e-16P37_NXUdN2SYcjqzBAwiw0fVzRPfRjYWrJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesfB28gUDijSksOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17MMZYu-qCtQ25mz8FOyQjSJcpbGPEGo8MCvZhEBkHI_cJoG9QWsDzBkh1VVYBJ_O0267zOAy-nMYYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIN7C6ZbD3_Kdny1jGJ6ICNKmE4jqDcmLs7hpot9jjjRDislSvaT8pY9UJA2W73mpOFM8U683dBGYKxPBYXw7dFk_iEyDDukn-NSWbwUcQnj44rXpmTozSPnMD_rxmhFoK7RCaBZL4zyQVpY85awadnBrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR8B2GmaDHJd9v2YCfR6PJpzuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: b4ecbab28b1e9be1a6dfe09a9132c06db398879f8da9d238d6e48f2981cf94b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:56 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame 1522 43 B
163 B 440ms
18ms Image
image/gif 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1670895353771&pid=1639337&iid=8358291&fmtid=71867&cid=0&key=viewcount&rtb=1&rtbbid=4499714719041530404&rtbet=0&rtblt=638064921522923207&rtbnid=1743&rtbh=16723e7d62b34dba2a179af407f0e4ebbdca3eeb&ts=1670895353771
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hrcralsp&e=1582957865563
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:55 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 9173 34 KB
15 KB 21ms
20ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 0994 34 KB
15 KB 32ms
31ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 2650 34 KB
15 KB 37ms
36ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame D00A 34 KB
15 KB 41ms
40ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame C52D 34 KB
15 KB 41ms
40ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame D4D7 34 KB
15 KB 46ms
18ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame A372 34 KB
15 KB 51ms
23ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 056F 34 KB
15 KB 82ms
57ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame A3A3 34 KB
15 KB 66ms
59ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 90A4 34 KB
15 KB 80ms
74ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 9EA9 34 KB
15 KB 83ms
77ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 7711 5 KB
2 KB 24ms
22ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=56680285;rtbwp=vXgnwwQaEhSLbrKOIVyWtolpchFwPv_3-oI_bA;rtbdata=RjLxfiHQw_jn7xi34bmqsy3c7UBwKD7QOm4MkqbVaBA-smWuS6dadgWa4mCAamGjiCR-qtG58IVvItvqXyf6-hMpVG1pj7EseXOI19JDVgrJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_mMRNgj-rLtUmpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1;js=1;adfxid=28x;4469;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

f39baa60b8fa82d9f4b019795085e44ed3d5a416b7761a4025b105eeff63e4c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2217
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame FEDE 5 KB
3 KB 44ms
43ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=57914107;rtbwp=HRV1L2z-HaNNQo2Apx0fqOYVnSw5dp_BT75gOA;rtbdata=C2bzdA4hVWzs9trUd7zLVWNFZOanHEf4M9UGUdmrwiwY4O4CnIdG40KNea_3_9qz-4sMx71iAGuKOTwk41EmjrzEY2yzrFxVgtMcHaC8kqTJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRpueZ4dcGCvgGdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrevnFFEaS7agsN4iOtIBxgX0;js=1;adfxid=29x;1762;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1398fb1fa4f71d8028f72aa3753da33390c456f06a6d9289a5cee8834b5dcf81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2417
expires: -1

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2359 281 B
554 B 9ms
9ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4459 52 KB
17 KB 9ms
9ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6685
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12543
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220034-HHN
X-Timer: S1670895357.503378,VS0,VE0

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 15E8 5 KB
3 KB 29ms
29ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=57914107;rtbwp=nWwrKoCBlz6HGt-U83xIK71BzXRAhF7GE6q8_Q;rtbdata=xiHm6YAi-vVmr_3gZKRm98o9mQGY2QuHISffqLP7hA4tKTyUe4hs4hOKuvwmQ4wO_s_x9blzkuGytvWJqDnzen-16bq5Ws4PbvDITuqjyFbJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRrtdS2MB8-ROGdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrcEoKrUDHIGNMN4iOtIBxgX0;js=1;adfxid=30x;6815;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

901683eba30b19497f2b5c48e86446eb1e7d93b1372d203e6482f38c5b15b0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2420
expires: -1

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 271A 0
0 149ms
68ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrZb_xoDyDHcbFpAfRuuTIRvybLgZxb2ysUTmLJn2pPHcokr2acstbRcmbygd7BKPEZq5ch98iH9J5rSJCY1zNArmEuXQZg2rbMtNbzpKTy1RED1c99PfGBq34bBt4LKDxbni4cJPNXFnreO4F87DHrz4zLreiYw_x1knF3LtwP0BEPtcz_HkLjKNI5drZV-tkCM9TvuKv6o-iJwVXFxgoJ5Zw-gx1fq4IhJAralCb05A_Ih2h54700oJsdx1xW-4CM-nLtMwfGa6AEn70nslytqvYd-ymoA_NmDxi-0Uo1wzOANsTdKpSUs-bDY7CyEq6rcSEyZ3MlMI-QqbVT8X3yA9jfZ845PxfK0LymfgQpcvvh7NQAEf5U1AyoeOR_gHQ3sQ83VDhNp7mA-xO3oQrydSSjXWUkJEf4TVJ1L-jBcUX8uOknZeQ4KAWdNikRu6Gtv2mogi-f9C967e_jTd1g2_Nnrtn8RvPv0ITRPSar3cOfxQBbvuW4rPEk5ti_uCPn0QNyZDBrkvDpuzvy8I1XENNIXQzaU15yfkAH4GoqzbJe2NfCfKCzecNoF3J_sVzUmm8BuTW9MIyo4v7eFSQfTC53BEsj6AYARcV0Zq-Vy8-rBpG21eObHq1iaEQAWrKpJB2WINbHGdHbupqeTri4M6r826-HDeIcV79RC6e5nI3eNpG99mLyXAJ2-NJ0TZlTmoKELQ6EnWfymYw1lWNz8mOzoKkpCchuPdU4E1cOG_OnEprWqkrUOXHToZKs1OJ8hheqeZ0BUsoBpWEs16vdFyfJvnkTa34OlgQCPrCo2O2zEKFx9eG09cfA3n6KIVgGOQI2TingoNGfF3PQs_Y8Sxgr9Qu4juyZHq361z7zWZEL6xUHcgZcCkWX4deMzmvmeuvaquE-LYNNUeVyT1ly4afdKwYGKVjJuysLtEjXG_fSlnn7-cFe8CCdDVK7D9IyDIe_WfCBiiAuAMxUBMH_V4pKC_CGE_zyqBUC8iWJwRuFIiZVPnHBHy61VDFRD27JmMwDHmYreimWgTssS0vhWzIse7wvvmZ4Xh7tLGU0BgFZenbeaf1YJk_uGrEIMnf8Z9lt3II8emW-4ws2eq97pFWGEhEovn0W_nU4Q3GUr_4ByAn7V65BFXwLWAKbh7pzxUeeElIZM0-&sai=AMfl-YRbh8p3C9zs7tVGm4FiiSCXS6qbfsptqU0njSQS9z9nnGQTzXCKD_HZ7fjzsPneSKB6-OZNEoBg048AP7kyKV54bb2rY-RtM5B3gYvm2bMj81GkmFWbR6TbS9_QSSf1oRuOn3mG1g&sig=Cg0ArKJSzBqBAY4YMdtcEAE&uach_m=[UACH]&pr=8:8AFFBC91AAFB785E&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=595&vt=11&dtpt=594&dett=2&cstd=0&cisv=r20221207.23741&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 01:35:56 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 85E2 52 KB
17 KB 9ms
8ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10726&pub_id=1805345
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6685
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12610
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895357.507266,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 08BB 0
819 B 44ms
15ms Script
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&e=wqT_3QLpDPBVaQYAAAMA1gAFAQj1rd-cBhCDwZyf_9Gr6TwY3prw04bZw_BmKjYJLmfG-vX2oj8R6_qqhQXjmT8ZAAAAQOF6tD8hBaVo5V5goz8pwFsgQfFjrD8xAAABG7iUPzC_yNIJOOZTQOo_SAJQk-OBvgFYkduKAWAAaOHotwF43_UFgAEBigEDVVNEkgUG8EyYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCU3VmKCdhJywgMjkyMDk5NCwgMCk7dWYoJ2knLCA1MzE0MDYyLCAwKQUULGcnLCAxOTQ4ODA4MBUpMHInLCAzOTg0ODc5NTUFFvCLkgKBBCF3V1NfV3dpWDZ2c1pFSlBqZ2I0QkdBQWdrZHVLQVRBQU9BQkFBRWpxUDFDX3lOSUpXQUJnbGdkb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFjTDV6MC1PWkt3X3dRSEMtYzlQam1Tc1A4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUdPck1RQzlRSE56TXc5bUFJQW9BSUJ0UUkFJAB2DQjwVXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpRVTFUTXpvMk1URXo0QVA4TDRBRThKR3RDWWdFMXFITUNaQUVBWmdFQWNFRUFBBWMUQUFBREpCAQcNARgyQVFBOFFRDQ4oQUFBSWdGNFMtcEIRExRQQV9zUVUBGgkBGE1FRm1wbVoBAgx1VF9KBSgcR0RZdnVFXzAuKAAITmtGCTHIQUE4RF9nQmFrcjhBWFF1cVVKLUFXaXBMSUJnZ1lEVlZORWlBWUFrQVlCbUFZQW9RYWFtBV4wbTVQNmdHQkxJR0pBaxFLCEFBQh3LBEJrGRgAQx0YRExnR0NnLi6aApkBITBCVlhZZzoFAjRKSGJpZ0VnQUNnQU1acQlvWGJrX09nbEJUVk16T2pZeE1UTkFfQzlKEWIMOEQ5UhEMDEFBQlodDABoHQwAcB0MAHgdDAw0QUlrNXjwWDhEOC7YAgDgAonRVOoCKWh0dHBzOi8vZWFybm1lLmNsdWIvbm9yZC1uMS1mcm9tLW9uZXBsdXMv8gIRCgZBRFZfSUQSBzI5MjA5OTTyAhIKBkNQR19JRBIIcRpE8gIKCgVDUF9JRBIBMPICDQoIATYMRlJFUREQHFJFTV9VU0VSERABIDhDT0RFEgEx8gInCghDUEcJEBgbMDBrM3AwAQEgdlpKUDFBQU9fGWcQCwoHQ1AJKRwA8gIQCgVJTwF1OAc1MzE0MDYy8gIdCgdJTwkhDBIwMDYNSmB4YTU0MkFBQfICEwoPQ1VTVE9NX01PREVMAT0UAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHA0KCFNQTElUAU3w1wEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNzaoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOODE3MCNBTVMzOjYxMTPaBAIIAeAEAfAEk-OBvgGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWpBfoFBAgAEACQBgCYBgC4BgDBBgUhLADwP9AG6CnaBhYKEAkRGQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4vwZAAMgH3_UF0gcNCRE6ATgI2gcGCSdo4AcA6gcCCADwB4u_AYoIAhAAlQgAAIA_mAgB&s=ffdcae9b31d281c96d506d0d4cad530b810c0c40&bdref=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F,https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F,https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:56 GMT
AN-X-Request-Uuid: b8d11e4f-e25c-448d-9fdd-96c238ddb070
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 76B2 5 KB
3 KB 20ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=57914107;rtbwp=CjkTFq2MfMBS5qqFQ7YbLmtTm_xCLhNaVswVWA;rtbdata=ke90qzTFtgwUEGpwB2OIqC4RsVuxr1GI3JBvhZb6xGvOc7CsNg_ScpQ6P-edhvCJURcl37Kesj0aunzkbEvh61f1DkI7YuDkw3ZguOXyGLrJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_EpdKVVJPub9h8aTD3DHXZeu8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1;js=1;adfxid=31x;7207;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6bc8d6bb67550b4abed09fc64c0c2bd771563de123a903b129f2edf2aa419f7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2236
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame C6F8 5 KB
2 KB 21ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=56129379;rtbwp=e4NwOcW29uF7feEByOXVe6J0jcoeHMvkpZFDJQ;rtbdata=wne0tGld-9ln1ew8_xv8abSxUM8Ag-rBFx-TXaKZ6P-6lPtbCRI087HxLXDO7UtQZaJ2yecpWLs_8jAC91urPWwneLafaP4DLmkf3M6pIyHJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_wEqmWq2V8i5h8aTD3DHXZUaZE5fSFo-peTqcoE3up6MpcWlM66LloJcp1C8rulQawVlJQDJVhiYuouAqghP3omnlVwJhAxQOQeEimShqzcc1;js=1;adfxid=32x;4389;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b2543f88b5a81115129ab2a2a583e85719224d9f10d657b2d1a5f44533ceff55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2220
expires: -1

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7111 52 KB
17 KB 40ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6685
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12330
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220075-HHN
X-Timer: S1670895357.541351,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame BD29 281 B
554 B 49ms
18ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2

200

evergreen-kis-300x250.jpg
media.kaspersky.com/de/affiliates/ Frame 003C
Redirect Chain

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=62487700004385601649441012172018
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

80 KB
80 KB

338ms
64ms

Image
image/jpeg

185.85.15.23
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=6d9163666083fUDs4va84H7b7q9LtUmggOZ3DyPJ8qdLBT55zuIeJGi_QMOieXJYh89-NcSnNhB8i1jx7Uxnzhn2qAR94NRvI1vsgHlNw4blJEJJ1xS9SQOmpqzEp3BaUiGgea3hwilTJJLOTlOxcknGDNsfgWhTaVpnQob3SruDRvNBfomSTNr&subid=44605000004385401467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fpbtqwpcg7ki48v1%3Ftprde%3D&uidRedirect=1

Protocol

Server

185.85.15.23 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

06d9487d0d05b38994c2a06ab9639cfa33afe0c98f89cbb0f3bcefb4cfb0aa84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 13 Dec 2022 01:35:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 12:09:27 GMT
server
etag: "1b72585d61a9d71:0"
x-powered-by: Kaspersky Labs, Kaspersky Labs
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-server: fr1/FRA4
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 81829
x-xss-protection: 1; mode=block

Redirect headers

Date: Tue, 13 Dec 2022 01:35:56 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2

200

evergreen-kis-300x250.jpg
media.kaspersky.com/de/affiliates/ Frame 9539
Redirect Chain

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=24697600004385701649441012172018
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

80 KB
80 KB

281ms
26ms

Image
image/jpeg

185.85.15.23
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=91be23a18b3eDu_b6bObJyZjNmgjNYA3VGAjpQA0zHIYy8mY_Hml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=47471400004385301467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fp9bgiwqovj0u8i5%3Ftprde%3D&uidRedirect=1

Protocol

Server

185.85.15.23 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

06d9487d0d05b38994c2a06ab9639cfa33afe0c98f89cbb0f3bcefb4cfb0aa84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 13 Dec 2022 01:35:56 GMT
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 12:09:27 GMT
server
etag: "1b72585d61a9d71:0"
x-powered-by: Kaspersky Labs, Kaspersky Labs
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-server: fr1/FRA4
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 81829
x-xss-protection: 1; mode=block

Redirect headers

Date: Tue, 13 Dec 2022 01:35:56 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2F58 281 B
554 B 37ms
11ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6E71 52 KB
17 KB 34ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6685
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12544
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220034-HHN
X-Timer: S1670895357.542952,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9473 52 KB
17 KB 34ms
8ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6685
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12611
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895357.543116,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6740 281 B
554 B 34ms
8ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 /
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 0987 95 B
222 B 15ms
14ms Image
image/png 162.55.236.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.236.55.162.clients.your-server.de
Software: nginx/1.14.2 /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/png
date: Tue, 13 Dec 2022 01:35:56 GMT
server: nginx/1.14.2
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame E46C 5 KB
3 KB 20ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=57892097;rtbwp=em2hP2KdrNeVFKJt-SXORM1zN0I1FqtF6Un-3A;rtbdata=w0gPlZmJKclf-oZP3yqTXtQnEJBpSwWI6S9GNls4EwOTNpx5Gr9VOxvIjdl7RKVdepWnkqbwvCvWzEt_cZvUKzsxOjnXeJux9CPSSKjEKpvJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRo_amOpC4z-tGdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrfiU0ly5wEI78N4iOtIBxgX0;js=1;adfxid=33x;3691;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

fd93ebe422d682c0e568986cd2e9328bb2e03b70b66026b5f0e19a8d6c6d896c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2420
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 8BC7 5 KB
2 KB 20ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=57914107;rtbwp=t6U2F2EWMU9ythgf51MWyGiIKjg1hTtwFVALSA;rtbdata=C8pQXsG6MGInaXEP9JmiFOVBFqH3xFVvas7a2nU_-OmzEqcjlxIRvraIVzTFqXjpuPNnD07tIllqiwC5SzjbT01S3DLbpjOTtKRn7DZziLHJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_zQ3UQQloec8mpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1;js=1;adfxid=34x;10420;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

56b4f9e5ccc481cdf045fe30b5de21e22aa08b5db572e22f2dea475aca50620c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2229
expires: -1

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 29ms
29ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?oz_pl=1&ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&_x=1
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/884833/analytics.js?dt=8848331610101564891000&di=https%3a%2f%2fearnme.club&ui=2051167177128181596&md=1&ap=&sr=smartadserver.com&pp=1999&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:35:56 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 9FE3 281 B
554 B 49ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=eanxvgfq&e=1070536818601
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 0550 5 KB
2 KB 23ms
23ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=57892097;rtbwp=boiAhbMWi2EyOmpRE12kgGrAPs1Fvmio11s9UA;rtbdata=QbDIfGAuKeEH1MQ_220M9ATb70SElGa9xV07ZZotB6z5rq9aZskuf-wGnqiburzajWx22vlVDWhvY5J2i7tqw32INWQAw618_HLhW4zVJHTJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_TjbJk6k5dowmpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1;js=1;adfxid=35x;4673;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c6755df647efea5cd2480e281523283cd765dc5e41764f9bc5b994f09681ba89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2229
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 2A6C 5 KB
3 KB 21ms
20ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=56680285;rtbwp=zUi57vGt5nKTHPsQ2bnybJKuVObYMBE5yw3PRw;rtbdata=-0zUFzE6t5t_IRPvTPxcZ-H-auXvF8cnTJPvBNmSDLYFkqBCj8BOyISaE_Zh8bPLjp2cf6dT8KZuimXNwQpa6R7qBcHyD6lM6Jk7-YbVvWLJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRrbPiSuQrZ68GdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrevnFFEaS7agsN4iOtIBxgX0;js=1;adfxid=36x;4588;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

420daeef03f4893c391ac50c1a4524900c5c8a7c299550b3101d341c7fb6006a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2425
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 4D6F 5 KB
3 KB 22ms
22ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=57891877;rtbwp=YwLdZAffQSZ5UvQAn7j9749_L0n8PiuFtuRhlQ;rtbdata=zY97pVFQ0ISsvTdgIq9K-4WFDKWnWIXE4uL-QZRU4Cjc6Oo_p3L3bRjZZe9Yka9bbRyukJPQQYHkZ-rOAW3qDtftHXqtEgqI5CpeuK_ZSzPJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRkgzbYpeynkqGdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrfiU0ly5wEI78N4iOtIBxgX0;js=1;adfxid=37x;10369;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c35d1d0168a16a19508270f39d08536d6063b40f3220856151bd17b84d3c6637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2427
expires: -1

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5136 52 KB
17 KB 32ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6685
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 6736
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220062-HHN
X-Timer: S1670895357.564051,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8CA1 281 B
554 B 32ms
9ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6E52 281 B
554 B 26ms
8ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D4AA 52 KB
17 KB 19ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6685
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12341
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220067-HHN
X-Timer: S1670895357.564302,VS0,VE0

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame D7ED 5 KB
2 KB 25ms
24ms Script
text/javascript 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=54901439;rtbwp=q5a_MJdgwArOEnF-cs_Mf-K0uQ2FiQ1xeo6mxg;rtbdata=aJKsiFVwk3mzCj2t8fHuYsKt-_ZI8256HlPvdGq1jL9jjnZSQn0X6VRzmorgIzdabsOEUD14wmr3F-MMmKRb7Z9K_U2srmWWp561Scw3SK7JdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_oZCp-QDaIvImpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQapFFk3vNLoIIuouAqghP3omAC5HLFvl7DQeEimShqzcc1;js=1;adfxid=38x;1415;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fearnme.club

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e1df36063f73dd075d057b442df87556bd2253e2fc94bd6ea8f0f84da0b310dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 2228
expires: -1

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C47C 52 KB
17 KB 13ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6685
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12613
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895357.578286,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2360 281 B
554 B 17ms
11ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0D76 52 KB
17 KB 7ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6685
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12614
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895357.611163,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7572 281 B
554 B 7ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK viewability Show response
ad18.ad-srv.net/ Frame 003C 0
150 B 43ms
16ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad18.ad-srv.net/viewability?s=62487700004385601649441012172018&a=9c35887a&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=6d9163666083fUDs4va84H7b7q9LtUmggOZ3DyPJ8qdLBT55zuIeJGi_QMOieXJYh89-NcSnNhB8i1jx7Uxnzhn2qAR94NRvI1vsgHlNw4blJEJJ1xS9SQOmpqzEp3BaUiGgea3hwilTJJLOTlOxcknGDNsfgWhTaVpnQob3SruDRvNBfomSTNr&subid=44605000004385401467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fpbtqwpcg7ki48v1%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:56 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 133E 43 B
703 B 61ms
59ms Document
image/gif 23.67.134.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=62487700004385601649441012172018

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.67.134.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-67-134-223.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ad.ad-srv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 13 Dec 2022 01:35:56 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
DATA 200
OK truncated
/ Frame 003C 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/hofe/tools/js/ Frame 003C 851 B
1 KB 52ms
9ms Script
application/javascript 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=6d9163666083fUDs4va84H7b7q9LtUmggOZ3DyPJ8qdLBT55zuIeJGi_QMOieXJYh89-NcSnNhB8i1jx7Uxnzhn2qAR94NRvI1vsgHlNw4blJEJJ1xS9SQOmpqzEp3BaUiGgea3hwilTJJLOTlOxcknGDNsfgWhTaVpnQob3SruDRvNBfomSTNr&subid=44605000004385401467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fpbtqwpcg7ki48v1%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 Tuttlingen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:56 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:29 GMT
Server: nginx
ETag: "57a48d39-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame D478 43 B
163 B 21ms
19ms Image
image/gif 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1670895354246&pid=1691712&iid=9310545&fmtid=88200&cid=0&key=viewcount&rtb=1&rtbbid=1752623346786105248&rtbet=0&rtblt=638064921531960988&rtbnid=1999&rtbh=4369128a4279c22eb6aa89a16275bcfd31ec7229&ts=1670895354246
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=wvuylzvfqgo&e=1070536818601
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame 375F 43 B
163 B 40ms
17ms Image
image/gif 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1670895354267&pid=1643378&iid=8358291&fmtid=71867&cid=0&key=viewcount&rtb=1&rtbbid=5739927207655202737&rtbet=0&rtblt=638064921532429441&rtbnid=1743&rtbh=23d9c6771ca10e6970af9650ae7eec535d11624c&ts=1670895354267
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lghutttacn&e=1070536818601
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame 78CD 43 B
163 B 52ms
17ms Image
image/gif 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1670895354292&pid=1691712&iid=9310545&fmtid=88200&cid=0&key=viewcount&rtb=1&rtbbid=8343635675577368887&rtbet=0&rtblt=638064921533463153&rtbnid=1999&rtbh=6c2cd55bb7844dd5629418e14570d6684f9c3cf9&ts=1670895354292
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=wfmup&e=1070536818601
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F562 281 B
554 B 9ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame ACA6 52 KB
17 KB 8ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6685
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:56 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12615
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895357.638938,VS0,VE0

GET
H/1.1 200
OK viewability Show response
ad18.ad-srv.net/ Frame 9539 0
150 B 35ms
12ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad18.ad-srv.net/viewability?s=24697600004385701649441012172018&a=1b9f77c0&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=91be23a18b3eDu_b6bObJyZjNmgjNYA3VGAjpQA0zHIYy8mY_Hml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=47471400004385301467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fp9bgiwqovj0u8i5%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:56 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame CACC 43 B
703 B 42ms
41ms Document
image/gif 23.67.134.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=24697600004385701649441012172018

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=91be23a18b3eDu_b6bObJyZjNmgjNYA3VGAjpQA0zHIYy8mY_Hml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=47471400004385301467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fp9bgiwqovj0u8i5%3Ftprde%3D&uidRedirect=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.67.134.223 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-67-134-223.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ad.ad-srv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 13 Dec 2022 01:35:56 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
DATA 200
OK truncated
/ Frame 9539 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/hofe/tools/js/ Frame 9539 851 B
1 KB 47ms
9ms Script
application/javascript 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=91be23a18b3eDu_b6bObJyZjNmgjNYA3VGAjpQA0zHIYy8mY_Hml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=47471400004385301467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fp9bgiwqovj0u8i5%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 Tuttlingen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:56 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:29 GMT
Server: nginx
ETag: "57a48d39-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame 501E 23 KB
23 KB 18ms
18ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=jroovvefi&e=1582957865563
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:56 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 08BB 6 KB
3 KB 106ms
103ms Script
text/javascript 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=sojern&w=300&h=250&c=307801502&js=pmw1&base=te-clr1-19eade95-1c7a-4972-92c1-8ee1063fa926&admarker=dynamic

Requested by

Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=300x250&c=307801502&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-85.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

77b042d3de6cf8263b878e8c7d779a03fae1cb936c1bf25311706cf590a220a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA2-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2330
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: STVD2tqFQlYtKJ7njHhA4a4yO8zfh8D64Y-U9JJr_S7oaYox2gd6Xw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 08BB 38 KB
12 KB 112ms
109ms Script
text/javascript 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=sojern&w=300&h=250&c=307801502&js=pmw2

Requested by

Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=300x250&c=307801502&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-85.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA2-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: bQOXsCWichaSVsb3YPjeYhhhR6L8ZsRfKKy4J9lmfI8jdIug3KUSnA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 08BB 6 KB
3 KB 116ms
114ms Script
text/javascript 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=307801502&js=pmw1&base=te-clr1-9750cac9-d791-490e-91d6-a3e1ad82f923

Requested by

Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=300x250&c=307801502&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-85.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e525bf9e7464b8bfbd8903ec04e5f75108a37d728718fe4cb6fe09f1022ae739

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA2-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 2326
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: xjjto0AUk0qkZCzg2X2cNEsdvlZw5HyJcL_2gSq9E-m5eKLNC5z1mQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 08BB 38 KB
12 KB 124ms
122ms Script
text/javascript 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=307801502&js=pmw2

Requested by

Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=300x250&c=307801502&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-85.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA2-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: crPgmTw05Llabuub161tfL6Ka1p3laj1QaRbCJGzNQO6s7LHZ1QjxA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 08BB 43 B
1 KB 109ms
108ms Image
image/gif 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=sojern02_d&pid=sojern01&cid=sojern&w=300&h=250&c=b354

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-85.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: E0onamMHg8YCxGIUO_MoHRSXXZLGI2yGpR22nOMf8Ip2nE9VGsGP6g==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 08BB 43 B
1 KB 111ms
110ms Image
image/gif 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=3da1

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-85.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: 91fKSX4l9AWJmyqWxegme3ny8N0kFP24IJ0d09ezQMKaU4pi-_84MA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 69D1 32 KB
8 KB 10ms
9ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame 69D1 2 KB
2 KB 14ms
12ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=nedVi83WsnvrGTbicvU4oaYPmAsr313ySWYaKhB4SylRkGsSQ0eu8U1REz67sdhwk_NyztNUtlOOiS_yYpnDhiYOaG4vBPm6DF2OhZGJg0DJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckeseCfl9291i0MsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17Eq8jhVginPWh56B0yJJG9tSXwIwszARgCvZhEBkHI_cJoG9QWsDzBnoAyzXEy7MRXvm_Sr-LS-aYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIEaxf-Ge1y8YH4fFEXIr7qtcCsG1xcL_kwe5fHQ1sbdaWzw6RvePn8MeDYJR7oLGu8JsDfOLX99lJqYsUs6OarE59vggw9e8QV8JJv7tC-6PfchxHaVNerPMD_rxmhFoKzrIJsZEUhko3f8b_jjnETdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRkoCejhRBQWBsc8_LoTaaFTuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: c7ae5eed69990707fe63adc6cc0a041c38537171c65b12540fbd3b75488d272c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:56 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 69D1 35 B
468 B 27ms
25ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=fYQW0Y9llTBFpdj_6Sc4dVwkwZCcOlbcDwUTFvuwshcJDwKV3Zer3EvCRUGV6MkbYKkY3f0hWDwdkMNguwWD1WQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame E89B 32 KB
8 KB 11ms
10ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame E89B 2 KB
2 KB 12ms
11ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=pIjprdQVl3zDnit8BXfkBXYFMvGzwv68tn77L2WYW9wZKuSWxLVPfZEOAGbjPBIsxULr_X-qKlkJZAsOfr-2Bj__zz8Adx5q1qHOUHFUD2TJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckestweyTTgh3e8sOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17Ke5OZ1O1iypTN4KaXthQ_TrbafUVrrWOivZhEBkHI_cJoG9QWsDzBkayoZihxKvHwkFV-L2m_MAYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIDM4-eepYqlvdOIkDOOxpoURmeuka6uxNt5APq2SjRWi_-P5BybOYXKfjHjflnDyu8fUa_9QBTVRMWu9wS9HIg399VrRst3KSzgVZpoeeFvafchxHaVNerPMD_rxmhFoKx_uFlcmbfesYIKlvB6pRklrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRjL1QSFJ9881sc8_LoTaaFTuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 2be7cadf45782024bf8bb47b533d558c1e43db5dd53ac54685846552160b7d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:56 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame E89B 35 B
468 B 25ms
25ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=vUSFpZOxvtXwJnamPyoYBYo4jvRzG1OhDwUTFvuwshcJDwKV3Zer3EvCRUGV6MkbL8tOAl-IJ7wOJykXCsET2GQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 4439 32 KB
8 KB 12ms
11ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame 4439 2 KB
2 KB 13ms
12ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=6kB3crmDNKsWM8u-B9O9gTvyK1tL95FjWESo1RIi1k1UV91viSPRx1AnoZODnFtPmQka40KdyHm1YZZo3kUXGXLmq2F7k582Bw8SFJsAcSHJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes9B64T1zb0aAsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17HQYtzcHMDBwIbD6pFJ_lt9MmOHp_y4nMSvZhEBkHI_cJoG9QWsDzBkgTjE2YL1MFRlXK9-DExflYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIElunk64P_foWPiv6-KZ_W_YmWH_KbMpS5_Fh-wGBLH2qp9s8tC1dpJmQJ7S5_AvdWArf1_O7zw7IoKk67Er-IdeHFrEX577lAYndwVOLAEHfchxHaVNerPMD_rxmhFoKytfPNJyJjV63eZ87oXFuy1rq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRRrXrgLpOPzxsc8_LoTaaFTuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 1e3458103b802372557563ecdb493698b4f9118e6a4c36faca092d30223aa704

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:56 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 4439 35 B
468 B 24ms
24ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=f9dEBz8oTP_Mdyr4OOm0Lm57voKSfF6SDwUTFvuwshcJDwKV3Zer3EvCRUGV6MkbWPYKnUHQmcTU-zQZqXVrG2QBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame A886 32 KB
8 KB 13ms
11ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame A886 2 KB
2 KB 19ms
18ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=R0qCEcXgZSFFrKo8oEky-e-cIFDb3Zlwn4hQAqJ1GQaPEWqxVMPxa5EOAGbjPBIsN2bTBkk7hALfxo9hzdclO-ad-MTVp0wbEjHbWULcdyLJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckestweyTTgh3e8sOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17Ix6a-ktWn_4kzqDKvUuzQkQ6wIavotEtCvZhEBkHI_cJoG9QWsDzBkSeZdpDMouO2zLZw52SWX3YJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIOlyFzi60HzoywGZmALMWCrAiy0mW9C2cSYfqamXsGV05v5vVT2K3ibSo2WF3sfTiDxXqx0VZolB0_PFesXatuS7VVnH69CX1r_tI5ZaxyW1fchxHaVNerPMD_rxmhFoK3dxOpZq1E_y2zaHcEgb3Y5rq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRS4T1Ugn1gwdsc8_LoTaaFTuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: f2974b7a5c066f032ac90de6d4e13445db326eb30f94d7b87dc9e6d7cc076ba5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:56 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame A886 35 B
468 B 24ms
22ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=YfOejS9zd0es4XGQiibgGtk8lvAL0J15DwUTFvuwshcJDwKV3Zer3EvCRUGV6MkbpZxmqnQiWKUDw9PeNahjiGQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame 3F00 32 KB
8 KB 32ms
8ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame 3F00 2 KB
2 KB 37ms
12ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=Bn6VM2oCxsh3PPOV55lLABHLO7eOUZZCdGVG0m3hGQtWJobxScKznTZ9JNJrNRQT0Tg6Oi8JbQmNNUYEthR8m9Kn_0N8GggcRCl4QzTGvk3JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes-oud5M6wThksOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17MtdVMNi9L6PpkoMUQkJxrmlwWWwIuLA3yvZhEBkHI_cJoG9QWsDzBmhs5C8-0qV4Jetwxed4-ZrYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIMVUmw5cvtXj7Qm8vkk1Pa_68SItz9kft9A6vgUjMvAwIbgcf91CCJGusLecpEKFqTt3Ek7HDuSm4f0sumI_L3LVN3QwHi0V-Hu5T21twkWVfchxHaVNerPMD_rxmhFoK8YuNHSJm1hPeXrGGiGHT0lrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRCC3oYRGZIKdsc8_LoTaaFTuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 48d7e58e0ee0c92a7177c519be3c1a6b1a2aef311322ed9fb4b66a7c15f52bfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:56 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 3F00 35 B
468 B 40ms
18ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=ij_-N6vU7jqAp1gFkmcwMdgwfu3FEjpmDwUTFvuwshcJDwKV3Zer3EvCRUGV6Mkb79Z3r9NmdVSCiFGzUBRjEWQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 adition.js Show response
imagesrv.adition.com/js/ Frame BFE3 32 KB
8 KB 31ms
9ms Script
application/javascript 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://imagesrv.adition.com/js/adition.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
content-encoding: br
last-modified: Thu, 21 Oct 2021 06:32:42 GMT
etag: "4043560335-br"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8355

GET
H2 200 js Show response
ad13.adfarm1.adition.com/ Frame BFE3 2 KB
2 KB 35ms
13ms Script
application/x-javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=6kB3crmDNKuGLn04XPWPSErVV_ckqU9qLXJo5HLbTjX3VHuUvcUEydO6EqB0BATowXdz7qlQPQl2MzsghNnt236CkpKrt8FNcc6ug0h1ahjJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckeseWavUdsDT2MsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17GxG7Yr7yy6PbP6WqnFD1bU692A_Gvn7gCvZhEBkHI_cJoG9QWsDzBkbiw0WJOyWavNxtEB_eRYmYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIKtn1uaATRwR-25t-vY8oEx5ejoVAmu9bCpTLh9bKqJZjjO-OLk9SJ3r8o93PtWaJ2wRxP3irXw1n1_Stym_RUWS9JFAy-ueoDWIQNULdTkTfchxHaVNerPMD_rxmhFoKyQ5DIzM4DM-EzbxITlqgCdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR-dv5_6IpAfdsc8_LoTaaFTuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 30050b92a87c12fd666baea481c7ed40b8e6ad5b3604227cb201456c7bf0b298

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
date: Tue, 13 Dec 2022 02:35:56 +0100
cache-control: max-age=600
content-encoding: gzip
content-type: application/x-javascript
server: ADITIONSERVER v1.0
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame BFE3 35 B
468 B 41ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=60048282&csi=RGfcncVc8mGvOZVJdl2MYg2PulqxhaufDwUTFvuwshcJDwKV3Zer3EvCRUGV6Mkb_AgsDyRvF4I2HTOsFlpbbmQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK pqzrxe8e8mo6 Show response
hal9000.redintelligence.net/zone/ Frame 3455 11 KB
4 KB 462ms
21ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/pqzrxe8e8mo6?subid=&gdpr=&gdpr_consent=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59973788%3Bcrtbwp%3DVLPvAtWBS0AEFrZmp8rZv6zboUFQG3yp0%3Bcrtbdata%3Del6TqoVMDqZMvNrwuwj5L_gh-Krp2vjHtNVHQU4OBy0ISjrEtFpOfDZ9JNJrNRQTHWyHopwZA_vGeKpNH8fNV_6Q018Q_0xzIfeN7JC-XW7J04_xY4TIsqaR6UG2tCLk4xzBRbCjWP1VphNr_nErroI1dDrbif0SU4yEcxci_DWb1Jfou_okYKQckU2Fb4eYRmggcV4l69A5sq1GjnARB3zmVI9sa37EHsgSY50jif5CfsRTXA7rNEBXtIMbdIQoK6795bbid_rgluaqRTTtSEcn7z1MzRlCf7gpsbU7-dDPOHlrY1s6p8N4iOtIBxgX0%3Badfibeg%3D0%3Bcdata%3Dw4dvV37RC5jHzBF-Qcv17MUK2Ev4JdCCZBrCtyEJFfhIqc7mShbaKCvZhEBkHI_cJoG9QWsDzBm8ZcGBfLEkiIcHQlbOzyC-oA9GDAzbgHQUFcc9yyPa6f_N7jxntrfLKD7TfxtG7NK45A-XK6WXskhpQmAcObdLZZbJq9TKcO8RgUF6X2Vc7ux-HTmi7qoSu1k8x6sQHqBR5DwK4QH1P74T_gpltIHigY13xyyqrUC58pexOKUkp1NoKZVSwNYk29IDoYxbtNjMD_rxmhFoK6e56xLXwttjMTOyvXFTZ4Zrq__X0J06qK4WrCE8ovGnFXfYpHQ_QbJholTa4zbQ2SUMpk3TK1lRZkf6sn78ktV621fHe56zhCUMpk3TK1lRsjokatFr4Q9B4SKZKGrNxw2%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: aa864e69809808c72f587d26c1f4830b807a8e94b2333d149e630f9be380268b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:57 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3454
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

POST
H2 200 /
track.adform.net/csimpr/ Frame 3455 35 B
459 B 28ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=59973788&csi=STh3G4BGRKw6JStMVPXAGL_itus-Kh9PDka_CpEPAroJDwKV3Zer3EvCRUGV6MkbtG9AoswbpG2uEqqy1Q9iv9kprO33UZ4uMUe3mKqM1p8DvP-67D9Y4w2

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 36ms
35ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895356464&oz_l=219&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:35:56 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2359 34 KB
10 KB 14ms
13ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59170
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6740 34 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59170
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2F58 34 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59170
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame BD29 34 KB
10 KB 8ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59170
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame 7DA7 3 KB
2 KB 12ms
12ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dcyupjnth%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dcyupjnth%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DpIjprdQVl3zmDdyNw3cSGVE9X2KlB0r2sGmOhVE9WTXtSsdvslkUhBmhi8XDu%5FQ2v4%2DxzsvQ6hkCHauhkDM2VaeOlRnmmlEp7rd2%2DUIinG%5FJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesekeP2M9dIFcsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1wx9RouD9%5FuBQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17AC2O2N9A10opfGDJE9HZUO9nibwhW1jaSvZhEBkHI%5FcJoG9QWsDzBkD7nkL9m7DiSBD4WIT5ePsYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIDoDWQQdoDSy6EhqtDSWEHQ%5FL3MOqieVcDs0ruxrTHEZTbmz62WADnl1zXOOQe6QY4zFF7kz9hsk%2D4XDfjaHqTcKaA6nicBPseDIXSV44hYQ4rXpmTozSPnMD%5FrxmhFoKzWJro81gZBX2O%5F3J4z2dA5rq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRGSaF%5FlGlkdZoVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=pIjprdQVl3zmDdyNw3cSGVE9X2KlB0r2sGmOhVE9WTXtSsdvslkUhBmhi8XDu_Q2v4-xzsvQ6hkCHauhkDM2VaeOlRnmmlEp7rd2-UIinG_JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesekeP2M9dIFcsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17AC2O2N9A10opfGDJE9HZUO9nibwhW1jaSvZhEBkHI_cJoG9QWsDzBkD7nkL9m7DiSBD4WIT5ePsYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIDoDWQQdoDSy6EhqtDSWEHQ_L3MOqieVcDs0ruxrTHEZTbmz62WADnl1zXOOQe6QY4zFF7kz9hsk-4XDfjaHqTcKaA6nicBPseDIXSV44hYQ4rXpmTozSPnMD_rxmhFoKzWJro81gZBX2O_3J4z2dA5rq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRGSaF_lGlkdZoVCRWfIwEGjuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: eee9944b2e10a522355af1caf30f610c148501899159eaa909c77162a16a144b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:56 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame 3530 43 B
163 B 18ms
17ms Image
image/gif 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1670895354443&pid=1691712&iid=9310545&fmtid=88200&cid=0&key=viewcount&rtb=1&rtbbid=1872739224003791605&rtbet=0&rtblt=638064921536410756&rtbnid=1999&rtbh=7b5db11cfe651114dc0aba10533266528907bcbd&ts=1670895354443
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame A812 43 B
163 B 19ms
18ms Image
image/gif 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1670895354531&pid=1691712&iid=9310545&fmtid=88200&cid=0&key=viewcount&rtb=1&rtbbid=1046697751493953756&rtbet=0&rtblt=638064921538251804&rtbnid=1999&rtbh=0bfd484c52b757fa3df428c28418842d42a2b8a1&ts=1670895354531
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rnzvbshj&e=1070536818601
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame FC44 43 B
163 B 18ms
17ms Image
image/gif 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1670895354580&pid=1691712&iid=9310545&fmtid=88200&cid=0&key=viewcount&rtb=1&rtbbid=5391276862519701572&rtbet=0&rtblt=638064921539231977&rtbnid=1999&rtbh=202c68df04a0dd9407a7419cf4b7cbb6cd637091&ts=1670895354580
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=givtwayo&e=1070536818601
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame 113F 43 B
163 B 36ms
17ms Image
image/gif 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1670895354452&pid=1643378&iid=8358291&fmtid=71867&cid=0&key=viewcount&rtb=1&rtbbid=4729774426942358769&rtbet=0&rtblt=638064921536594600&rtbnid=1743&rtbh=08131b4bae64b4ea6bc5f91cb9e255db951185fa&ts=1670895354452
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xdelpmeap&e=1070536818601
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9FE3 34 KB
10 KB 9ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59170
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8CA1 34 KB
10 KB 13ms
12ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59170
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6E52 34 KB
10 KB 9ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59170
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame D51C 2 KB
1 KB 72ms
32ms Document
text/html 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1402243
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 778af74ebc4d9b1f-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 13 Dec 2022 01:35:57 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmKXZjduGaN6aLux%2Fxq%2B5sawkR7LhdWmvT6aXlmyrqUYH%2FJG0j9cOtZb56Qf7VmDRHFacFacf4edEQVqxQeQazNoq%2FLqwkg%2FlFtRJ1nO%2B6s7vi5zyrEva6jQa3k%2FONqwy9JW8%2BY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2360 34 KB
10 KB 8ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59170
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 16AD 2 KB
1 KB 64ms
31ms Document
text/html 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1402243
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 778af74ebc4b9b1f-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 13 Dec 2022 01:35:57 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0AMS2JQUzVEQT1ez1Pw%2FWz2OUTFo3%2FgqTC15iOTpC2jyI9aYJtmNIVgbtGkdXu5%2BdyNu3SadL3bkPan0MMy3JQAOYMWe4MKjKDaNwXC86aok2aDXIIOhhyA8AeyRyAE83w2shc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C8E4 0
747 B 15ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:56 GMT
AN-X-Request-Uuid: b2fe7209-a983-4cc7-b6d8-288648a1f791
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 8E47 2 KB
1 KB 60ms
27ms Document
text/html 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1402243
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 778af74ebc509b1f-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 13 Dec 2022 01:35:57 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGB35cLWAQz7IoagTobO8rgKwunIvxvgydN93A4gU9YxhRPrZHwFw9IUvGiodJf4WzfO9MEE2DioyqSzGnCIif%2FeIhZuLgErSNeLTFelHORevr66nDDYHVxNo1xlnRKmNaGplqw%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A812 0
747 B 15ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:57 GMT
AN-X-Request-Uuid: 1f0687b7-2199-4e08-988e-87d751a2384d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7572 34 KB
10 KB 8ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59169
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F562 34 KB
10 KB 8ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59169
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 6EC9 2 KB
1 KB 59ms
28ms Document
text/html 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1402243
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 778af74ebc4f9b1f-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 13 Dec 2022 01:35:57 GMT
expires: Wed, 26 Oct 2022 23:22:52 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwmaOwiNqU%2BgGKDShKKVNahVucQpFjNzHXX5MNVBe8SEWnWaQ2%2BaoO4rFqBdPWYOGAa1vwiP5WgYsiZxmWc47OaxHrYXOKUE3CRlraJVxN%2Bu1f8R5zRJ%2BPKoZ3vZEKgvHzSI%2FVk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK action
www8.smartadserver.com/track/ Frame E500 43 B
163 B 17ms
17ms Image
image/gif 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www8.smartadserver.com/track/action?sid=1670895354279&pid=1691712&iid=9310545&fmtid=88200&cid=0&key=viewcount&rtb=1&rtbbid=4330773382780807964&rtbet=0&rtblt=638064921532528229&rtbnid=1999&rtbh=05b3151043646d1fac17a53aa6b75bf9fc9542c5&ts=1670895354279
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=dumvrvp&e=1070536818601
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:56 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame A30D 3 KB
2 KB 12ms
12ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dqlggoqc%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dqlggoqc%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DnedVi83Wsns5y%5FgHEO1oOq2iFWU34Wb0FFyZcKivfaWB9bPyIGiXx5EOAGbjPBIsM8PBq0CnifYq7vt4QMBDCjmRFfAV0C7HLuBRMnyq9gjJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesau%5F9YhHhNXcsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1%5F9LZPiJ37%2DKQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17F8Yxsrg2ehw0y3MVHqcy56%2Dv%5F8xUO9xwSvZhEBkHI%5FcJoG9QWsDzBkyQ6DT3tB3ISd7xcqkAcPdYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIFzi0pukx6wu5fpCa1QzQrFNH9hkxthG4zugUj2beSvTb%2DMmQXLeVI8yNqQIU8uo1HH6IW0B38dh1N6AXS%5F0tYuSy7mLzaDKoOrgQtEsqCtw4rXpmTozSPnMD%5FrxmhFoKxevcvz4vmvpWHn8CsoOzUprq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRH27A3lI1JyJoVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=nedVi83Wsns5y_gHEO1oOq2iFWU34Wb0FFyZcKivfaWB9bPyIGiXx5EOAGbjPBIsM8PBq0CnifYq7vt4QMBDCjmRFfAV0C7HLuBRMnyq9gjJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesau_9YhHhNXcsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17F8Yxsrg2ehw0y3MVHqcy56-v_8xUO9xwSvZhEBkHI_cJoG9QWsDzBkyQ6DT3tB3ISd7xcqkAcPdYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIFzi0pukx6wu5fpCa1QzQrFNH9hkxthG4zugUj2beSvTb-MmQXLeVI8yNqQIU8uo1HH6IW0B38dh1N6AXS_0tYuSy7mLzaDKoOrgQtEsqCtw4rXpmTozSPnMD_rxmhFoKxevcvz4vmvpWHn8CsoOzUprq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRH27A3lI1JyJoVCRWfIwEGjuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 4f1cc7a1a11566ea8cea1e1180b2dd7b8532c436e4b9ea00ba6c4cb8882ee050

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:57 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame 99E5 3 KB
2 KB 12ms
12ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dzophdtn%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dzophdtn%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DttNmYRvTsQunmS9emcxVN389yDirH5ObxDPw0vN6APreduWji%2DOQ%2DFAnoZODnFtPMwMF4%5F14hWwQsMNaN%2DonzKNBAZmtQXAYCD6t9pjcdoDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesN2kt0MFgTmosOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1wx9RouD9%5FuBQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17MBG3kk3KdVJfhoREAwAoqReYw%5FUxOrGfSvZhEBkHI%5FcJoG9QWsDzBkVO8TClUps9qgIWOP1knuEYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIJtg5oaFFH%2D5YedKwI5KqtCO9wMp%2Dnf3ZFmNfixCh20W3NCATQElP4wlAHk%2DxpOC1CH63ycwm7TfWzrtEz7kL9GHYevDaxcr2xCn%2DuH05T954rXpmTozSPnMD%5FrxmhFoK%2DB7Q89A%2DcheWs3YUhMctt1rq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR4sq1G%2DTayuxoVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=ttNmYRvTsQunmS9emcxVN389yDirH5ObxDPw0vN6APreduWji-OQ-FAnoZODnFtPMwMF4_14hWwQsMNaN-onzKNBAZmtQXAYCD6t9pjcdoDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesN2kt0MFgTmosOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17MBG3kk3KdVJfhoREAwAoqReYw_UxOrGfSvZhEBkHI_cJoG9QWsDzBkVO8TClUps9qgIWOP1knuEYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIJtg5oaFFH-5YedKwI5KqtCO9wMp-nf3ZFmNfixCh20W3NCATQElP4wlAHk-xpOC1CH63ycwm7TfWzrtEz7kL9GHYevDaxcr2xCn-uH05T954rXpmTozSPnMD_rxmhFoK-B7Q89A-cheWs3YUhMctt1rq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR4sq1G-TayuxoVCRWfIwEGjuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: dde67098f3b21db587a1a0fcbaa8d5c9bfcc71733de092723333ee5b18fc9b30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:57 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame 17AE 3 KB
2 KB 12ms
12ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dbipodbdgfk%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dbipodbdgfk%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DpIjprdQVl3ySv3BQcZTyESFpyzIuExD9%2DIDL9rSQP86zgixjPE8clp7RJsIFLDe%2DQYDD5jX1V7eRz%5FnKojNWsGzyMunvTlGSwpE1mocy1wDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesXTw643e2q1EsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1%5F9LZPiJ37%2DKQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17D6DefE6Mc%2DBP6I0IVF5oElKhYzMFQH5WivZhEBkHI%5FcJoG9QWsDzBlo%5F5Ie%2Dz%2DnZhILOIA61IlBYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIGRgxI%5FAzVSpa%5FfkYsQf8s0PSbpwrAVJhV3TDWfDeqfeXGHkVFgBcDOGxPMHvN2edaTZ87%2DO2soFS%2DEhQaCNucKXhpy5tUMwUKecKbQJR%5Fwv4rXpmTozSPnMD%5FrxmhFoK1c%2D2bwUKXHzbC%2DnGWd8s81rq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRdpq%5Ftmp%5FXixoVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=pIjprdQVl3ySv3BQcZTyESFpyzIuExD9-IDL9rSQP86zgixjPE8clp7RJsIFLDe-QYDD5jX1V7eRz_nKojNWsGzyMunvTlGSwpE1mocy1wDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesXTw643e2q1EsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17D6DefE6Mc-BP6I0IVF5oElKhYzMFQH5WivZhEBkHI_cJoG9QWsDzBlo_5Ie-z-nZhILOIA61IlBYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIGRgxI_AzVSpa_fkYsQf8s0PSbpwrAVJhV3TDWfDeqfeXGHkVFgBcDOGxPMHvN2edaTZ87-O2soFS-EhQaCNucKXhpy5tUMwUKecKbQJR_wv4rXpmTozSPnMD_rxmhFoK1c-2bwUKXHzbC-nGWd8s81rq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRdpq_tmp_XixoVCRWfIwEGjuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: bba4600c34d7faa9eabf7e847754300bdf72001dc3fd719b440a604ea043fa89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:57 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame 2674 3 KB
2 KB 13ms
13ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dokqaizdly%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dokqaizdly%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DTJ4qHFkmLj2xjbj%5FDSPSdv8uxOp4VadipWElZEXNR7CdflIx%2Dj2gb9O6EqB0BAToBRxu1Oeyvg54EdaJDVWTOG9WF%5FMs9DQUf2ZiUkc%2D%5FkbJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckess0drL8uHixwsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17MBy28sy6KMM61o6Ql0wXMDgt3sm%2D%5Fh2hSvZhEBkHI%5FcJoG9QWsDzBlGWXBmC%5Fq05zD9Q1dnaMSRYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIBtxg9MDdXQE0pRzXvGYyQs6TpZY6UqVPnGGdQVn7E%2Dj73D%5FN8ifuJXDnp2w4xn2u3LJhEsIQ5Xnee7diXkN%2DQG1cQMo6pGGCKEMXkc7w01b4rXpmTozSPnMD%5FrxmhFoK4nCXpfWa3LxfqlSBre6sLprq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRmArYgWa2mT5oVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=TJ4qHFkmLj2xjbj_DSPSdv8uxOp4VadipWElZEXNR7CdflIx-j2gb9O6EqB0BAToBRxu1Oeyvg54EdaJDVWTOG9WF_Ms9DQUf2ZiUkc-_kbJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckess0drL8uHixwsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17MBy28sy6KMM61o6Ql0wXMDgt3sm-_h2hSvZhEBkHI_cJoG9QWsDzBlGWXBmC_q05zD9Q1dnaMSRYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIBtxg9MDdXQE0pRzXvGYyQs6TpZY6UqVPnGGdQVn7E-j73D_N8ifuJXDnp2w4xn2u3LJhEsIQ5Xnee7diXkN-QG1cQMo6pGGCKEMXkc7w01b4rXpmTozSPnMD_rxmhFoK4nCXpfWa3LxfqlSBre6sLprq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRmArYgWa2mT5oVCRWfIwEGjuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 57b4d86691225b6a873b885313f0aacd68d08f168ef3465ea074ba5c81726814

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:57 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame 9E94 3 KB
2 KB 14ms
14ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dyusjeyea%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dyusjeyea%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3D6kB3crmDNKsA1erjN7kBQz%2D9bdwi6BnBrBdr4bZSs1vPg%2Dk%2D3Jylr01REz67sdhw2B0rW3xYz1ou2lf76kIC3K3AWcvoosZedRDZMebUfw3JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckess0drL8uHixwsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17PK8e6d4h0NUzWXR6j3a%5FMQh6loRpvAGrivZhEBkHI%5FcJoG9QWsDzBlk6PVdaGkbtiGeFMVfGZToYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIJARaPTGWE9CCh2DGbQYvjpe82O6%2DLhNZ83EWb3heq5Wj6rASBpWCUGlkRoZ8nPa5XwFQ7lyGLnn4zz4n9Ycl4r5BHjm%2DqQoqebfACWDpHiA4rXpmTozSPnMD%5FrxmhFoK0oP8%5FYWsr38EK%2Dbw1jvrmRrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRgkesmTuxZuZoVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=6kB3crmDNKsA1erjN7kBQz-9bdwi6BnBrBdr4bZSs1vPg-k-3Jylr01REz67sdhw2B0rW3xYz1ou2lf76kIC3K3AWcvoosZedRDZMebUfw3JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckess0drL8uHixwsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17PK8e6d4h0NUzWXR6j3a_MQh6loRpvAGrivZhEBkHI_cJoG9QWsDzBlk6PVdaGkbtiGeFMVfGZToYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIJARaPTGWE9CCh2DGbQYvjpe82O6-LhNZ83EWb3heq5Wj6rASBpWCUGlkRoZ8nPa5XwFQ7lyGLnn4zz4n9Ycl4r5BHjm-qQoqebfACWDpHiA4rXpmTozSPnMD_rxmhFoK0oP8_YWsr38EK-bw1jvrmRrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRgkesmTuxZuZoVCRWfIwEGjuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: c41b8b46fb065a0bd44b64f999e6a5330aaa3b37b841b50456de3a1cc891786e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:57 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame 9173 3 KB
2 KB 13ms
12ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dinjfbw%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dinjfbw%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3D6kB3crmDNKv4UBGNctTrpXUmOCVbLVYNxJU5JkiVqYUqoL8sPvzXLX2yRoDgrbSgFMtimstrpkHJQjdlPoMfCL5jDvSgfUrnROzIeBYU%5FNTJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesGUYtvN61XXQsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17JsVaBiQ30Y%5F6TpZMt%5FKfYzKT9VYMHiboSvZhEBkHI%5FcJoG9QWsDzBn%5Ftlp4832UotOcabnSN2SOYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIIQGoNbk%2Ds4oC%5FBE1CDYNwvcqzfnZompmbv1DEge74uCi%2DnbTXmwr%5Fuc23ZAPAlQnNlpp%5FWtEeQM2Wn9TGX44JgplVnfdRTeclOVIqwKN55w4rXpmTozSPnMD%5FrxmhFoKzROMlGGe6iuGJ9mo626PpJrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRweDf9XIDlpr4O%2Dguf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=6kB3crmDNKv4UBGNctTrpXUmOCVbLVYNxJU5JkiVqYUqoL8sPvzXLX2yRoDgrbSgFMtimstrpkHJQjdlPoMfCL5jDvSgfUrnROzIeBYU_NTJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesGUYtvN61XXQsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17JsVaBiQ30Y_6TpZMt_KfYzKT9VYMHiboSvZhEBkHI_cJoG9QWsDzBn_tlp4832UotOcabnSN2SOYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIIQGoNbk-s4oC_BE1CDYNwvcqzfnZompmbv1DEge74uCi-nbTXmwr_uc23ZAPAlQnNlpp_WtEeQM2Wn9TGX44JgplVnfdRTeclOVIqwKN55w4rXpmTozSPnMD_rxmhFoKzROMlGGe6iuGJ9mo626PpJrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRweDf9XIDlpr4O-guf7YkdzuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: d09b6d6f91345fdfec3092dd07a84ea24588d93d645ad0deff345b7569bd0edd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:57 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame 0994 3 KB
2 KB 14ms
13ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dwvgcabh%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dwvgcabh%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3Del6TqoVMDqYb7tNGlrpsfcRcs9ioKD%2DxUF5UzR3KyZddEAOw4zEnZIPGMD3VRZ1RF5edEVELpTqn125GOSg9QiT3XpZPf5rk%5Fr6OL9%5FeogfJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesasoVfeTdcMIsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1%5F9LZPiJ37%2DKQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17GgTB9Ayd6Nu4wrclQR54e685eB%2DZosCzSvZhEBkHI%5FcJoG9QWsDzBneB3BfhDUkOc%5FdF8%5FfK3BhYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIGZ%2DEQns79LWZrXozCnacxof3qLrzDATx%5FDe%2DHWXpHHcXICQspCdHsLUouMD1eXeevvRy5tfNAuWU8arxRZQoD47R4%2DWwAy1cin%5FISY%5F3udc4rXpmTozSPnMD%5FrxmhFoK%2DW3WvpleCIJi2SGrFDkI81rq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRv3BDCeEJtBb4O%2Dguf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=el6TqoVMDqYb7tNGlrpsfcRcs9ioKD-xUF5UzR3KyZddEAOw4zEnZIPGMD3VRZ1RF5edEVELpTqn125GOSg9QiT3XpZPf5rk_r6OL9_eogfJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesasoVfeTdcMIsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17GgTB9Ayd6Nu4wrclQR54e685eB-ZosCzSvZhEBkHI_cJoG9QWsDzBneB3BfhDUkOc_dF8_fK3BhYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIGZ-EQns79LWZrXozCnacxof3qLrzDATx_De-HWXpHHcXICQspCdHsLUouMD1eXeevvRy5tfNAuWU8arxRZQoD47R4-WwAy1cin_ISY_3udc4rXpmTozSPnMD_rxmhFoK-W3WvpleCIJi2SGrFDkI81rq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRv3BDCeEJtBb4O-guf7YkdzuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: cfd9c7292a9aa0f05910f94e4e30e7cd245d7c1c488b235d841055719cfcfbbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:57 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame D00A 3 KB
2 KB 14ms
13ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dzvkvgpe%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dzvkvgpe%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3D6hySndOYzXWS%5F%5FFe%5FuvTDI3j5kggto7jPBI6%5FrGR9pErFycflZbI5Rmhi8XDu%5FQ26%5FiPSMtem97q8ZB0JSq1PUwu%5FOYHo1IF5Q%5F0LNFeFg7JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes2EdVqHNfd24sOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1wx9RouD9%5FuBQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17Ef1PgsvfTkwvBWSwYsoK9i%2D4wSt8kziSivZhEBkHI%5FcJoG9QWsDzBlA1whvxiF0AWyyDn9QDoliYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIKbl8TWDRZCMnE9vCaWYKl2Wb%2DzxTaO8fTBgyLsNN0fjewRAP4ibU3ej3%5FzeVagWEYZUOu4lqFbywbenasZ8IN6XyztqpZrn1SG%2Ds4gYI%5Foc4rXpmTozSPnMD%5FrxmhFoK9kUWndKCONbUwpzT0hjO25rq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR6o7YPNaJkE%5F4O%2Dguf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=6hySndOYzXWS__Fe_uvTDI3j5kggto7jPBI6_rGR9pErFycflZbI5Rmhi8XDu_Q26_iPSMtem97q8ZB0JSq1PUwu_OYHo1IF5Q_0LNFeFg7JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes2EdVqHNfd24sOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17Ef1PgsvfTkwvBWSwYsoK9i-4wSt8kziSivZhEBkHI_cJoG9QWsDzBlA1whvxiF0AWyyDn9QDoliYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIKbl8TWDRZCMnE9vCaWYKl2Wb-zxTaO8fTBgyLsNN0fjewRAP4ibU3ej3_zeVagWEYZUOu4lqFbywbenasZ8IN6XyztqpZrn1SG-s4gYI_oc4rXpmTozSPnMD_rxmhFoK9kUWndKCONbUwpzT0hjO25rq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR6o7YPNaJkE_4O-guf7YkdzuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: f133a4f19c382654cc2aa3fe7e3fca4ba3863ab63ad501b88769477c319273a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:57 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame C52D 3 KB
2 KB 13ms
13ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dnyszpkpy%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dnyszpkpy%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DY7sXdZWOOc%2DP4tg2rjcZDuV%2DvAoFg3rR6e5SnFOtbCUCzDYGSodiszRRtJvKKd9iQSrVwV%5Ft9ZSyYnsiak5Wz7IlTwkxmgzbF8nJWJEd0rDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesPx0qJA48hjMsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1wx9RouD9%5FuBQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17JmiGRh%5Fhv%2Di%5FzW2JOSySxNH2%5Fp%2DBqMbOivZhEBkHI%5FcJoG9QWsDzBnyZzSN3JD68OjJQ5R1nsC3YJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIOk57TEtfmfJM2NFtpzpmaAGiU5jQ81vacMll7Z5D4Ocn7sOZ%2DK6g5lTTRRw2gZjkdbAf8gsdZWMEYV3S3RZXI8JPsByBKxJXPfch21Jw1Z2fchxHaVNerPMD%5FrxmhFoK3o51cVb%2Dxcfn%5FLtLwJFYCBrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRHXxkN2MvTh%5F4O%2Dguf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=Y7sXdZWOOc-P4tg2rjcZDuV-vAoFg3rR6e5SnFOtbCUCzDYGSodiszRRtJvKKd9iQSrVwV_t9ZSyYnsiak5Wz7IlTwkxmgzbF8nJWJEd0rDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesPx0qJA48hjMsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17JmiGRh_hv-i_zW2JOSySxNH2_p-BqMbOivZhEBkHI_cJoG9QWsDzBnyZzSN3JD68OjJQ5R1nsC3YJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIOk57TEtfmfJM2NFtpzpmaAGiU5jQ81vacMll7Z5D4Ocn7sOZ-K6g5lTTRRw2gZjkdbAf8gsdZWMEYV3S3RZXI8JPsByBKxJXPfch21Jw1Z2fchxHaVNerPMD_rxmhFoK3o51cVb-xcfn_LtLwJFYCBrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRHXxkN2MvTh_4O-guf7YkdzuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 9d3e58662512680ff84d7210c7f667d625ae716c2dd3734b557125cb3a725fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:57 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame D4D7 3 KB
2 KB 13ms
12ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dpxx%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dpxx%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DhPzTdJMDKIg5v0ENd9o6GfZW2bmGw8clO7ZzS9YLmI1Ugl5JxTR721MM0KY5cE%5FzN5%5Fob0fZOSewJMpg2V%5FQxBh1LMHJJ3lk0d0u2%2DxKx%2DPJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckescO8H3y7CrUEsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1wx9RouD9%5FuBQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17IvYhWeYM2cJenR4zzNUlyrYfltm2YVkTCvZhEBkHI%5FcJoG9QWsDzBl9Ms4oTp%5FMCUMHqCi%5Fzvd%5FYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIDmGruYsJkk73gbI1%5FAQTm%2DFsSqpxRmdSvXgxDKyno4rdyBBFcn44x%5FgfdV6eZQ4HaIWrbC6hoBr%2DL5fqH45Axhr2jWzgucT8ctolXlQQDr8fchxHaVNerPMD%5FrxmhFoK3CAU8abZJ9uGpf2G29wBVVrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRj9MzvtcfbgT4O%2Dguf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=hPzTdJMDKIg5v0ENd9o6GfZW2bmGw8clO7ZzS9YLmI1Ugl5JxTR721MM0KY5cE_zN5_ob0fZOSewJMpg2V_QxBh1LMHJJ3lk0d0u2-xKx-PJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckescO8H3y7CrUEsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17IvYhWeYM2cJenR4zzNUlyrYfltm2YVkTCvZhEBkHI_cJoG9QWsDzBl9Ms4oTp_MCUMHqCi_zvd_YJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIDmGruYsJkk73gbI1_AQTm-FsSqpxRmdSvXgxDKyno4rdyBBFcn44x_gfdV6eZQ4HaIWrbC6hoBr-L5fqH45Axhr2jWzgucT8ctolXlQQDr8fchxHaVNerPMD_rxmhFoK3CAU8abZJ9uGpf2G29wBVVrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRj9MzvtcfbgT4O-guf7YkdzuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 9c23d606a3120d625ad2ab17ce2ef1dba1aa5e5dea9d4596ec317d531d3e7613

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:57 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame 056F 3 KB
2 KB 13ms
12ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dnagevtxugi%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dnagevtxugi%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3Del6TqoVMDqYxl0wbZ7BTsjDPbCsHC3IuGyi96%2DiBEXiuGCq%5FBnXAyVAnoZODnFtPbcnv062g4GWlmXc3im9CjgvvoiRcP8PVuzVMIBRTO13JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesqB15WDlK0ZIsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17BTm0q%5FP%5FcbZyAQhyDtLC0X5JbXTyK4L6CvZhEBkHI%5FcJoG9QWsDzBkibNCqSYZ4RNqHPh2rMriTYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIN%5FL%5FiOsU8s6i7GOS1VHJ7YMI5sIBc%5FyMXmY7kTcWy4tzZB%2DKVlYOADtMEpZr9It%2Dx7VXldrmy5Ot3Ro43eNrhIAkO%5FX2m7xTjf8Dbazjy18fchxHaVNerPMD%5FrxmhFoK7eUT8bBEc%2DRVfjw38Mm%2Dnlrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoKfXVBgUfuH4O%2Dguf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=el6TqoVMDqYxl0wbZ7BTsjDPbCsHC3IuGyi96-iBEXiuGCq_BnXAyVAnoZODnFtPbcnv062g4GWlmXc3im9CjgvvoiRcP8PVuzVMIBRTO13JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesqB15WDlK0ZIsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17BTm0q_P_cbZyAQhyDtLC0X5JbXTyK4L6CvZhEBkHI_cJoG9QWsDzBkibNCqSYZ4RNqHPh2rMriTYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIN_L_iOsU8s6i7GOS1VHJ7YMI5sIBc_yMXmY7kTcWy4tzZB-KVlYOADtMEpZr9It-x7VXldrmy5Ot3Ro43eNrhIAkO_X2m7xTjf8Dbazjy18fchxHaVNerPMD_rxmhFoK7eUT8bBEc-RVfjw38Mm-nlrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoKfXVBgUfuH4O-guf7YkdzuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: f9082457fd75f628feec9ea4849fc2ba95eac699f39c54fc8615a30d7f8c92a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:57 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame A3A3 3 KB
2 KB 13ms
12ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dwfiayoaq%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dwfiayoaq%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DnedVi83WsnvuwYG4pwN7wWQfmiISvqpxHJgnhBNEdMF%2DbIBZuq023dO6EqB0BATo8rexdUz48iFv3%2Dm0nIg9zbxZStwh7Ig57Z88je1ZJrHJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes%5FHwUFDsxAJYsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1%5F9LZPiJ37%2DKQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17MEyhVf3YZurJLpsL3vChhiygqK2BPuanivZhEBkHI%5FcJoG9QWsDzBmefx9OCBYxK1baeTd56ab1YJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIEYT6foR4Ef9tUhjyNKYLq89fb8BBjHTrTFPg%2DmjtXRvGz36fqeMNbwlBIaTou60y%5FUAnjxOaYGp80RfLrkfb82J0y8QJ8NHsV1bOFngFcoPfchxHaVNerPMD%5FrxmhFoK%2Duad65qrgDENV%2DBVN%2DW79prq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR0udSj6MoTvT4O%2Dguf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=nedVi83WsnvuwYG4pwN7wWQfmiISvqpxHJgnhBNEdMF-bIBZuq023dO6EqB0BATo8rexdUz48iFv3-m0nIg9zbxZStwh7Ig57Z88je1ZJrHJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes_HwUFDsxAJYsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17MEyhVf3YZurJLpsL3vChhiygqK2BPuanivZhEBkHI_cJoG9QWsDzBmefx9OCBYxK1baeTd56ab1YJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIEYT6foR4Ef9tUhjyNKYLq89fb8BBjHTrTFPg-mjtXRvGz36fqeMNbwlBIaTou60y_UAnjxOaYGp80RfLrkfb82J0y8QJ8NHsV1bOFngFcoPfchxHaVNerPMD_rxmhFoK-uad65qrgDENV-BVN-W79prq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR0udSj6MoTvT4O-guf7YkdzuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: a693997ef1babd45821557265c16b727a47fe190de078a0cdeb8e806e47a6a48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:57 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame 90A4 3 KB
2 KB 14ms
13ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Depztovze%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Depztovze%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3DUSZo8a%2DcS5k3HSapHNWz6KzboUFQG3yp0%3Bcrtbdata%3DBn6VM2oCxshsJBJGaugXNeYj2aOaBq3B6L83QIj17HYYOBhAj%5FcAZTRRtJvKKd9iybm0rP3h1kj2DfAOsQzDQiEQN453GDQEUaFRSbckBQvJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesTbeAlC6eDDFAgpBh3%5F9PptmhJaxM7bDE7nZ7Wrm%2DRkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17PXMGtUiNYHmkEImNWUUG2NeebxzM7Oq6CvZhEBkHI%5FcJoG9QWsDzBlBVbdekCkBPWAvaa1T9du0KzUgJW84h3pkwpx8sIKJgTIMbDP56G59tC0QiFi2EhNHcxAaOI%5F3lqY4EkQwDCFdHhvah%2DyX1Bhbjzw%5F7dmKwRS1sS4%5FbxSpKUk2JNz9KhbrrI4RlVgr5WbMsLYKcoP0wTs%2Dp88o%5FdHi5OFau4XkbW%5FjdQCFda1WmtZExxQvfaAhL2ZKY8k8lsP%5FXnMiEfXiCMPcreEvob2uFqwhPKLxp8yECIRnbFRCYaJU2uM20NklDKZN0ytZUcKQNGfQuvo%5F%2DDvoLn%2D2JHc7joi6uMgg0g2%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=USZo8a-cS5k3HSapHNWz6KzboUFQG3yp0;crtbdata=Bn6VM2oCxshsJBJGaugXNeYj2aOaBq3B6L83QIj17HYYOBhAj_cAZTRRtJvKKd9iybm0rP3h1kj2DfAOsQzDQiEQN453GDQEUaFRSbckBQvJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesTbeAlC6eDDFAgpBh3_9PptmhJaxM7bDE7nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17PXMGtUiNYHmkEImNWUUG2NeebxzM7Oq6CvZhEBkHI_cJoG9QWsDzBlBVbdekCkBPWAvaa1T9du0KzUgJW84h3pkwpx8sIKJgTIMbDP56G59tC0QiFi2EhNHcxAaOI_3lqY4EkQwDCFdHhvah-yX1Bhbjzw_7dmKwRS1sS4_bxSpKUk2JNz9KhbrrI4RlVgr5WbMsLYKcoP0wTs-p88o_dHi5OFau4XkbW_jdQCFda1WmtZExxQvfaAhL2ZKY8k8lsP_XnMiEfXiCMPcreEvob2uFqwhPKLxp8yECIRnbFRCYaJU2uM20NklDKZN0ytZUcKQNGfQuvo_-DvoLn-2JHc7joi6uMgg0g2;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: 3b52e84ce3c3e029893c4b0f6cfd6bb17d6fe2fc466fcd065f8ce9c28cdc0a11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:57 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame 9EA9 3 KB
2 KB 14ms
12ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Deghxslsd%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Deghxslsd%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DA8iMOn7YAicxKiJTDezZ5f2f3J0MGoLi5odfww%2DH8VUNjxCDM4%5FY3ecxbCA7OgRLTCm29U1ofij6vZ1rUVCusjBQC4jNBJYm2tncKUcnSd7JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesMYvWYadD4kssOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1%5F9LZPiJ37%2DKQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17EsLVOVbMCTrHqkUp7oyWSKcbJ7M7hIGNivZhEBkHI%5FcJoG9QWsDzBmwutm3L8peLevFFHt%5F7wqWYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIFavBoJIL1lTGj7rBJUSZkYXDn9s%5Fvp%2DNafTfriSnhGhR9YtHO9TEMrCRCnF8iAg9nGIXgzOWdIJrNjOa9GgGE2nVMA%5Fns7BqKjVVx1lQtdqfchxHaVNerPMD%5FrxmhFoKzB7XYbM8Z9AG5SHpzvh6tdrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRPcQwlJZIcVP4O%2Dguf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=A8iMOn7YAicxKiJTDezZ5f2f3J0MGoLi5odfww-H8VUNjxCDM4_Y3ecxbCA7OgRLTCm29U1ofij6vZ1rUVCusjBQC4jNBJYm2tncKUcnSd7JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesMYvWYadD4kssOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17EsLVOVbMCTrHqkUp7oyWSKcbJ7M7hIGNivZhEBkHI_cJoG9QWsDzBmwutm3L8peLevFFHt_7wqWYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIFavBoJIL1lTGj7rBJUSZkYXDn9s_vp-NafTfriSnhGhR9YtHO9TEMrCRCnF8iAg9nGIXgzOWdIJrNjOa9GgGE2nVMA_ns7BqKjVVx1lQtdqfchxHaVNerPMD_rxmhFoKzB7XYbM8Z9AG5SHpzvh6tdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRPcQwlJZIcVP4O-guf7YkdzuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: ddf880c9afccf1fdafbb6a6d610484db1a774194726f4fef9081e5f4512f675e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:57 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0417 52 KB
17 KB 10ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12616
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895357.212685,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A323 281 B
554 B 19ms
8ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C876 52 KB
17 KB 16ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12345
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220067-HHN
X-Timer: S1670895357.222996,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame BFC9 281 B
554 B 17ms
8ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3852 22 KB
8 KB 59ms
41ms Document
text/html 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 192643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 20:05:14 GMT
expires: Sun, 10 Dec 2023 20:05:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame AB93 52 KB
17 KB 13ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12346
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220067-HHN
X-Timer: S1670895357.240943,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 041A 281 B
554 B 9ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C15F 281 B
554 B 8ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame EA48 52 KB
17 KB 10ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12617
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895357.252230,VS0,VE0

GET
H/1.1 200
OK viewability Show response
ad18.ad-srv.net/ Frame DA23 0
150 B 54ms
16ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad18.ad-srv.net/viewability?s=47471400004385301467939012172018&a=ebba3d9a&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkdonne%26e%3D1070536818601&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAAOCjcM0_MFdxcAqnjD8W9rTDX5OVPxKoJlOa5EQSXg18asgO4Wb51pdjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAPycl4gAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521tRb8dwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0D8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96588%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:57 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4459 0
747 B 22ms
16ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:57 GMT
AN-X-Request-Uuid: d26a2f7d-3e9d-4924-bb1e-b4e7fc51077d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 96F9 281 B
554 B 10ms
8ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4E57 52 KB
17 KB 8ms
8ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12618
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895357.283960,VS0,VE0

GET
H/1.1 200
OK viewability Show response
ad18.ad-srv.net/ Frame E01C 0
150 B 47ms
19ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad18.ad-srv.net/viewability?s=44605000004385401467939012172018&a=d9c627a8&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsuqdsfso%26e%3D1011989061034&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3F_cbL4x7ikT96vJOGvr-HPwAAACCuR9E_MFdxcAqnjD8W9rTDX5OVP75-96a2J9QqXg18asgO4Wb41pdjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA0iaD9wAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521txaJeAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyOUD8L0lTP28qUmHuP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTI5%2Fbn%3D97054%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:57 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 69D1 34 KB
15 KB 24ms
23ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:57 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8277 52 KB
17 KB 9ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12619
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895357.299165,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 74BB 281 B
554 B 10ms
8ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame E89B 34 KB
15 KB 25ms
21ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:57 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 4439 34 KB
15 KB 28ms
26ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:57 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame A886 34 KB
15 KB 29ms
27ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:57 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 3F00 34 KB
15 KB 33ms
31ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:57 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame FA06 281 B
554 B 13ms
12ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CD06 52 KB
17 KB 8ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12347
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220067-HHN
X-Timer: S1670895357.303337,VS0,VE0

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame BFE3 34 KB
15 KB 29ms
28ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:57 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 85E2 0
747 B 17ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10726&pub_id=1805345&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10726&pub_id=1805345

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:57 GMT
AN-X-Request-Uuid: df1d1808-59fc-47b4-a5b6-52d325f5db76
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3974 52 KB
17 KB 14ms
8ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12348
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220067-HHN
X-Timer: S1670895357.333492,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 68DC 281 B
554 B 15ms
9ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 3455 34 KB
15 KB 26ms
21ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:57 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:34:09 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame FB3E 281 B
554 B 11ms
9ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CA1D 52 KB
17 KB 8ms
8ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12620
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895357.334713,VS0,VE0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7111 0
747 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:57 GMT
AN-X-Request-Uuid: c9ec199b-3672-44ac-bd94-6d7dc2a18cb1
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6E71 0
747 B 16ms
16ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:57 GMT
AN-X-Request-Uuid: 022f8bc6-f6c5-4017-8fd5-165a774b1f16
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 323A 281 B
554 B 10ms
9ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5F6E 52 KB
17 KB 9ms
8ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12621
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895357.361564,VS0,VE0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9473 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:57 GMT
AN-X-Request-Uuid: 331a5bf5-c952-4306-af4d-f5029569ae08
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F475 52 KB
17 KB 14ms
8ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12350
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220067-HHN
X-Timer: S1670895357.375235,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2719 281 B
554 B 15ms
8ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8259 52 KB
17 KB 11ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6685
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 6737
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220062-HHN
X-Timer: S1670895357.378607,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1559 281 B
554 B 10ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A855 52 KB
17 KB 8ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12622
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895357.382650,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F11B 281 B
554 B 14ms
9ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame CF1C 281 B
554 B 13ms
8ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CD95 52 KB
17 KB 8ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12623
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895357.400459,VS0,VE0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5136 0
747 B 19ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:57 GMT
AN-X-Request-Uuid: 68ab8d70-b31f-40e8-8d88-6465bf08059b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FEAF 52 KB
17 KB 7ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6685
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 6738
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220062-HHN
X-Timer: S1670895357.404174,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E3AE 281 B
554 B 8ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D4AA 0
747 B 15ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:57 GMT
AN-X-Request-Uuid: c7b429c7-6ec0-457d-9111-71d196da7c6e
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2454 281 B
554 B 8ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3327 52 KB
17 KB 7ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6685
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 6739
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220062-HHN
X-Timer: S1670895357.419647,VS0,VE0

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 7711 85 KB
36 KB 23ms
22ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:57 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:31:12 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 922E 52 KB
17 KB 8ms
8ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12624
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895357.421318,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 9CBC 281 B
554 B 7ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2243 52 KB
17 KB 7ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12625
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895357.438913,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2899 281 B
554 B 7ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C47C 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:57 GMT
AN-X-Request-Uuid: dd364c5a-06cf-46fc-ad81-6c8b9b4f89b8
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 29E5 281 B
554 B 7ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3D38 52 KB
17 KB 7ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6685
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 6740
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220062-HHN
X-Timer: S1670895357.447713,VS0,VE0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0D76 0
747 B 16ms
16ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:57 GMT
AN-X-Request-Uuid: 7533b39b-56bf-456b-83ec-61267cfc811c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame ACA6 0
747 B 17ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:57 GMT
AN-X-Request-Uuid: 4505d863-4fb1-4185-8f90-b4b8479b178a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame FD3A 0
127 B 21ms
19ms Ping
text/plain 2a02:2638::21

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:57 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 66E6 0
840 B 17ms
16ms Ping
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QKbCvQkAhsFAAADANYABQEI-K3fnAYQvv3dt-r2ieoqGN6a8NOG2cPwZio2Cf3Gy-Me4pE_EXq8k4a-v4c_GQAAACCuR9E_ITBXcXAKp4w_KRb2tMNfk5U_MQAAAEDheoQ_MNev7Qw4mFBAyk5IAlCT_PlmWLXyoAFgAGic3MQBeJ72BYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJTdWYoJ2EnLCA0NTI1MzYyLCAwKTt1ZignaScsIDQxMjYxNjksIDApO3VmKCdnJywgMTE0OTM4ODcsIDApO3VmKCdyJywgMjE1OTA3ODU5LCAwKTuSAv0DIUttUWNCZ2pGaUkwVEVKUDgtV1lZQUNDMThxQUJNQUE0QUVBQVNNcE9VTmV2N1F4WUFHQ1dCMmdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCa2U4SzhPRjZsRF9CQWE1ZHZJaHRrcFVfeVFFQUFBQUFBQUR3UDlrQlV6OXZLbEpoN2pfZ0FkbnItd0gxQVFyWG96eVlBZ0NnQWdHMUFnQUFBQUM5QWdBQUFBREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0dBQXdHWUF3RzZBd2xCVFZNek9qWXhNam5nQV93dmdBU2J2ZGtEaUFTY3Zka0RrQVFBbUFRQndRUUFBQUFBQUFBQUFNa0VBQQ2jHEFEWUJBRHhCEQ8oQUFBaUFYeEw2a0YZuAwteEJRARoJATx3UVY3Rks1SDRYcVVQOGtGCRYUQUE4RF9SLigACDJRVQ0b8ENEd1AtQUZ1eER3QmZfRHZRWDRCYkthbEFLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQm5zVXJrZmhlcFFfcUFZRXNnWWtDUQ1LDEFBQUUdjABHHQwASR0MVHVBWUuaApkBIXR4YUplQWpGaUkwVEVNAdh0ZktnQVNBQUtBQXhleFN1Ui1GNmxEODZDVUZOVXpNNk5qRXlPVUQ4TDBsVFAyOHFVbUh1UDFFAXwJAQRGawkIAQEER0UBBgkBAEcdGABIHRgQSGdBaVEREPD9RHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2Vhcm5tZS5jbHViL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7bAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTc2qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDzEwMDU4I0FNUzM6NjEyOdoEAggB4AQB8AST_PlmiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFsKIC-gUECAAQAJAGAJgGALgGAMEGAAABJijwP9AGuzPaBhYKEAEPLgEAYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOL8GQADIB572BdIHDQkRPAE4CNoHBgknaOAHAOoHAggA8AeLvwGKCAIQAJUIAACAP5gIAQ..&s=74d662e011113e72956a244014a1fb53fa2cd6bb&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=8662165811987353362&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957783&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:57 GMT
AN-X-Request-Uuid: 2e7569ad-8f33-45f6-96e5-a65d84d2abea
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 016C 0
840 B 16ms
16ms Ping
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QKbCvQkAhsFAAADANYABQEI-a3fnAYQktCamaWTuaISGN6a8NOG2cPwZio2Cf3Gy-Me4pE_EXq8k4a-v4c_GQAAAOCjcM0_ITBXcXAKp4w_KRb2tMNfk5U_MQAAAEDheoQ_MNuv7Qw4mFBAyk5IAlCT_PlmWLXyoAFgAGi4n8MBeMzyBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJTdWYoJ2EnLCA0NTI1MzYyLCAwKTt1ZignaScsIDQxMjYxNjksIDApO3VmKCdnJywgMTE0OTM4ODcsIDApO3VmKCdyJywgMjE1OTA3ODU5LCAwKTuSAv0DIXoyUFkwd2pGaUkwVEVKUDgtV1lZQUNDMThxQUJNQUE0QUVBQVNNcE9VTnV2N1F4WUFHQ1dCMmdBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCa2U4SzhPRjZsRF9CQWE1ZHZJaHRrcFVfeVFFQUFBQUFBQUR3UDlrQlV6OXZLbEpoN2pfZ0FkbnItd0gxQVFyWG96eVlBZ0NnQWdHMUFnQUFBQUM5QWdBQUFBREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0NBQXdHWUF3RzZBd2xCVFZNek9qWXdNemZnQV93dmdBU2J2ZGtEaUFTY3Zka0RrQVFBbUFRQndRUUFBQUFBQUFBQUFNa0VBQQ2jHEFEWUJBRHhCEQ8oQUFBaUFXVkw2a0YZuAwteEJRARoJATx3UVY3Rks1SDRYcVVQOGtGCRYUQUE4RF9SLigACDJRVQ0b8ENEd1AtQUZ1eER3QmZfRHZRWDRCYkthbEFLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQm5zVXJrZmhlcFFfcUFZRXNnWWtDUQ1LDEFBQUUdjABHHQwASR0MVHVBWUuaApkBIXRSYjhkd2pGaUkwVEVNAdh0ZktnQVNBQUtBQXhleFN1Ui1GNmxEODZDVUZOVXpNNk5qQXpOMEQ4TDBsVFAyOHFVbUh1UDFFAXwJAQRGawkIAQEER0UBBgkBAEcdGABIHRgQSGdBaVEREPD9RHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2Vhcm5tZS5jbHViL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7bAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTg1LjIxMy4xNTUuMTc2qAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDzEwMDU4I0FNUzM6NjAzN9oEAggB4AQB8AST_PlmiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFsKIC-gUECAAQAJAGAJgGALgGAMEGAAABJijwP9AGuzPaBhYKEAEPLgEAYBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwgFGkQgADAAOL8GQADIB8zyBdIHDQkRPAE4CNoHBgknaOAHAOoHAggA8AeLvwGKCAIQAJUIAACAP5gIAQ..&s=2857f0806295f5284b66304cec3101552303a4ab&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=8662165811987353362&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957787&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:57 GMT
AN-X-Request-Uuid: ceeecf73-4822-4090-9007-1d2be3e1f4d9
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 08BB 0
837 B 14ms
14ms Ping
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&e=wqT_3QK0CvBVNAUAAAMA1gAFAQj1rd-cBhCDwZyf_9Gr6TwY3prw04bZw_BmKjYJLmfG-vX2oj8R6_qqhQXjmT8ZAAAAQOF6tD8hBaVo5V5goz8pwFsgQfFjrD8xAAABG7iUPzC_yNIJOOZTQOo_SAJQk-OBvgFYkduKAWAAaOHotwF43_UFgAEBigEDVVNEkgUG8EyYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCU3VmKCdhJywgMjkyMDk5NCwgMCk7dWYoJ2knLCA1MzE0MDYyLCAwKQUULGcnLCAxOTQ4ODA4MBUpMHInLCAzOTg0ODc5NTUFFvCLkgKBBCF3V1NfV3dpWDZ2c1pFSlBqZ2I0QkdBQWdrZHVLQVRBQU9BQkFBRWpxUDFDX3lOSUpXQUJnbGdkb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFjTDV6MC1PWkt3X3dRSEMtYzlQam1Tc1A4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUdPck1RQzlRSE56TXc5bUFJQW9BSUJ0UUkFJAB2DQjwVXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpRVTFUTXpvMk1URXo0QVA4TDRBRThKR3RDWWdFMXFITUNaQUVBWmdFQWNFRUFBBWMUQUFBREpCAQcNARgyQVFBOFFRDQ4oQUFBSWdGNFMtcEIRExRQQV9zUVUBGgkBGE1FRm1wbVoBAgx1VF9KBSgcR0RZdnVFXzAuKAAITmtGCTHIQUE4RF9nQmFrcjhBWFF1cVVKLUFXaXBMSUJnZ1lEVlZORWlBWUFrQVlCbUFZQW9RYWFtBV4wbTVQNmdHQkxJR0pBaxFLCEFBQh3LBEJrGRgAQx0YRExnR0NnLi6aApkBITBCVlhZZzoFAjRKSGJpZ0VnQUNnQU1acQlvWGJrX09nbEJUVk16T2pZeE1UTkFfQzlKEWIMOEQ5UhEMDEFBQlodDABoHQwAcB0MAHgdDAw0QUlrNXjw7ThEOC7YAgDgAonRVOoCKWh0dHBzOi8vZWFybm1lLmNsdWIvbm9yZC1uMS1mcm9tLW9uZXBsdXMvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNzaoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOODE3MCNBTVMzOjYxMTPaBAIIAeAEAfAEk-OBvgGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAABD2zYBQHgBQHwBakF-gUECAAQAJAGAJgGALgGAMEGASAwAADwP9AG6CnaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOL8GQADIB9_1BdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AeLvwGKCAIQAJUIAACAP5gIAQ..&s=44d3447ed15bf8fcad6e8e50674336454c47bd6c&type=nv&nvt=5&jm=1003&px=989&py=320&bw=300&bh=250&sid=1803606851259027171&vd=ct~0|rr~0&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20227135&sw=1600&sh=1200&pw=1600&ph=3608&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:57 GMT
AN-X-Request-Uuid: 755d64c9-1b42-4746-bde3-9f9862c2e2d9
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A323 34 KB
10 KB 7ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59169
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame BFC9 34 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59169
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 041A 34 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59169
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C15F 34 KB
10 KB 11ms
11ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59169
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 57EA 52 KB
17 KB 12ms
11ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 6742
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220062-HHN
X-Timer: S1670895358.814196,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7962 281 B
554 B 7ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 61D4 281 B
554 B 11ms
11ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2A97 52 KB
17 KB 7ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12627
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895358.817974,VS0,VE0

GET
H/1.1 200
OK viewability Show response
ad18.ad-srv.net/ Frame 9539 0
150 B 44ms
20ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad18.ad-srv.net/viewability?s=24697600004385701649441012172018&a=1b9f77c0&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=91be23a18b3eDu_b6bObJyZjNmgjNYA3VGAjpQA0zHIYy8mY_Hml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=47471400004385301467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fp9bgiwqovj0u8i5%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:57 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 364C 281 B
554 B 12ms
11ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8563 52 KB
17 KB 7ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12628
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895358.880616,VS0,VE0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 96F9 34 KB
10 KB 14ms
13ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59169
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0861 281 B
554 B 7ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C416 52 KB
17 KB 8ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:57 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12629
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895358.926297,VS0,VE0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 74BB 34 KB
10 KB 9ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59169
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FA06 34 KB
10 KB 26ms
25ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59169
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9F17 52 KB
17 KB 9ms
8ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6687
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12630
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895358.304589,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0847 281 B
554 B 55ms
54ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 68DC 34 KB
10 KB 8ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FB3E 34 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 323A 34 KB
10 KB 20ms
20ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 4D6F 85 KB
36 KB 26ms
25ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:58 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:31:12 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2719 34 KB
10 KB 9ms
9ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1559 34 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F11B 34 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame CF1C 34 KB
10 KB 7ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E3AE 34 KB
10 KB 9ms
9ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2454 34 KB
10 KB 9ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9CBC 34 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C436 281 B
554 B 23ms
14ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5158 52 KB
17 KB 23ms
15ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6687
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12631
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895358.335600,VS0,VE0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2899 34 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 29E5 34 KB
10 KB 14ms
14ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 08F0 281 B
554 B 58ms
50ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BF97 52 KB
17 KB 23ms
15ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 6744
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220062-HHN
X-Timer: S1670895358.336748,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A837 52 KB
17 KB 22ms
16ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6687
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12353
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220067-HHN
X-Timer: S1670895358.336766,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E898 281 B
554 B 21ms
18ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1

200
OK

request.php Show response
hal900028.redintelligence.net/ Frame 3455
Redirect Chain

https://hal900028.redintelligence.net/request.php?zone=pqzrxe8e8mo6&nw=20&renderingType=javascript&namespace=bc4ca182fb&subid=&uid=4b515ad4e2084cc8&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900028.redintelligence.net/request.php?zone=pqzrxe8e8mo6&nw=20&renderingType=javascript&namespace=bc4ca182fb&subid=&uid=4b515ad4e2084cc8&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

613 B
935 B

122ms
99ms

Script
application/x-javascript

88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request.php?zone=pqzrxe8e8mo6&nw=20&renderingType=javascript&namespace=bc4ca182fb&subid=&uid=4b515ad4e2084cc8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59973788%3Bcrtbwp%3DVLPvAtWBS0AEFrZmp8rZv6zboUFQG3yp0%3Bcrtbdata%3Del6TqoVMDqZMvNrwuwj5L_gh-Krp2vjHtNVHQU4OBy0ISjrEtFpOfDZ9JNJrNRQTHWyHopwZA_vGeKpNH8fNV_6Q018Q_0xzIfeN7JC-XW7J04_xY4TIsqaR6UG2tCLk4xzBRbCjWP1VphNr_nErroI1dDrbif0SU4yEcxci_DWb1Jfou_okYKQckU2Fb4eYRmggcV4l69A5sq1GjnARB3zmVI9sa37EHsgSY50jif5CfsRTXA7rNEBXtIMbdIQoK6795bbid_rgluaqRTTtSEcn7z1MzRlCf7gpsbU7-dDPOHlrY1s6p8N4iOtIBxgX0%3Badfibeg%3D0%3Bcdata%3Dw4dvV37RC5jHzBF-Qcv17MUK2Ev4JdCCZBrCtyEJFfhIqc7mShbaKCvZhEBkHI_cJoG9QWsDzBm8ZcGBfLEkiIcHQlbOzyC-oA9GDAzbgHQUFcc9yyPa6f_N7jxntrfLKD7TfxtG7NK45A-XK6WXskhpQmAcObdLZZbJq9TKcO8RgUF6X2Vc7ux-HTmi7qoSu1k8x6sQHqBR5DwK4QH1P74T_gpltIHigY13xyyqrUC58pexOKUkp1NoKZVSwNYk29IDoYxbtNjMD_rxmhFoK6e56xLXwttjMTOyvXFTZ4Zrq__X0J06qK4WrCE8ovGnFXfYpHQ_QbJholTa4zbQ2SUMpk3TK1lRZkf6sn78ktV621fHe56zhCUMpk3TK1lRsjokatFr4Q9B4SKZKGrNxw2%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dbkjnt%26e%3D1070536818601&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&random=6399196249581&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=bkjnt&e=1070536818601
Protocol: HTTP/1.1
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 3d006db284c8b91f1ea9644ea357b2b19b1daefee8ac248807e39ecd08bada18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 60212100005016506516379012172028
Connection: close
Content-Length: 329
Expires: Tue, 13 Dec 2022 01:35:59 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=pqzrxe8e8mo6&nw=20&renderingType=javascript&namespace=bc4ca182fb&subid=&uid=4b515ad4e2084cc8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59973788%3Bcrtbwp%3DVLPvAtWBS0AEFrZmp8rZv6zboUFQG3yp0%3Bcrtbdata%3Del6TqoVMDqZMvNrwuwj5L_gh-Krp2vjHtNVHQU4OBy0ISjrEtFpOfDZ9JNJrNRQTHWyHopwZA_vGeKpNH8fNV_6Q018Q_0xzIfeN7JC-XW7J04_xY4TIsqaR6UG2tCLk4xzBRbCjWP1VphNr_nErroI1dDrbif0SU4yEcxci_DWb1Jfou_okYKQckU2Fb4eYRmggcV4l69A5sq1GjnARB3zmVI9sa37EHsgSY50jif5CfsRTXA7rNEBXtIMbdIQoK6795bbid_rgluaqRTTtSEcn7z1MzRlCf7gpsbU7-dDPOHlrY1s6p8N4iOtIBxgX0%3Badfibeg%3D0%3Bcdata%3Dw4dvV37RC5jHzBF-Qcv17MUK2Ev4JdCCZBrCtyEJFfhIqc7mShbaKCvZhEBkHI_cJoG9QWsDzBm8ZcGBfLEkiIcHQlbOzyC-oA9GDAzbgHQUFcc9yyPa6f_N7jxntrfLKD7TfxtG7NK45A-XK6WXskhpQmAcObdLZZbJq9TKcO8RgUF6X2Vc7ux-HTmi7qoSu1k8x6sQHqBR5DwK4QH1P74T_gpltIHigY13xyyqrUC58pexOKUkp1NoKZVSwNYk29IDoYxbtNjMD_rxmhFoK6e56xLXwttjMTOyvXFTZ4Zrq__X0J06qK4WrCE8ovGnFXfYpHQ_QbJholTa4zbQ2SUMpk3TK1lRZkf6sn78ktV621fHe56zhCUMpk3TK1lRsjokatFr4Q9B4SKZKGrNxw2%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dbkjnt%26e%3D1070536818601&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&random=6399196249581&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 13 Dec 2022 01:35:58 +0100

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0417 0
747 B 25ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: 7dd52e0a-7d3c-49d6-a46b-0e2019c88ed2
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 69BF 52 KB
17 KB 19ms
16ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6686
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12546
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220034-HHN
X-Timer: S1670895358.337681,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F88C 281 B
554 B 21ms
19ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 01CD 52 KB
17 KB 18ms
18ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6687
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12331
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220075-HHN
X-Timer: S1670895358.338416,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 83B2 281 B
554 B 48ms
48ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0266 52 KB
17 KB 26ms
8ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6687
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12493
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220070-HHN
X-Timer: S1670895358.369379,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D074 281 B
554 B 19ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C876 0
747 B 24ms
23ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: 06dca16a-0b07-4e48-8551-b267016d7206
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK viewability Show response
ad18.ad-srv.net/ Frame 003C 0
150 B 58ms
18ms Script
text/html 144.76.91.199
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad18.ad-srv.net/viewability?s=62487700004385601649441012172018&a=9c35887a&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=6d9163666083fUDs4va84H7b7q9LtUmggOZ3DyPJ8qdLBT55zuIeJGi_QMOieXJYh89-NcSnNhB8i1jx7Uxnzhn2qAR94NRvI1vsgHlNw4blJEJJ1xS9SQOmpqzEp3BaUiGgea3hwilTJJLOTlOxcknGDNsfgWhTaVpnQob3SruDRvNBfomSTNr&subid=44605000004385401467939012172018&redirectClick=https%3A%2F%2Fad18.ad-srv.net%2Fc%2Fpbtqwpcg7ki48v1%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.91.199 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.199.91.76.144.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1DEA 281 B
554 B 28ms
17ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5704 52 KB
17 KB 17ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6687
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12632
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895358.371475,VS0,VE0

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame D7ED 85 KB
36 KB 42ms
22ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:58 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:31:12 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5676 281 B
554 B 20ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 12A4 52 KB
17 KB 22ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6687
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12494
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220070-HHN
X-Timer: S1670895358.397472,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 21FE 52 KB
17 KB 20ms
8ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6687
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12633
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220068-HHN
X-Timer: S1670895358.397647,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5693 281 B
554 B 21ms
9ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:35:58 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame FEDE 85 KB
36 KB 43ms
21ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:58 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:31:12 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 15E8 85 KB
36 KB 45ms
23ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:58 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:31:12 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 76B2 85 KB
36 KB 48ms
26ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:58 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:31:12 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame C6F8 85 KB
36 KB 50ms
28ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:58 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:31:12 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame E46C 85 KB
36 KB 51ms
31ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:58 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:31:12 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 8BC7 85 KB
36 KB 54ms
34ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:58 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:31:12 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 0550 85 KB
36 KB 60ms
41ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:58 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:31:12 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 2A6C 85 KB
36 KB 62ms
44ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:58 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 08:06:48 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 14 Dec 2022 04:31:12 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame AB93 0
747 B 22ms
15ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: f1aae695-11e1-4dc1-8185-5f077ad893f7
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame EA48 0
747 B 15ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: d6852399-e3ae-4574-88bb-f4b4e4e340a0
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
BLOB 200
OK d3c449a4-2405-42a8-8e84-85aea7bc3512
https://flashnetic.com/ Frame 7CC2 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://flashnetic.com/d3c449a4-2405-42a8-8e84-85aea7bc3512
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5a61134a6532a5623e5055442e4b88e247c0a5c8b0f8c1a9c6e2bfba6bf422c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7962 34 KB
10 KB 13ms
13ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 61D4 34 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 364C 34 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 31ms
30ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895357879&oz_l=4214&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:35:58 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4E57 0
747 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: 8e274e64-92e3-4d6e-85e2-0fb0b49df8fe
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8277 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: f31fe805-14d6-4904-8271-8318b7343fcf
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0861 34 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CD06 0
747 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: b443f701-0dd0-4418-aff2-d5a4d3fa15cf
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3974 0
747 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: 3d678bbe-080a-4cfd-8106-3477bcd8db70
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CA1D 0
747 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: ce817993-ef9b-4fd8-a37f-e4c199b5efc7
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5F6E 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: bfb2555a-2cdc-4f36-bc6f-ffd311bdc546
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F475 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: ca5e3fac-8325-46fc-ada7-f570d5c8ddb7
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8259 0
747 B 15ms
15ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: 16e96daf-8ec4-4746-8814-4fa4736c6276
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A855 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: f0675e50-98b8-43f8-9573-7695538dc617
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CD95 0
747 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: ab6a4d22-193f-4741-bae8-ea7f32411f25
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FEAF 0
747 B 15ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: d41a2c44-9e22-4bc5-92d3-a05d7c559bca
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3327 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: 359dfa9d-83b0-4c94-aa2d-d5f2d104ce16
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 922E 0
747 B 19ms
18ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: 3f0c13b6-b5ff-47c9-907c-641cb909cd6d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2243 0
747 B 16ms
15ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: 0ccd6885-333b-464f-a3b7-41eb833cd128
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 271A 42 B
64 B 72ms
72ms Fetch
image/gif 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssypyKtxv5kzMFYYYYys8wcI025LKPNHTjMSXq7LJ1lsNbIMCCujXapusydc96W2QT8qe8oDKswNyXey56IwrcdovkNXMloZbc&sig=Cg0ArKJSzGjwpqYsgSkpEAE&id=lidar2&mcvt=1404&p=0,0,250,300&mtos=0,0,1404,1404,1404&tos=0,0,1404,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.65&if=1&vu=1&app=0&itpl=32&adk=1146448895&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670895350866&rpt=6321&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3D38 0
747 B 15ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: 9ec3792a-4c10-43f9-8e75-cb3e7eb2d406
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame E89B 3 KB
2 KB 16ms
12ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dvpwyiix%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dvpwyiix%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DpIjprdQVl3zDnit8BXfkBXYFMvGzwv68tn77L2WYW9wZKuSWxLVPfZEOAGbjPBIsxULr%5FX%2DqKlkJZAsOfr%2D2Bj%5F%5Fzz8Adx5q1qHOUHFUD2TJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckestweyTTgh3e8sOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17Ke5OZ1O1iypTN4KaXthQ%5FTrbafUVrrWOivZhEBkHI%5FcJoG9QWsDzBkayoZihxKvHwkFV%2DL2m%5FMAYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIDM4%2DeepYqlvdOIkDOOxpoURmeuka6uxNt5APq2SjRWi%5F%2DP5BybOYXKfjHjflnDyu8fUa%5F9QBTVRMWu9wS9HIg399VrRst3KSzgVZpoeeFvafchxHaVNerPMD%5FrxmhFoKx%5FuFlcmbfesYIKlvB6pRklrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRjL1QSFJ9881sc8%5FLoTaaFTuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=pIjprdQVl3zDnit8BXfkBXYFMvGzwv68tn77L2WYW9wZKuSWxLVPfZEOAGbjPBIsxULr_X-qKlkJZAsOfr-2Bj__zz8Adx5q1qHOUHFUD2TJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckestweyTTgh3e8sOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17Ke5OZ1O1iypTN4KaXthQ_TrbafUVrrWOivZhEBkHI_cJoG9QWsDzBkayoZihxKvHwkFV-L2m_MAYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIDM4-eepYqlvdOIkDOOxpoURmeuka6uxNt5APq2SjRWi_-P5BybOYXKfjHjflnDyu8fUa_9QBTVRMWu9wS9HIg399VrRst3KSzgVZpoeeFvafchxHaVNerPMD_rxmhFoKx_uFlcmbfesYIKlvB6pRklrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRjL1QSFJ9881sc8_LoTaaFTuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: e8bc8685d26ddb09b64fef69e9b870e864f2a9a17f893a2f7a6408aac12cd7dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:58 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame 69D1 3 KB
2 KB 16ms
13ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dhjxvjsovg%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dhjxvjsovg%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DnedVi83WsnvrGTbicvU4oaYPmAsr313ySWYaKhB4SylRkGsSQ0eu8U1REz67sdhwk%5FNyztNUtlOOiS%5FyYpnDhiYOaG4vBPm6DF2OhZGJg0DJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckeseCfl9291i0MsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1%5F9LZPiJ37%2DKQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17Eq8jhVginPWh56B0yJJG9tSXwIwszARgCvZhEBkHI%5FcJoG9QWsDzBnoAyzXEy7MRXvm%5FSr%2DLS%2DaYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIEaxf%2DGe1y8YH4fFEXIr7qtcCsG1xcL%5Fkwe5fHQ1sbdaWzw6RvePn8MeDYJR7oLGu8JsDfOLX99lJqYsUs6OarE59vggw9e8QV8JJv7tC%2D6PfchxHaVNerPMD%5FrxmhFoKzrIJsZEUhko3f8b%5FjjnETdrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRkoCejhRBQWBsc8%5FLoTaaFTuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=nedVi83WsnvrGTbicvU4oaYPmAsr313ySWYaKhB4SylRkGsSQ0eu8U1REz67sdhwk_NyztNUtlOOiS_yYpnDhiYOaG4vBPm6DF2OhZGJg0DJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckeseCfl9291i0MsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17Eq8jhVginPWh56B0yJJG9tSXwIwszARgCvZhEBkHI_cJoG9QWsDzBnoAyzXEy7MRXvm_Sr-LS-aYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIEaxf-Ge1y8YH4fFEXIr7qtcCsG1xcL_kwe5fHQ1sbdaWzw6RvePn8MeDYJR7oLGu8JsDfOLX99lJqYsUs6OarE59vggw9e8QV8JJv7tC-6PfchxHaVNerPMD_rxmhFoKzrIJsZEUhko3f8b_jjnETdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRkoCejhRBQWBsc8_LoTaaFTuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: afab909ea32e707967162be43107b7d53fd81e3e8feb2adf754be6b9ddc71a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:58 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame 4439 3 KB
2 KB 15ms
14ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Daffvapki%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Daffvapki%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3D6kB3crmDNKsWM8u%2DB9O9gTvyK1tL95FjWESo1RIi1k1UV91viSPRx1AnoZODnFtPmQka40KdyHm1YZZo3kUXGXLmq2F7k582Bw8SFJsAcSHJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes9B64T1zb0aAsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17HQYtzcHMDBwIbD6pFJ%5Flt9MmOHp%5Fy4nMSvZhEBkHI%5FcJoG9QWsDzBkgTjE2YL1MFRlXK9%2DDExflYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIElunk64P%5FfoWPiv6%2DKZ%5FW%5FYmWH%5FKbMpS5%5FFh%2DwGBLH2qp9s8tC1dpJmQJ7S5%5FAvdWArf1%5FO7zw7IoKk67Er%2DIdeHFrEX577lAYndwVOLAEHfchxHaVNerPMD%5FrxmhFoKytfPNJyJjV63eZ87oXFuy1rq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRRrXrgLpOPzxsc8%5FLoTaaFTuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=6kB3crmDNKsWM8u-B9O9gTvyK1tL95FjWESo1RIi1k1UV91viSPRx1AnoZODnFtPmQka40KdyHm1YZZo3kUXGXLmq2F7k582Bw8SFJsAcSHJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes9B64T1zb0aAsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17HQYtzcHMDBwIbD6pFJ_lt9MmOHp_y4nMSvZhEBkHI_cJoG9QWsDzBkgTjE2YL1MFRlXK9-DExflYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIElunk64P_foWPiv6-KZ_W_YmWH_KbMpS5_Fh-wGBLH2qp9s8tC1dpJmQJ7S5_AvdWArf1_O7zw7IoKk67Er-IdeHFrEX577lAYndwVOLAEHfchxHaVNerPMD_rxmhFoKytfPNJyJjV63eZ87oXFuy1rq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRRrXrgLpOPzxsc8_LoTaaFTuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: e997cb350e3843b0d194c453e2c2261c298ea526f88034929c871a054e0f8b2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:58 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame A886 3 KB
2 KB 21ms
20ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dyxdkoegzfc%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dyxdkoegzfc%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DR0qCEcXgZSFFrKo8oEky%2De%2DcIFDb3Zlwn4hQAqJ1GQaPEWqxVMPxa5EOAGbjPBIsN2bTBkk7hALfxo9hzdclO%2Dad%2DMTVp0wbEjHbWULcdyLJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckestweyTTgh3e8sOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1wx9RouD9%5FuBQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17Ix6a%2DktWn%5F4kzqDKvUuzQkQ6wIavotEtCvZhEBkHI%5FcJoG9QWsDzBkSeZdpDMouO2zLZw52SWX3YJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIOlyFzi60HzoywGZmALMWCrAiy0mW9C2cSYfqamXsGV05v5vVT2K3ibSo2WF3sfTiDxXqx0VZolB0%5FPFesXatuS7VVnH69CX1r%5FtI5ZaxyW1fchxHaVNerPMD%5FrxmhFoK3dxOpZq1E%5Fy2zaHcEgb3Y5rq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRS4T1Ugn1gwdsc8%5FLoTaaFTuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=R0qCEcXgZSFFrKo8oEky-e-cIFDb3Zlwn4hQAqJ1GQaPEWqxVMPxa5EOAGbjPBIsN2bTBkk7hALfxo9hzdclO-ad-MTVp0wbEjHbWULcdyLJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckestweyTTgh3e8sOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1wx9RouD9_uBQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17Ix6a-ktWn_4kzqDKvUuzQkQ6wIavotEtCvZhEBkHI_cJoG9QWsDzBkSeZdpDMouO2zLZw52SWX3YJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIOlyFzi60HzoywGZmALMWCrAiy0mW9C2cSYfqamXsGV05v5vVT2K3ibSo2WF3sfTiDxXqx0VZolB0_PFesXatuS7VVnH69CX1r_tI5ZaxyW1fchxHaVNerPMD_rxmhFoK3dxOpZq1E_y2zaHcEgb3Y5rq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRS4T1Ugn1gwdsc8_LoTaaFTuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: fbe63de32afd856a3b56af22f7b8e8b079a57150aa9b7e8ab80561e1a7c8bfff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:58 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame 3F00 3 KB
2 KB 25ms
25ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dzghiaia%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dzghiaia%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DBn6VM2oCxsh3PPOV55lLABHLO7eOUZZCdGVG0m3hGQtWJobxScKznTZ9JNJrNRQT0Tg6Oi8JbQmNNUYEthR8m9Kn%5F0N8GggcRCl4QzTGvk3JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes%2Doud5M6wThksOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1%5F9LZPiJ37%2DKQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17MtdVMNi9L6PpkoMUQkJxrmlwWWwIuLA3yvZhEBkHI%5FcJoG9QWsDzBmhs5C8%2D0qV4Jetwxed4%2DZrYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIMVUmw5cvtXj7Qm8vkk1Pa%5F68SItz9kft9A6vgUjMvAwIbgcf91CCJGusLecpEKFqTt3Ek7HDuSm4f0sumI%5FL3LVN3QwHi0V%2DHu5T21twkWVfchxHaVNerPMD%5FrxmhFoK8YuNHSJm1hPeXrGGiGHT0lrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRCC3oYRGZIKdsc8%5FLoTaaFTuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=Bn6VM2oCxsh3PPOV55lLABHLO7eOUZZCdGVG0m3hGQtWJobxScKznTZ9JNJrNRQT0Tg6Oi8JbQmNNUYEthR8m9Kn_0N8GggcRCl4QzTGvk3JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes-oud5M6wThksOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17MtdVMNi9L6PpkoMUQkJxrmlwWWwIuLA3yvZhEBkHI_cJoG9QWsDzBmhs5C8-0qV4Jetwxed4-ZrYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIMVUmw5cvtXj7Qm8vkk1Pa_68SItz9kft9A6vgUjMvAwIbgcf91CCJGusLecpEKFqTt3Ek7HDuSm4f0sumI_L3LVN3QwHi0V-Hu5T21twkWVfchxHaVNerPMD_rxmhFoK8YuNHSJm1hPeXrGGiGHT0lrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRCC3oYRGZIKdsc8_LoTaaFTuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: eabda88ce2fa9f149b5ba7c62fa731f56c73d4985fb6cc6c6605f7a8efb4ba27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:58 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 banner Show response
ad13.adfarm1.adition.com/ Frame BFE3 3 KB
2 KB 24ms
17ms Script
text/javascript 217.79.188.54
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dhsqgdrxxr%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dhsqgdrxxr%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3D6kB3crmDNKuGLn04XPWPSErVV%5FckqU9qLXJo5HLbTjX3VHuUvcUEydO6EqB0BATowXdz7qlQPQl2MzsghNnt236CkpKrt8FNcc6ug0h1ahjJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckeseWavUdsDT2MsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1%5F9LZPiJ37%2DKQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17GxG7Yr7yy6PbP6WqnFD1bU692A%5FGvn7gCvZhEBkHI%5FcJoG9QWsDzBkbiw0WJOyWavNxtEB%5FeRYmYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIKtn1uaATRwR%2D25t%2DvY8oEx5ejoVAmu9bCpTLh9bKqJZjjO%2DOLk9SJ3r8o93PtWaJ2wRxP3irXw1n1%5FStym%5FRUWS9JFAy%2DueoDWIQNULdTkTfchxHaVNerPMD%5FrxmhFoKyQ5DIzM4DM%2DEzbxITlqgCdrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR%2Ddv5%5F6IpAfdsc8%5FLoTaaFTuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/js?wp_id=4713001&gdpr=&gdpr_consent=&kid=4971351&clickurl=https://track.adform.net/C/?bn=60048282;crtbwp=6RvqNEblK_SxqQvcpmnE6KzboUFQG3yp0;crtbdata=6kB3crmDNKuGLn04XPWPSErVV_ckqU9qLXJo5HLbTjX3VHuUvcUEydO6EqB0BATowXdz7qlQPQl2MzsghNnt236CkpKrt8FNcc6ug0h1ahjJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckeseWavUdsDT2MsOureLEUptyMaucXncUL87nZ7Wrm-RkmH7bqgKM7E1_9LZPiJ37-KQeEimShqzcc1;adfibeg=0;cdata=BDmRv-mgj0HHzBF-Qcv17GxG7Yr7yy6PbP6WqnFD1bU692A_Gvn7gCvZhEBkHI_cJoG9QWsDzBkbiw0WJOyWavNxtEB_eRYmYJx_Oo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd_AK2XIKtn1uaATRwR-25t-vY8oEx5ejoVAmu9bCpTLh9bKqJZjjO-OLk9SJ3r8o93PtWaJ2wRxP3irXw1n1_Stym_RUWS9JFAy-ueoDWIQNULdTkTfchxHaVNerPMD_rxmhFoKyQ5DIzM4DM-EzbxITlqgCdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR-dv5_6IpAfdsc8_LoTaaFTuOiLq4yCDS0;;CREFURL=https%3a%2f%2fearnme.club;C=1;cpdir=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.79.188.54 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: aa.adfarm1.adition.com
Software: ADITIONSERVER v1.0 /
Resource Hash: c52321b8b0a3e79c3b3282745c7403b035e58542b50e14287e4769aff7dc3a01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 02:35:58 +0100
content-encoding: gzip
server: ADITIONSERVER v1.0
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
content-type: text/javascript
cache-control: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame 7DA7 23 KB
23 KB 37ms
31ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dcyupjnth%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dcyupjnth%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DpIjprdQVl3zmDdyNw3cSGVE9X2KlB0r2sGmOhVE9WTXtSsdvslkUhBmhi8XDu%5FQ2v4%2DxzsvQ6hkCHauhkDM2VaeOlRnmmlEp7rd2%2DUIinG%5FJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesekeP2M9dIFcsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1wx9RouD9%5FuBQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17AC2O2N9A10opfGDJE9HZUO9nibwhW1jaSvZhEBkHI%5FcJoG9QWsDzBkD7nkL9m7DiSBD4WIT5ePsYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIDoDWQQdoDSy6EhqtDSWEHQ%5FL3MOqieVcDs0ruxrTHEZTbmz62WADnl1zXOOQe6QY4zFF7kz9hsk%2D4XDfjaHqTcKaA6nicBPseDIXSV44hYQ4rXpmTozSPnMD%5FrxmhFoKzWJro81gZBX2O%5F3J4z2dA5rq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRGSaF%5FlGlkdZoVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:58 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4459 0
747 B 15ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: 0f370f5d-4cbf-4579-ae08-b0887037e679
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame A30D 23 KB
23 KB 21ms
19ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dqlggoqc%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dqlggoqc%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DnedVi83Wsns5y%5FgHEO1oOq2iFWU34Wb0FFyZcKivfaWB9bPyIGiXx5EOAGbjPBIsM8PBq0CnifYq7vt4QMBDCjmRFfAV0C7HLuBRMnyq9gjJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesau%5F9YhHhNXcsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1%5F9LZPiJ37%2DKQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17F8Yxsrg2ehw0y3MVHqcy56%2Dv%5F8xUO9xwSvZhEBkHI%5FcJoG9QWsDzBkyQ6DT3tB3ISd7xcqkAcPdYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIFzi0pukx6wu5fpCa1QzQrFNH9hkxthG4zugUj2beSvTb%2DMmQXLeVI8yNqQIU8uo1HH6IW0B38dh1N6AXS%5F0tYuSy7mLzaDKoOrgQtEsqCtw4rXpmTozSPnMD%5FrxmhFoKxevcvz4vmvpWHn8CsoOzUprq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRH27A3lI1JyJoVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:58 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame 99E5 23 KB
23 KB 15ms
10ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dzophdtn%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dzophdtn%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DttNmYRvTsQunmS9emcxVN389yDirH5ObxDPw0vN6APreduWji%2DOQ%2DFAnoZODnFtPMwMF4%5F14hWwQsMNaN%2DonzKNBAZmtQXAYCD6t9pjcdoDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesN2kt0MFgTmosOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1wx9RouD9%5FuBQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17MBG3kk3KdVJfhoREAwAoqReYw%5FUxOrGfSvZhEBkHI%5FcJoG9QWsDzBkVO8TClUps9qgIWOP1knuEYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIJtg5oaFFH%2D5YedKwI5KqtCO9wMp%2Dnf3ZFmNfixCh20W3NCATQElP4wlAHk%2DxpOC1CH63ycwm7TfWzrtEz7kL9GHYevDaxcr2xCn%2DuH05T954rXpmTozSPnMD%5FrxmhFoK%2DB7Q89A%2DcheWs3YUhMctt1rq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR4sq1G%2DTayuxoVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:58 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame 17AE 23 KB
23 KB 10ms
9ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dbipodbdgfk%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dbipodbdgfk%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DpIjprdQVl3ySv3BQcZTyESFpyzIuExD9%2DIDL9rSQP86zgixjPE8clp7RJsIFLDe%2DQYDD5jX1V7eRz%5FnKojNWsGzyMunvTlGSwpE1mocy1wDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesXTw643e2q1EsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1%5F9LZPiJ37%2DKQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17D6DefE6Mc%2DBP6I0IVF5oElKhYzMFQH5WivZhEBkHI%5FcJoG9QWsDzBlo%5F5Ie%2Dz%2DnZhILOIA61IlBYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIGRgxI%5FAzVSpa%5FfkYsQf8s0PSbpwrAVJhV3TDWfDeqfeXGHkVFgBcDOGxPMHvN2edaTZ87%2DO2soFS%2DEhQaCNucKXhpy5tUMwUKecKbQJR%5Fwv4rXpmTozSPnMD%5FrxmhFoK1c%2D2bwUKXHzbC%2DnGWd8s81rq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRdpq%5Ftmp%5FXixoVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:58 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame 2674 23 KB
23 KB 10ms
9ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dokqaizdly%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dokqaizdly%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DTJ4qHFkmLj2xjbj%5FDSPSdv8uxOp4VadipWElZEXNR7CdflIx%2Dj2gb9O6EqB0BAToBRxu1Oeyvg54EdaJDVWTOG9WF%5FMs9DQUf2ZiUkc%2D%5FkbJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckess0drL8uHixwsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17MBy28sy6KMM61o6Ql0wXMDgt3sm%2D%5Fh2hSvZhEBkHI%5FcJoG9QWsDzBlGWXBmC%5Fq05zD9Q1dnaMSRYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIBtxg9MDdXQE0pRzXvGYyQs6TpZY6UqVPnGGdQVn7E%2Dj73D%5FN8ifuJXDnp2w4xn2u3LJhEsIQ5Xnee7diXkN%2DQG1cQMo6pGGCKEMXkc7w01b4rXpmTozSPnMD%5FrxmhFoK4nCXpfWa3LxfqlSBre6sLprq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRmArYgWa2mT5oVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:58 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame 9E94 23 KB
23 KB 10ms
9ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dyusjeyea%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dyusjeyea%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3D6kB3crmDNKsA1erjN7kBQz%2D9bdwi6BnBrBdr4bZSs1vPg%2Dk%2D3Jylr01REz67sdhw2B0rW3xYz1ou2lf76kIC3K3AWcvoosZedRDZMebUfw3JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckess0drL8uHixwsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17PK8e6d4h0NUzWXR6j3a%5FMQh6loRpvAGrivZhEBkHI%5FcJoG9QWsDzBlk6PVdaGkbtiGeFMVfGZToYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIJARaPTGWE9CCh2DGbQYvjpe82O6%2DLhNZ83EWb3heq5Wj6rASBpWCUGlkRoZ8nPa5XwFQ7lyGLnn4zz4n9Ycl4r5BHjm%2DqQoqebfACWDpHiA4rXpmTozSPnMD%5FrxmhFoK0oP8%5FYWsr38EK%2Dbw1jvrmRrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRgkesmTuxZuZoVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:58 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame 9173 23 KB
23 KB 9ms
9ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dinjfbw%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dinjfbw%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3D6kB3crmDNKv4UBGNctTrpXUmOCVbLVYNxJU5JkiVqYUqoL8sPvzXLX2yRoDgrbSgFMtimstrpkHJQjdlPoMfCL5jDvSgfUrnROzIeBYU%5FNTJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesGUYtvN61XXQsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17JsVaBiQ30Y%5F6TpZMt%5FKfYzKT9VYMHiboSvZhEBkHI%5FcJoG9QWsDzBn%5Ftlp4832UotOcabnSN2SOYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIIQGoNbk%2Ds4oC%5FBE1CDYNwvcqzfnZompmbv1DEge74uCi%2DnbTXmwr%5Fuc23ZAPAlQnNlpp%5FWtEeQM2Wn9TGX44JgplVnfdRTeclOVIqwKN55w4rXpmTozSPnMD%5FrxmhFoKzROMlGGe6iuGJ9mo626PpJrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRweDf9XIDlpr4O%2Dguf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:58 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame 0994 23 KB
23 KB 10ms
9ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dwvgcabh%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dwvgcabh%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3Del6TqoVMDqYb7tNGlrpsfcRcs9ioKD%2DxUF5UzR3KyZddEAOw4zEnZIPGMD3VRZ1RF5edEVELpTqn125GOSg9QiT3XpZPf5rk%5Fr6OL9%5FeogfJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesasoVfeTdcMIsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1%5F9LZPiJ37%2DKQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17GgTB9Ayd6Nu4wrclQR54e685eB%2DZosCzSvZhEBkHI%5FcJoG9QWsDzBneB3BfhDUkOc%5FdF8%5FfK3BhYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIGZ%2DEQns79LWZrXozCnacxof3qLrzDATx%5FDe%2DHWXpHHcXICQspCdHsLUouMD1eXeevvRy5tfNAuWU8arxRZQoD47R4%2DWwAy1cin%5FISY%5F3udc4rXpmTozSPnMD%5FrxmhFoK%2DW3WvpleCIJi2SGrFDkI81rq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRv3BDCeEJtBb4O%2Dguf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:58 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame D00A 23 KB
23 KB 11ms
10ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dzvkvgpe%26e%3D1582957865563&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dzvkvgpe%26e%3D1582957865563&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3D6hySndOYzXWS%5F%5FFe%5FuvTDI3j5kggto7jPBI6%5FrGR9pErFycflZbI5Rmhi8XDu%5FQ26%5FiPSMtem97q8ZB0JSq1PUwu%5FOYHo1IF5Q%5F0LNFeFg7JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes2EdVqHNfd24sOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1wx9RouD9%5FuBQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17Ef1PgsvfTkwvBWSwYsoK9i%2D4wSt8kziSivZhEBkHI%5FcJoG9QWsDzBlA1whvxiF0AWyyDn9QDoliYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIKbl8TWDRZCMnE9vCaWYKl2Wb%2DzxTaO8fTBgyLsNN0fjewRAP4ibU3ej3%5FzeVagWEYZUOu4lqFbywbenasZ8IN6XyztqpZrn1SG%2Ds4gYI%5Foc4rXpmTozSPnMD%5FrxmhFoK9kUWndKCONbUwpzT0hjO25rq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR6o7YPNaJkE%5F4O%2Dguf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:58 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame C52D 23 KB
23 KB 11ms
9ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dnyszpkpy%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dnyszpkpy%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DY7sXdZWOOc%2DP4tg2rjcZDuV%2DvAoFg3rR6e5SnFOtbCUCzDYGSodiszRRtJvKKd9iQSrVwV%5Ft9ZSyYnsiak5Wz7IlTwkxmgzbF8nJWJEd0rDJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesPx0qJA48hjMsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1wx9RouD9%5FuBQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17JmiGRh%5Fhv%2Di%5FzW2JOSySxNH2%5Fp%2DBqMbOivZhEBkHI%5FcJoG9QWsDzBnyZzSN3JD68OjJQ5R1nsC3YJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIOk57TEtfmfJM2NFtpzpmaAGiU5jQ81vacMll7Z5D4Ocn7sOZ%2DK6g5lTTRRw2gZjkdbAf8gsdZWMEYV3S3RZXI8JPsByBKxJXPfch21Jw1Z2fchxHaVNerPMD%5FrxmhFoK3o51cVb%2Dxcfn%5FLtLwJFYCBrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRHXxkN2MvTh%5F4O%2Dguf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:58 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame D4D7 23 KB
23 KB 54ms
54ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dpxx%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dpxx%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DhPzTdJMDKIg5v0ENd9o6GfZW2bmGw8clO7ZzS9YLmI1Ugl5JxTR721MM0KY5cE%5FzN5%5Fob0fZOSewJMpg2V%5FQxBh1LMHJJ3lk0d0u2%2DxKx%2DPJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckescO8H3y7CrUEsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1wx9RouD9%5FuBQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17IvYhWeYM2cJenR4zzNUlyrYfltm2YVkTCvZhEBkHI%5FcJoG9QWsDzBl9Ms4oTp%5FMCUMHqCi%5Fzvd%5FYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIDmGruYsJkk73gbI1%5FAQTm%2DFsSqpxRmdSvXgxDKyno4rdyBBFcn44x%5FgfdV6eZQ4HaIWrbC6hoBr%2DL5fqH45Axhr2jWzgucT8ctolXlQQDr8fchxHaVNerPMD%5FrxmhFoK3CAU8abZJ9uGpf2G29wBVVrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRj9MzvtcfbgT4O%2Dguf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:58 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame 056F 23 KB
23 KB 46ms
45ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dnagevtxugi%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dnagevtxugi%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3Del6TqoVMDqYxl0wbZ7BTsjDPbCsHC3IuGyi96%2DiBEXiuGCq%5FBnXAyVAnoZODnFtPbcnv062g4GWlmXc3im9CjgvvoiRcP8PVuzVMIBRTO13JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesqB15WDlK0ZIsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17BTm0q%5FP%5FcbZyAQhyDtLC0X5JbXTyK4L6CvZhEBkHI%5FcJoG9QWsDzBkibNCqSYZ4RNqHPh2rMriTYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIN%5FL%5FiOsU8s6i7GOS1VHJ7YMI5sIBc%5FyMXmY7kTcWy4tzZB%2DKVlYOADtMEpZr9It%2Dx7VXldrmy5Ot3Ro43eNrhIAkO%5FX2m7xTjf8Dbazjy18fchxHaVNerPMD%5FrxmhFoK7eUT8bBEc%2DRVfjw38Mm%2Dnlrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoKfXVBgUfuH4O%2Dguf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:58 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame A3A3 23 KB
23 KB 31ms
30ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dwfiayoaq%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dwfiayoaq%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DnedVi83WsnvuwYG4pwN7wWQfmiISvqpxHJgnhBNEdMF%2DbIBZuq023dO6EqB0BATo8rexdUz48iFv3%2Dm0nIg9zbxZStwh7Ig57Z88je1ZJrHJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes%5FHwUFDsxAJYsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1%5F9LZPiJ37%2DKQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17MEyhVf3YZurJLpsL3vChhiygqK2BPuanivZhEBkHI%5FcJoG9QWsDzBmefx9OCBYxK1baeTd56ab1YJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIEYT6foR4Ef9tUhjyNKYLq89fb8BBjHTrTFPg%2DmjtXRvGz36fqeMNbwlBIaTou60y%5FUAnjxOaYGp80RfLrkfb82J0y8QJ8NHsV1bOFngFcoPfchxHaVNerPMD%5FrxmhFoK%2Duad65qrgDENV%2DBVN%2DW79prq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR0udSj6MoTvT4O%2Dguf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:58 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame 90A4 23 KB
23 KB 31ms
30ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Depztovze%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Depztovze%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3DUSZo8a%2DcS5k3HSapHNWz6KzboUFQG3yp0%3Bcrtbdata%3DBn6VM2oCxshsJBJGaugXNeYj2aOaBq3B6L83QIj17HYYOBhAj%5FcAZTRRtJvKKd9iybm0rP3h1kj2DfAOsQzDQiEQN453GDQEUaFRSbckBQvJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesTbeAlC6eDDFAgpBh3%5F9PptmhJaxM7bDE7nZ7Wrm%2DRkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17PXMGtUiNYHmkEImNWUUG2NeebxzM7Oq6CvZhEBkHI%5FcJoG9QWsDzBlBVbdekCkBPWAvaa1T9du0KzUgJW84h3pkwpx8sIKJgTIMbDP56G59tC0QiFi2EhNHcxAaOI%5F3lqY4EkQwDCFdHhvah%2DyX1Bhbjzw%5F7dmKwRS1sS4%5FbxSpKUk2JNz9KhbrrI4RlVgr5WbMsLYKcoP0wTs%2Dp88o%5FdHi5OFau4XkbW%5FjdQCFda1WmtZExxQvfaAhL2ZKY8k8lsP%5FXnMiEfXiCMPcreEvob2uFqwhPKLxp8yECIRnbFRCYaJU2uM20NklDKZN0ytZUcKQNGfQuvo%5F%2DDvoLn%2D2JHc7joi6uMgg0g2%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:58 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame 9EA9 23 KB
23 KB 28ms
27ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Deghxslsd%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Deghxslsd%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DA8iMOn7YAicxKiJTDezZ5f2f3J0MGoLi5odfww%2DH8VUNjxCDM4%5FY3ecxbCA7OgRLTCm29U1ofij6vZ1rUVCusjBQC4jNBJYm2tncKUcnSd7JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckesMYvWYadD4kssOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1%5F9LZPiJ37%2DKQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17EsLVOVbMCTrHqkUp7oyWSKcbJ7M7hIGNivZhEBkHI%5FcJoG9QWsDzBmwutm3L8peLevFFHt%5F7wqWYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIFavBoJIL1lTGj7rBJUSZkYXDn9s%5Fvp%2DNafTfriSnhGhR9YtHO9TEMrCRCnF8iAg9nGIXgzOWdIJrNjOa9GgGE2nVMA%5Fns7BqKjVVx1lQtdqfchxHaVNerPMD%5FrxmhFoKzB7XYbM8Z9AG5SHpzvh6tdrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRPcQwlJZIcVP4O%2Dguf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:58 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 85E2 0
747 B 16ms
15ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10726&pub_id=1805345&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10726&pub_id=1805345

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: 5188b9db-35a7-4974-b567-c051de36914e
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7111 0
747 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: db75f466-77b5-4b09-a565-9d96e321ca9a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C436 34 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6E71 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: 961ae86d-2b7e-478b-9331-e872a1a6f534
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E898 34 KB
10 KB 9ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9473 0
747 B 15ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:58 GMT
AN-X-Request-Uuid: c2442e60-a9b6-41e3-b07b-a0da3d7b9eb6
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F88C 34 KB
10 KB 7ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0847 34 KB
10 KB 7ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59168
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5136 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 286beb20-5980-4a5d-90ff-fc53671e62ef
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D074 34 KB
10 KB 8ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59167
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 08F0 34 KB
10 KB 7ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59167
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 83B2 34 KB
10 KB 7ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59167
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1DEA 34 KB
10 KB 7ms
7ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59167
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5676 34 KB
10 KB 8ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59167
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D4AA 0
747 B 20ms
20ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 9bccb04f-39c1-4441-97b8-04698d1bd21f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 08BB 287 B
627 B 8ms
8ms Image
image/png 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-85.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Sat, 03 Dec 2022 02:06:38 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C1
age: 862161
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 287
x-amz-cf-id: f7H1JvU9lmuNu67gkEce4V_UtLJVBQ_HvqVE1soxYi9oN1PhFBCcHw==
expires: Mon, 02 Jan 2023 02:06:38 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 08BB 43 B
1 KB 100ms
100ms Image
image/gif 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=sojern02_d-ct&pid=sojern01&cid=sojern&w=300&h=250

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-85.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: x-WjNIRGbQy9R2xKUmC-cl_t7haLNLzoECebwX0FsgRfomz3DFN3xA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5693 34 KB
10 KB 10ms
10ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59167
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2A97 0
747 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 00c52b18-b3a6-4d18-8527-d1ff67b963a5
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 57EA 0
747 B 26ms
25ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: aab43966-03f8-4d36-a0fc-e25198ef148a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C47C 0
747 B 15ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 20c0318d-00c2-42ba-bc0f-8283b691f181
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0D76 0
747 B 19ms
18ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: d3ffbf2f-6200-4563-b005-bbfc5937fe1d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame ACA6 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 1682f326-a3bd-43f2-894e-ca17323e9167
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 08BB 43 B
1 KB 375ms
375ms Image
image/gif 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=sojern02_d-ct&pid=sojern01&cid=0&w=300&h=250

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-85.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=31536000
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
x-amz-cf-id: q7UNnVNzRFU-SFEPXDm42DZzHmXlr8D7rAlHn-lWlRbjqSOtoOueJA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8563 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 11c77256-d008-4b97-9617-025b76b0a688
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C416 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: f3d0f416-677e-4d26-84e6-463018f03a66
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 501E 35 B
488 B 19ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895359244

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/csimpr/ Frame 7711 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=56680285&csi=w1TaGv3BjYHZEUfm5nl_q6Cvp9oMAPy5rfKLWbxS18HZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 54573432.png
s1.adform.net/Banners/54573432/ Frame 7711 33 KB
34 KB 21ms
20ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/54573432/54573432.png?bv=2
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9be8ee3dc6d9d82567040f34226ad5bd3cfb10c686f25ae6ad47a73afb13f50d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
last-modified: Fri, 15 Jul 2022 07:16:28 GMT
server: nginx
x-amz-request-id: tx000003a7670c801f3b113-006397b375-3293aae9-default
etag: "66a15058d763cb77e57e1452a40debd7"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34105

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9F17 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 2cf2f234-c90c-4717-a6e2-fd58e86272d3
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5158 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 071f24b8-9403-477f-8eb4-83a4d68e1ec2
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BF97 0
747 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: b6408485-68fb-4c65-8b37-4158bfe17fae
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A837 0
747 B 13ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 33e42819-1e76-4ec9-a1b3-2a058777abea
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 69BF 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 94327859-d4cc-48c1-a48d-0ffca2f44fe4
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 01CD 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 1a51b5fc-6c8c-40bc-ab58-379e4d8a9c8d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0266 0
747 B 13ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 6b0d043b-7c18-4926-aeb5-fbcd65dd9cf3
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5704 0
747 B 15ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: f6b63b30-ca1d-4e1a-9d80-ac6d4112b018
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 12A4 0
747 B 13ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 897f909c-482f-48c7-bb99-975977c8812a
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 21FE 0
747 B 17ms
16ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 2a602856-541e-4a0d-b141-8169783e0a1d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 3852 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200525
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 08BB 739 B
1 KB 8ms
7ms Image
image/png 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=en-admarker-full-tr.png
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-85.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 23 Nov 2022 07:35:18 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C1
age: 1706441
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 739
x-amz-cf-id: yycVAzf0Ex3AeI3jJtOgzI2X8Q-BfYh4koRcuo1qPRrJTm8jaJuNxQ==
expires: Fri, 23 Dec 2022 07:35:18 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 08BB 739 B
1 KB 7ms
7ms Image
image/png 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-85.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Tue, 29 Nov 2022 01:01:53 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C1
age: 1211646
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 739
x-amz-cf-id: jRkytJJ7pYycDjMHXNFUqbm3jWUri2RuzobkKoG_JRd2rZl2RxiNyw==
expires: Thu, 29 Dec 2022 01:01:53 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 501E 35 B
468 B 20ms
18ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-SMopbVCT6kgi8Z5Xjoz8CJ-m9tFOi7_nuybUF9Vlz-luIH_XNKszJyTBDjc4LoA6meHad8CzFZoDUZVNBq51ShghUEnP6WXKFQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,8059634247190906928,100|1075|0|0|0|0|0|0|0||42|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsbOHUdyK5LNBhpnBRkvb3lA7z_uuw_WOM1|ylQVxy0h3Id42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Qb_6smX1KGRxv1DSGA0RdMnZUVJHm7U4IN672X_Kv1WTGb5GQxU-uwRQTAIouGwYCOUdQWx7eaBE3qgsOAQNWc438McD3LeUID9jTA9wD4ksfMEX5By_Xskui0bMBUl7HUn5BwdnFtagO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 501E 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,8059634247190906928,100|1075|0|0|0|0|0|0|0||42|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsbOHUdyK5LNBhpnBRkvb3lA7z_uuw_WOM1|ylQVxy0h3Id42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Qb_6smX1KGRxv1DSGA0RdMnZUVJHm7U4IN672X_Kv1WTGb5GQxU-uwRQTAIouGwYCOUdQWx7eaBE3qgsOAQNWc438McD3LeUID9jTA9wD4ksfMEX5By_Xskui0bMBUl7HUn5BwdnFtagO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0417 0
747 B 15ms
15ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 0656fe5f-c6cb-426c-ab30-34422c578bf9
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1EB4 0
12 B 36ms
35ms Image
text/plain 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?moVecg
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C876 0
747 B 15ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 66379694-b1cc-4cc1-ab27-2723b46984ce
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame 3F00 23 KB
23 KB 10ms
9ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dzghiaia%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dzghiaia%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DBn6VM2oCxsh3PPOV55lLABHLO7eOUZZCdGVG0m3hGQtWJobxScKznTZ9JNJrNRQT0Tg6Oi8JbQmNNUYEthR8m9Kn%5F0N8GggcRCl4QzTGvk3JdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes%2Doud5M6wThksOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1%5F9LZPiJ37%2DKQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17MtdVMNi9L6PpkoMUQkJxrmlwWWwIuLA3yvZhEBkHI%5FcJoG9QWsDzBmhs5C8%2D0qV4Jetwxed4%2DZrYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIMVUmw5cvtXj7Qm8vkk1Pa%5F68SItz9kft9A6vgUjMvAwIbgcf91CCJGusLecpEKFqTt3Ek7HDuSm4f0sumI%5FL3LVN3QwHi0V%2DHu5T21twkWVfchxHaVNerPMD%5FrxmhFoK8YuNHSJm1hPeXrGGiGHT0lrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRCC3oYRGZIKdsc8%5FLoTaaFTuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:59 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame BFE3 23 KB
23 KB 18ms
17ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dhsqgdrxxr%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dhsqgdrxxr%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3D6kB3crmDNKuGLn04XPWPSErVV%5FckqU9qLXJo5HLbTjX3VHuUvcUEydO6EqB0BATowXdz7qlQPQl2MzsghNnt236CkpKrt8FNcc6ug0h1ahjJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckeseWavUdsDT2MsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1%5F9LZPiJ37%2DKQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17GxG7Yr7yy6PbP6WqnFD1bU692A%5FGvn7gCvZhEBkHI%5FcJoG9QWsDzBkbiw0WJOyWavNxtEB%5FeRYmYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIKtn1uaATRwR%2D25t%2DvY8oEx5ejoVAmu9bCpTLh9bKqJZjjO%2DOLk9SJ3r8o93PtWaJ2wRxP3irXw1n1%5FStym%5FRUWS9JFAy%2DueoDWIQNULdTkTfchxHaVNerPMD%5FrxmhFoKyQ5DIzM4DM%2DEzbxITlqgCdrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lR%2Ddv5%5F6IpAfdsc8%5FLoTaaFTuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:59 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 08BB 0
837 B 15ms
14ms Ping
text/html 185.89.211.132
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&e=wqT_3QK0CvBVNAUAAAMA1gAFAQj1rd-cBhCDwZyf_9Gr6TwY3prw04bZw_BmKjYJLmfG-vX2oj8R6_qqhQXjmT8ZAAAAQOF6tD8hBaVo5V5goz8pwFsgQfFjrD8xAAABG7iUPzC_yNIJOOZTQOo_SAJQk-OBvgFYkduKAWAAaOHotwF43_UFgAEBigEDVVNEkgUG8EyYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCU3VmKCdhJywgMjkyMDk5NCwgMCk7dWYoJ2knLCA1MzE0MDYyLCAwKQUULGcnLCAxOTQ4ODA4MBUpMHInLCAzOTg0ODc5NTUFFvCLkgKBBCF3V1NfV3dpWDZ2c1pFSlBqZ2I0QkdBQWdrZHVLQVRBQU9BQkFBRWpxUDFDX3lOSUpXQUJnbGdkb0FIQUFlQUNBQVFDSUFRQ1FBUUdZQVFHZ0FRR29BUUd3QVFDNUFjTDV6MC1PWkt3X3dRSEMtYzlQam1Tc1A4a0JBQUFBQUFBQThEX1pBUUEJDnRQQV80QUdPck1RQzlRSE56TXc5bUFJQW9BSUJ0UUkFJAB2DQjwVXdBSUF5QUlBMEFJQTJBSUE0QUlBNkFJQS1BSUFnQU1CbUFNQnVnTUpRVTFUTXpvMk1URXo0QVA4TDRBRThKR3RDWWdFMXFITUNaQUVBWmdFQWNFRUFBBWMUQUFBREpCAQcNARgyQVFBOFFRDQ4oQUFBSWdGNFMtcEIRExRQQV9zUVUBGgkBGE1FRm1wbVoBAgx1VF9KBSgcR0RZdnVFXzAuKAAITmtGCTHIQUE4RF9nQmFrcjhBWFF1cVVKLUFXaXBMSUJnZ1lEVlZORWlBWUFrQVlCbUFZQW9RYWFtBV4wbTVQNmdHQkxJR0pBaxFLCEFBQh3LBEJrGRgAQx0YRExnR0NnLi6aApkBITBCVlhZZzoFAjRKSGJpZ0VnQUNnQU1acQlvWGJrX09nbEJUVk16T2pZeE1UTkFfQzlKEWIMOEQ5UhEMDEFBQlodDABoHQwAcB0MAHgdDAw0QUlrNXjw7ThEOC7YAgDgAonRVOoCKWh0dHBzOi8vZWFybm1lLmNsdWIvbm9yZC1uMS1mcm9tLW9uZXBsdXMvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xODUuMjEzLjE1NS4xNzaoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOODE3MCNBTVMzOjYxMTPaBAIIAeAEAfAEk-OBvgGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAABD2zYBQHgBQHwBakF-gUECAAQAJAGAJgGALgGAMEGASAwAADwP9AG6CnaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOL8GQADIB9_1BdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AeLvwGKCAIQAJUIAACAP5gIAQ..&s=44d3447ed15bf8fcad6e8e50674336454c47bd6c&type=pv&jm=1003&px=989&py=320&bw=300&bh=250&sf=1&sid=1803606851259027171&vd=ct~0|rr~5&sv=231&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20227135&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/231/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 5dd65913-1eb6-4781-9404-588733f49618
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame D7ED 35 B
468 B 21ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=54901439&csi=Kp6AaEadeEEN6vytWbodWVOvqyU1HAb1Op1UWkwSOO3ZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 53068672.png
s1.adform.net/Banners/53068672/ Frame D7ED 49 KB
49 KB 21ms
21ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/53068672/53068672.png?bv=1
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: d18a0693047f427f7c002606a1ddd5d2960741ec7c7819a7c06abeb6cdbe799a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
last-modified: Tue, 24 May 2022 14:17:53 GMT
server: nginx
x-amz-request-id: tx00000f370c525937ef92e-006397b325-32940f80-default
etag: "48a637d1633d894f8e9dfb1a4d95974f"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 49953

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame AB93 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 773f0201-9b32-43bd-8ffd-be003343b036
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK request_content.php Show response
hal900028.redintelligence.net/ Frame 11E6 4 KB
2 KB 41ms
15ms Document
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request_content.php?s=60212100005016506516379012172028&a=82eaf16c
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=pqzrxe8e8mo6&nw=20&renderingType=javascript&namespace=bc4ca182fb&subid=&uid=4b515ad4e2084cc8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D59973788%3Bcrtbwp%3DVLPvAtWBS0AEFrZmp8rZv6zboUFQG3yp0%3Bcrtbdata%3Del6TqoVMDqZMvNrwuwj5L_gh-Krp2vjHtNVHQU4OBy0ISjrEtFpOfDZ9JNJrNRQTHWyHopwZA_vGeKpNH8fNV_6Q018Q_0xzIfeN7JC-XW7J04_xY4TIsqaR6UG2tCLk4xzBRbCjWP1VphNr_nErroI1dDrbif0SU4yEcxci_DWb1Jfou_okYKQckU2Fb4eYRmggcV4l69A5sq1GjnARB3zmVI9sa37EHsgSY50jif5CfsRTXA7rNEBXtIMbdIQoK6795bbid_rgluaqRTTtSEcn7z1MzRlCf7gpsbU7-dDPOHlrY1s6p8N4iOtIBxgX0%3Badfibeg%3D0%3Bcdata%3Dw4dvV37RC5jHzBF-Qcv17MUK2Ev4JdCCZBrCtyEJFfhIqc7mShbaKCvZhEBkHI_cJoG9QWsDzBm8ZcGBfLEkiIcHQlbOzyC-oA9GDAzbgHQUFcc9yyPa6f_N7jxntrfLKD7TfxtG7NK45A-XK6WXskhpQmAcObdLZZbJq9TKcO8RgUF6X2Vc7ux-HTmi7qoSu1k8x6sQHqBR5DwK4QH1P74T_gpltIHigY13xyyqrUC58pexOKUkp1NoKZVSwNYk29IDoYxbtNjMD_rxmhFoK6e56xLXwttjMTOyvXFTZ4Zrq__X0J06qK4WrCE8ovGnFXfYpHQ_QbJholTa4zbQ2SUMpk3TK1lRZkf6sn78ktV621fHe56zhCUMpk3TK1lRsjokatFr4Q9B4SKZKGrNxw2%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dbkjnt%26e%3D1070536818601&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&random=6399196249581&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 91008b67a520c645f9d1d322af2ffcd638b5a79bc21a4c23a31128123cb2fa5f

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1516
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Dec 2022 01:35:59 GMT
Expires: Tue, 13 Dec 2022 01:35:59 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

POST
H2 200 /
track.adform.net/csimpr/ Frame 15E8 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=57914107&csi=TSoVWy5CDOsMJELuMTk2FPGG9zWbPBARIWISw5fOs4zZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 55483020.png
s1.adform.net/Banners/55483020/ Frame 15E8 59 KB
59 KB 21ms
21ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/55483020/55483020.png?bv=1
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f59fa0e1e7cb3999c1da5cf36974ea32b7b5b1181f6caaac83b67df9f7187b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
last-modified: Tue, 13 Sep 2022 09:15:32 GMT
server: nginx
x-amz-request-id: tx000007b4d890c518cc9d5-006397b2f8-32940f80-default
etag: "0a6d011a959f71726e74ff26bb0ece19"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 60394

GET
H2 200 55483020.png
s1.adform.net/Banners/55483020/ Frame FEDE 59 KB
59 KB 21ms
20ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/55483020/55483020.png?bv=1
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f59fa0e1e7cb3999c1da5cf36974ea32b7b5b1181f6caaac83b67df9f7187b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
last-modified: Tue, 13 Sep 2022 09:15:32 GMT
server: nginx
x-amz-request-id: tx000007b4d890c518cc9d5-006397b2f8-32940f80-default
etag: "0a6d011a959f71726e74ff26bb0ece19"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 60394

POST
H2 200 /
track.adform.net/csimpr/ Frame FEDE 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=57914107&csi=w1TaGv3BjYGgP2rYzlAy0uPCE4s9iZTQIWISw5fOs4zZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame EA48 0
747 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 14765f5a-ccd9-4ad2-9959-3e3c0776054b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 55483020.png
s1.adform.net/Banners/55483020/ Frame 76B2 59 KB
59 KB 20ms
20ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/55483020/55483020.png?bv=1
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f59fa0e1e7cb3999c1da5cf36974ea32b7b5b1181f6caaac83b67df9f7187b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
last-modified: Tue, 13 Sep 2022 09:15:32 GMT
server: nginx
x-amz-request-id: tx000007b4d890c518cc9d5-006397b2f8-32940f80-default
etag: "0a6d011a959f71726e74ff26bb0ece19"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 60394

POST
H2 200 /
track.adform.net/csimpr/ Frame 76B2 35 B
468 B 19ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=57914107&csi=XdM4-WjZqXBA782J91FuvlD2db-FfZ_GIWISw5fOs4zZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/csimpr/ Frame C6F8 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=56129379&csi=IC_SwPvieHOh13NCNdm-3yX69i9InoErl8tdX6uNcMfZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 54008057.png
s1.adform.net/Banners/54008057/ Frame C6F8 21 KB
22 KB 20ms
20ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/54008057/54008057.png?bv=1
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 59ab73e2bb150fbfdac912834d39f6773aacd20ef22f6d40200b99a0b57e6102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
last-modified: Tue, 21 Jun 2022 09:58:50 GMT
server: nginx
x-amz-request-id: tx000006cf2b1612eeda108-006397b3c6-329354d9-default
etag: "aacb046a4e32b584d56481e2699b3cbc"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21862

POST
H2 200 /
track.adform.net/csimpr/ Frame E46C 35 B
468 B 19ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=57892097&csi=iTDYAAtBfGRhFH1LAPC5wmj4HvVmCu5XhhDLEPauob3ZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 55461633.png
s1.adform.net/Banners/55461633/ Frame E46C 19 KB
19 KB 21ms
20ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/55461633/55461633.png?bv=1
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0e9d25fbd4a392c6b7fba678ea0a2a16e0f7da2b3281fc136c03bac6d996cfd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
last-modified: Mon, 12 Sep 2022 09:58:18 GMT
server: nginx
x-amz-request-id: tx000004ddf213db0836abf-006397b368-3293aae9-default
etag: "d38270bd5523e3432a87df98a237a95e"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19271

GET
H2 200 55483020.png
s1.adform.net/Banners/55483020/ Frame 8BC7 59 KB
59 KB 21ms
20ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/55483020/55483020.png?bv=1
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f59fa0e1e7cb3999c1da5cf36974ea32b7b5b1181f6caaac83b67df9f7187b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
last-modified: Tue, 13 Sep 2022 09:15:32 GMT
server: nginx
x-amz-request-id: tx000007b4d890c518cc9d5-006397b2f8-32940f80-default
etag: "0a6d011a959f71726e74ff26bb0ece19"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 60394

POST
H2 200 /
track.adform.net/csimpr/ Frame 8BC7 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=57914107&csi=eX4pSArZrUfRat8wMcDYUrcGHI6-2-X4IWISw5fOs4zZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 55461633.png
s1.adform.net/Banners/55461633/ Frame 0550 19 KB
19 KB 20ms
20ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/55461633/55461633.png?bv=1
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0e9d25fbd4a392c6b7fba678ea0a2a16e0f7da2b3281fc136c03bac6d996cfd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
last-modified: Mon, 12 Sep 2022 09:58:18 GMT
server: nginx
x-amz-request-id: tx000004ddf213db0836abf-006397b368-3293aae9-default
etag: "d38270bd5523e3432a87df98a237a95e"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19271

POST
H2 200 /
track.adform.net/csimpr/ Frame 0550 35 B
468 B 19ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=57892097&csi=2jYjt_4YNo1_BpO95aIq8Eq0_RphBrtbhhDLEPauob3ZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 54573432.png
s1.adform.net/Banners/54573432/ Frame 2A6C 33 KB
34 KB 23ms
20ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/54573432/54573432.png?bv=2
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.225/e/2gSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9be8ee3dc6d9d82567040f34226ad5bd3cfb10c686f25ae6ad47a73afb13f50d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
last-modified: Fri, 15 Jul 2022 07:16:28 GMT
server: nginx
x-amz-request-id: tx000003a7670c801f3b113-006397b375-3293aae9-default
etag: "66a15058d763cb77e57e1452a40debd7"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34105

POST
H2 200 /
track.adform.net/csimpr/ Frame 2A6C 35 B
468 B 21ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=56680285&csi=RHnTLb6xdbY2GqwYV0xwn--wgUbgQarjrfKLWbxS18HZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 get
choices.trustarc.com/ Frame 5643 287 B
626 B 8ms
8ms Image
image/png 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=307801502&js=pmw2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-85.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Sat, 03 Dec 2022 02:06:38 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C1
age: 862161
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 287
x-amz-cf-id: BP6eM2eu-lMTy6wKh-2mFd-7YJT6qBEzwdzSDlhnls1Gu7fKo76e6Q==
expires: Mon, 02 Jan 2023 02:06:38 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 5643 739 B
1 KB 9ms
8ms Image
image/png 13.224.189.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=en-admarker-full-tr.png
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=307801502&js=pmw2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-85.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 23 Nov 2022 07:35:18 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa024.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C1
age: 1706441
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 739
x-amz-cf-id: M89NBtgEELcjYz02U1qRVhHIm7-B1oTkPQfUsNUM2pvo4U0UjGW4-w==
expires: Fri, 23 Dec 2022 07:35:18 GMT

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ctrack
track1.avplayer.com/ 0
70 B 108ms
107ms Image
text/plain 34.239.216.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=9&e=cply&cb=1670895359634
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.216.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-216-139.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame E89B 23 KB
23 KB 9ms
9ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dvpwyiix%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dvpwyiix%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DpIjprdQVl3zDnit8BXfkBXYFMvGzwv68tn77L2WYW9wZKuSWxLVPfZEOAGbjPBIsxULr%5FX%2DqKlkJZAsOfr%2D2Bj%5F%5Fzz8Adx5q1qHOUHFUD2TJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckestweyTTgh3e8sOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17Ke5OZ1O1iypTN4KaXthQ%5FTrbafUVrrWOivZhEBkHI%5FcJoG9QWsDzBkayoZihxKvHwkFV%2DL2m%5FMAYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIDM4%2DeepYqlvdOIkDOOxpoURmeuka6uxNt5APq2SjRWi%5F%2DP5BybOYXKfjHjflnDyu8fUa%5F9QBTVRMWu9wS9HIg399VrRst3KSzgVZpoeeFvafchxHaVNerPMD%5FrxmhFoKx%5FuFlcmbfesYIKlvB6pRklrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRjL1QSFJ9881sc8%5FLoTaaFTuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:59 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame 69D1 23 KB
23 KB 9ms
9ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dhjxvjsovg%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dhjxvjsovg%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DnedVi83WsnvrGTbicvU4oaYPmAsr313ySWYaKhB4SylRkGsSQ0eu8U1REz67sdhwk%5FNyztNUtlOOiS%5FyYpnDhiYOaG4vBPm6DF2OhZGJg0DJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckeseCfl9291i0MsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1%5F9LZPiJ37%2DKQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17Eq8jhVginPWh56B0yJJG9tSXwIwszARgCvZhEBkHI%5FcJoG9QWsDzBnoAyzXEy7MRXvm%5FSr%2DLS%2DaYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIEaxf%2DGe1y8YH4fFEXIr7qtcCsG1xcL%5Fkwe5fHQ1sbdaWzw6RvePn8MeDYJR7oLGu8JsDfOLX99lJqYsUs6OarE59vggw9e8QV8JJv7tC%2D6PfchxHaVNerPMD%5FrxmhFoKzrIJsZEUhko3f8b%5FjjnETdrq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRkoCejhRBQWBsc8%5FLoTaaFTuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:59 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame 4439 23 KB
23 KB 9ms
9ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Daffvapki%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Daffvapki%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3D6kB3crmDNKsWM8u%2DB9O9gTvyK1tL95FjWESo1RIi1k1UV91viSPRx1AnoZODnFtPmQka40KdyHm1YZZo3kUXGXLmq2F7k582Bw8SFJsAcSHJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckes9B64T1zb0aAsOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E10k7qAnQa3L0QeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17HQYtzcHMDBwIbD6pFJ%5Flt9MmOHp%5Fy4nMSvZhEBkHI%5FcJoG9QWsDzBkgTjE2YL1MFRlXK9%2DDExflYJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIElunk64P%5FfoWPiv6%2DKZ%5FW%5FYmWH%5FKbMpS5%5FFh%2DwGBLH2qp9s8tC1dpJmQJ7S5%5FAvdWArf1%5FO7zw7IoKk67Er%2DIdeHFrEX577lAYndwVOLAEHfchxHaVNerPMD%5FrxmhFoKytfPNJyJjV63eZ87oXFuy1rq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRRrXrgLpOPzxsc8%5FLoTaaFTuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:59 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

GET
H2 200 000002424828.jpg
imagesrv.adition.com/banners/3137/files/00/24/ff/fc/ Frame A886 23 KB
23 KB 9ms
9ms Image
image/jpeg 217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3137/files/00/24/ff/fc/000002424828.jpg
Requested by: Host: ad13.adfarm1.adition.com
URL: https://ad13.adfarm1.adition.com/banner?sid=4713001&adjsver=3&fvers=&iframe=1&ref=https%3A//flashnetic.com/r/p.html%3Ff%3Dyxdkoegzfc%26e%3D1011989061034&ro=https%3A//flashnetic.com/r/p.html%3Ff%3Dyxdkoegzfc%26e%3D1011989061034&uao=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/108.0.5359.98%20Safari/537.36&os=17&browser=11&userid=7176440904765408485&kid=4971351&screen_res=6&wpt=J&clickurl=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D60048282%3Bcrtbwp%3D6RvqNEblK%5FSxqQvcpmnE6KzboUFQG3yp0%3Bcrtbdata%3DR0qCEcXgZSFFrKo8oEky%2De%2DcIFDb3Zlwn4hQAqJ1GQaPEWqxVMPxa5EOAGbjPBIsN2bTBkk7hALfxo9hzdclO%2Dad%2DMTVp0wbEjHbWULcdyLJdVNPTLJm4SM9Afw9re89ztqshedlpVBmNYf4XRnfl00uMtkPckestweyTTgh3e8sOureLEUptyMaucXncUL87nZ7Wrm%2DRkmH7bqgKM7E1wx9RouD9%5FuBQeEimShqzcc1%3Badfibeg%3D0%3Bcdata%3DBDmRv%2Dmgj0HHzBF%2DQcv17Ix6a%2DktWn%5F4kzqDKvUuzQkQ6wIavotEtCvZhEBkHI%5FcJoG9QWsDzBkSeZdpDMouO2zLZw52SWX3YJx%5FOo8PVpGGOCvdVxfZmEX60yv4QNVFQ7iZ2v2aXV5Ewyd%5FAK2XIOlyFzi60HzoywGZmALMWCrAiy0mW9C2cSYfqamXsGV05v5vVT2K3ibSo2WF3sfTiDxXqx0VZolB0%5FPFesXatuS7VVnH69CX1r%5FtI5ZaxyW1fchxHaVNerPMD%5FrxmhFoK3dxOpZq1E%5Fy2zaHcEgb3Y5rq%5F%5FX0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRS4T1Ugn1gwdsc8%5FLoTaaFTuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%3A%2F%2Fearnme.club%3BC%3D1%3Bcpdir%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 13 Dec 2022 01:35:59 GMT
last-modified: Wed, 07 Sep 2022 12:35:32 GMT
accept-ranges: bytes
etag: "2731951104"
content-length: 23536
content-type: image/jpeg

POST
H2 200 /
track.adform.net/csimpr/ Frame 4D6F 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=57891877&csi=Z06Zgr7ppOQ4jTWEvBbv85LYF8ioA4I2x5VSfQrxuU7ZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:35:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 55461615.png
s1.adform.net/Banners/55461615/ Frame 4D6F 18 KB
18 KB 22ms
20ms Image
image/png 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.adform.net/Banners/55461615/55461615.png?bv=1
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6f2bffc75872cd4fe991f9387e44d3783a9c4d10a48ea6d528875532ae663632

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
last-modified: Mon, 12 Sep 2022 09:43:39 GMT
server: nginx
x-amz-request-id: tx00000648ba64006727de0-006397b3a1-32940f80-default
etag: "22edf2ef90860f881083ff320e620c12"
x-cache-status: STALE
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Range,Content-Length
x-rgw-object-type: Normal
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18392

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4E57 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: ab2e7841-d7c9-497f-bbbb-052e63dc1f89
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8277 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: ce1dfc78-e119-4660-9c95-62817d03b220
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CD06 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 347937a4-8be7-43bb-be8b-253ce803cc41
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3974 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 55d2661f-af1d-4dd7-bd97-825174a43933
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CA1D 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: d156f703-274d-4914-aeba-b1c4c45d3bf3
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5F6E 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 8c25ee03-1339-4572-bb4f-191c05797189
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F475 0
747 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: b445519b-908e-4fc3-92b0-4fbbae9da19e
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8259 0
747 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 2dba3f79-b073-40f9-9261-7dce4178f29c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A855 0
747 B 19ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 5094af0c-b915-4d6d-9c8e-5d043bfac7e5
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CD95 0
747 B 20ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 589b37c2-b4a6-45fa-a627-8b4104e6eacb
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FEAF 0
747 B 19ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 4d0e331e-719f-44a2-adce-04acff6b0211
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3327 0
747 B 24ms
17ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 4c810c59-9b7e-4511-b67d-4cacc78f5d86
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 922E 0
747 B 22ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: f19258e1-0646-4e25-9f36-4509b2302f5d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK Grafik2_300x250.jpg
cdn.contentspread.net/24i/advertiser/68981/creativesup/ Frame 11E6 52 KB
52 KB 59ms
17ms Image
image/jpeg 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/68981/creativesup/Grafik2_300x250.jpg
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=60212100005016506516379012172028&a=82eaf16c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 Tuttlingen, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 993b6cceb1e753233a116e559082c6a9c7015b17ca74e2caacd2f77034388995

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:59 GMT
Last-Modified: Mon, 28 Nov 2022 14:58:22 GMT
Server: nginx
ETag: "6384cc8e-cf5f"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 53087

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2243 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: c8ed15aa-1e07-4ca1-9123-e44ca07d5612
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3D38 0
747 B 15ms
15ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:35:59 GMT
AN-X-Request-Uuid: 4564d357-c213-4457-9160-b0e4a4a871e7
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 index_0_250_00001.ts Show response
streaming.playstream.media/storage/videos/3f6d200d-1300-419d-83cc-3bee8e741c83/ 607 KB
609 KB 9ms
9ms XHR
video/mp2t 2400:52e0:1e00::723:1

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.playstream.media/storage/videos/3f6d200d-1300-419d-83cc-3bee8e741c83/index_0_250_00001.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Slovenia, ASN (),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 0814a413c55d0467ecd1e1a875312d1b4acb9f0b5d69d6a029e297b0228512a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Tue, 13 Dec 2022 01:35:59 GMT
cdn-edgestorageid: 1047
cdn-cachedat: 11/15/2022 10:25:53
cdn-pullzone: 1024237
content-length: 621528
last-modified: Tue, 29 Mar 2022 11:25:33 GMT
server: BunnyCDN-DE1-723
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "6242ecad-97bd8"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: a54d5f78d07bb96efc7e919e62034440
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1A41 0
12 B 42ms
41ms Image
text/plain 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NtqWYA
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 63ms
53ms Preflight
text/plain 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 778af75f2be79195-FRA
content-length: 24
content-type: text/plain
date: Tue, 13 Dec 2022 01:35:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BdVz5tiiWOXA1O0yT5kFJsSX0GmUv104qjpzg7jyXHLamnalpUnFZdyVuqhwEJM2%2B4QBNkpMMmNgyPoiN0mtAJ4mFk3shVpgsk%2FcXo1aJkSFUmNJ4z4hlQUpA8m3bIk54IJVaU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-0wjn

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 59ms
50ms Preflight
text/plain 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 778af75f2be59195-FRA
content-length: 24
content-type: text/plain
date: Tue, 13 Dec 2022 01:35:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gejR9T3JzcIheyYXO6pIj9PWXKCcncCWrq4H4XQjZgBpTscPIYqzAXSsALxmripFfBO9vLjaxfTP2EfoKV223dujEDXdJRSmNivfbmKLtjP6FoEdAPoFvrydRTG%2Fa6rMZD8OP2w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-0wjn

POST
H3 200 rs Show response
ad4m.at/ Frame 137E 1 KB
1 KB 31ms
30ms XHR
text/plain 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 6047100429f8a90629103c95ee29fd4ba8b187d0c67fbe28dd57183ed5e9bd90

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhGn6j%2ByjGn6yCNXRalA8td1fSSFm8sdwwhzOe12ymf9UCIh%2BgYtwKKdSFCD50BvqD3TnK%2BIguJNBqVXJcGjEGOw1Pe6GV%2BFbzf%2FwDE2n9wJ6ZLgF3prw6HX0VBhwuPn77e02%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cf-ray: 778af75f6c399195-FRA
x-backend-server: aa-reachservice-group-europe-west1-0wjn
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame 2650 1 KB
1 KB 30ms
29ms XHR
text/plain 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b4505ee5e15ced444c23568cc80133247d48e2fecf8eae7218d90664e2dd1704

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBPRx505Nd0Ys%2F7rFG0iJFALwZDZ7UJv4XAGBCrjgqL%2FgFrRKSN9gNDdvvz3jejc6DoyHuRw6l53TZGttSj9NogA%2B1erDQ1HZ%2FX27tZ%2BGbMzGm1P9xhmP5HsyEJtJ8%2FRCpGjXsg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cf-ray: 778af75f6c329195-FRA
x-backend-server: aa-reachservice-group-europe-west1-0wjn
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 rs Show response
ad4m.at/ Frame A372 1 KB
1 KB 30ms
29ms XHR
text/plain 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 1477c4f46f72830f8573e7dd254424b4c8a3b090814ff971c3ea9642e77624e5

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpMXdIQEuQaW0BbwofMjyazJUyFFLK%2FFp7LiULTaAQ47%2BD4HX0gkuaVpRiTlCWM%2F1plskTRclMF8rRH92TD0eDok3aT%2FTCYnc83KE68h6zszgtlLlUW%2F3YfZ6VR8JWqsbugtktI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cf-ray: 778af75f6c369195-FRA
x-backend-server: aa-reachservice-group-europe-west1-0wjn
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 53ms
51ms Preflight
text/plain 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 778af75f2be89195-FRA
content-length: 24
content-type: text/plain
date: Tue, 13 Dec 2022 01:35:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5zdVzfcdx%2BBPg0%2FOfp6n5kgNqN%2BQc6X%2BIldOUnwGIq0kHfCApgrmFxqtqvruvV%2Fg3UR5EEVBuu4R2CyNdVV1xx%2Bjy4Cbo6aRs%2BVWeti9i9A7VyNqT3%2BVtvbIiG%2FLcDpEehaHhh0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-0wjn

POST
H3 200 rs Show response
ad4m.at/ Frame 5226 1 KB
1 KB 31ms
29ms XHR
text/plain 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aae0e661b0c204d795f489b319e5c8a2e4a31b40f9251d02192385757e8dbd1

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 13 Dec 2022 01:35:59 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thj2yDV1O1YQywDe45OJU7HOA1ubXy8PGXGZUrEJ0PR6oGzxEZEE8OVlMWI3rY1LC3NDaNqhbYvTCzdPkrgtFKhgyHPGyjR%2B5GxX4uOF8ElSXy7cSZvU8IRjB8%2BIMkKLsuzTVwM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cf-ray: 778af75f6c359195-FRA
x-backend-server: aa-reachservice-group-europe-west1-0wjn
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 50ms
50ms Preflight
text/plain 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 778af75f2be99195-FRA
content-length: 24
content-type: text/plain
date: Tue, 13 Dec 2022 01:35:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RI%2BS62n3TFaoTwxPZK%2FTkIx8Mv52eNeJRBFjLpOiTQygOYEtrADzoqBQjrrYJBItFanRkRH4J2TwI1ch3%2ByUp2gvxYtAlImA61Sf%2Fvv9dHs%2F5bQh2eNbZ0m%2FX1spHnUZxz2JwFE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-0wjn

GET
H/1.1 200
OK viewability Show response
hal900028.redintelligence.net/ Frame 11E6 0
150 B 45ms
22ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/viewability?s=60212100005016506516379012172028&a=8a8465a0&vb=m
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=60212100005016506516379012172028&a=82eaf16c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/request_content.php?s=60212100005016506516379012172028&a=82eaf16c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:35:59 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 11E6 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 87AC 2 KB
2 KB 38ms
27ms Document
text/html 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=18986&b=ADXHYfqf7RwsAHwtkuktMMEURS4T88CeVX&f=Mx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4&c=300&d=250&e=&g=8498e484cd414191471c7cb4e55e4940%2F8223107598856800668&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359917&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

82d75307e9fa171df8e5cedf85570ff1d4249385dc609d9a9624128e87c2b5c9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 778af7604b6292c9-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:00 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 4310 2 KB
1 KB 29ms
29ms Document
text/html 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=18986&b=ADXHYfqf7RwsAHwtkuktMMEURS4T88CeVX&f=Mx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4&c=300&d=250&e=&g=e0dae009920a10858fb13537cee28412%2F7960912867692032531&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359917&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

2013ff2bb41e427a307fa8be67dc498ca7a2e91f1b207594adc9eeda5b65d0d1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 778af7604b6892c9-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:00 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 9B11 2 KB
1 KB 29ms
29ms Document
text/html 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=35659&b=131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3&f=wAkUdfjfdb6UEHmtwuEC447HzSATJJUz2p&c=300&d=250&e=&g=42d4f0f94a7533e0d3ab55ee2ecd0bd9%2F874961684115658629&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359918&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

4b62bb23adeec37ac3ddfa65c13db5e3b197964b1760913e03a890f1299121b8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 778af7604b6b92c9-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:00 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame DA89 2 KB
1 KB 29ms
28ms Document
text/html 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=35659&b=131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3&f=wAkUdfjfdb6UEHmtwuEC447HzSATJJUz2p&c=300&d=250&e=&g=edbd718e1e3d723ee2c051080b660f94%2F3303225659553864476&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359920&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

2f57ab2681074b951fea61a975cc27a7591702a938148273440304b2309e12af

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 778af7605b7292c9-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:00 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.26/one-ad/ Frame 87AC 89 KB
11 KB 34ms
33ms Stylesheet
text/css 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.26/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=18986&b=ADXHYfqf7RwsAHwtkuktMMEURS4T88CeVX&f=Mx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4&c=300&d=250&e=&g=8498e484cd414191471c7cb4e55e4940%2F8223107598856800668&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359917&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=18986&b=ADXHYfqf7RwsAHwtkuktMMEURS4T88CeVX&f=Mx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4&c=300&d=250&e=&g=8498e484cd414191471c7cb4e55e4940%2F8223107598856800668&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359917&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669909960
age: 984208
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtQkAdSc0DTs_WHdWK8MdqupDyiwMG-HAUSpoDZCrSlyEczXjpF0fpxBL-p014ddJ09_F2J5CMgUiex0mVi4cDOMQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Dec 2022 15:53:06 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669909986917312
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKi%2BVNl%2F4eYQrof%2BzevicHG4OQlj1JqJWIuoQU5O%2BKT8ZJp4kssSGqbcQxJY%2FPyMPcCFe99d0hr%2BdyPPKUg2Oc1YfVLsIBMGYtaNputHnxo7j2PxkIDMPQokEl%2FnrLmEWRGgOXrggfo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 778af760f8949b1f-FRA
expires: Tue, 13 Dec 2022 02:36:00 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 87AC
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022121302360079452111041X117679V1226132702MSoneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_Max...

49 B
1 KB

70ms
24ms

Image
image/gif

46.4.41.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022121302360079452111041X117679V1226132702MSoneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&gdpr_consent=&gdpr=0&cons=0&spid=2022121302360079452111041X117679V1226132702MSoneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&wfid=117679&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=18986&b=ADXHYfqf7RwsAHwtkuktMMEURS4T88CeVX&f=Mx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4&c=300&d=250&e=&g=8498e484cd414191471c7cb4e55e4940%2F8223107598856800668&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359917&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads2.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:36:00 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022121302360079452111041X117679V1226132702MSoneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&gdpr_consent=&gdpr=0&cons=0&spid=2022121302360079452111041X117679V1226132702MSoneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&wfid=117679&partnerid=12218
date: Tue, 13 Dec 2022 01:36:00 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.26/one-ad/ Frame 4310 89 KB
11 KB 30ms
29ms Stylesheet
text/css 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.26/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=18986&b=ADXHYfqf7RwsAHwtkuktMMEURS4T88CeVX&f=Mx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4&c=300&d=250&e=&g=e0dae009920a10858fb13537cee28412%2F7960912867692032531&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359917&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=18986&b=ADXHYfqf7RwsAHwtkuktMMEURS4T88CeVX&f=Mx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4&c=300&d=250&e=&g=e0dae009920a10858fb13537cee28412%2F7960912867692032531&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359917&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669909960
age: 984208
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtQkAdSc0DTs_WHdWK8MdqupDyiwMG-HAUSpoDZCrSlyEczXjpF0fpxBL-p014ddJ09_F2J5CMgUiex0mVi4cDOMQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Dec 2022 15:53:06 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669909986917312
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2FUvX5CgcQZVnuD3sK7qFHZ3trVb5FmJg8Lysbobg8RLekXfc31f5KfPwyqm0p%2BJx7b8zNRm7J%2BFsbqU8UbVwskx3vKTcpblv5d%2BgTmIDBlGwk27r4EqWD3p0EkOhgBq4VE9sFppDwc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 778af76118b29b1f-FRA
expires: Tue, 13 Dec 2022 02:36:00 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 4310
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117679V1226132702M&subid=oneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117679V1226132702M&subid=oneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022121302360079452111043X117679V1226132702MSoneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_Max...

49 B
1 KB

71ms
25ms

Image
image/gif

46.4.41.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022121302360079452111043X117679V1226132702MSoneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&gdpr_consent=&gdpr=0&cons=0&spid=2022121302360079452111043X117679V1226132702MSoneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&wfid=117679&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=18986&b=ADXHYfqf7RwsAHwtkuktMMEURS4T88CeVX&f=Mx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4&c=300&d=250&e=&g=e0dae009920a10858fb13537cee28412%2F7960912867692032531&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359917&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads2.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:36:00 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117679&s_id=2022121302360079452111043X117679V1226132702MSoneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&gdpr_consent=&gdpr=0&cons=0&spid=2022121302360079452111043X117679V1226132702MSoneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&wfid=117679&partnerid=12218
date: Tue, 13 Dec 2022 01:36:00 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A3BE 0
12 B 39ms
38ms Image
text/plain 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?iNfs6w
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.26/one-ad/ Frame 9B11 89 KB
11 KB 29ms
28ms Stylesheet
text/css 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.26/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=35659&b=131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3&f=wAkUdfjfdb6UEHmtwuEC447HzSATJJUz2p&c=300&d=250&e=&g=42d4f0f94a7533e0d3ab55ee2ecd0bd9%2F874961684115658629&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359918&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=35659&b=131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3&f=wAkUdfjfdb6UEHmtwuEC447HzSATJJUz2p&c=300&d=250&e=&g=42d4f0f94a7533e0d3ab55ee2ecd0bd9%2F874961684115658629&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359918&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669909960
age: 984208
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtQkAdSc0DTs_WHdWK8MdqupDyiwMG-HAUSpoDZCrSlyEczXjpF0fpxBL-p014ddJ09_F2J5CMgUiex0mVi4cDOMQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Dec 2022 15:53:06 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669909986917312
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWgFkfy8pywpe5qX%2Bygw5jYWCbX%2Frvw%2FtJhFdQTi7bEUpOoAOOOpokbCa%2BpTDJ30%2FqqYfetWyhtsyfL0k26HbHAjkTdzKvgAvW6N5On%2FKh3PgfbA81uXriiDEX6jEOCIwXlyYrkDpNQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 778af76128d59b1f-FRA
expires: Tue, 13 Dec 2022 02:36:00 GMT

GET
H2 200 tb.php Show response
www.telefonica-partner.de/ Frame 9B11 3 KB
1 KB 21ms
17ms Script
application/javascript 84.200.5.215
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telefonica-partner.de/tb.php?t=117693V1226162749F&click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hq7h3rswdaen46skpfbnw2zrz53n6k1w80kbfty5k614rf6hhphfeep7dp99hm6ax9yegn4vaydarbxcgad6hw70mhz7gcmemptvvy3bfrexfgw18p0nn0sssyczedcz3nrexfy1tzkrq0vdsas9mb1y5j4w833wtkkb61fw0j5q2ekm0gdrxmmsdk69vvf1wc0t4xbch3gkt13cvn8h4pch65vadndq7c7mdjnhn81nnzb36hcz3beeebpsvg%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253D&subid=oneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0&js=1

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=35659&b=131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3&f=wAkUdfjfdb6UEHmtwuEC447HzSATJJUz2p&c=300&d=250&e=&g=42d4f0f94a7533e0d3ab55ee2ecd0bd9%2F874961684115658629&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359918&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.200.5.215 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

f278dc0f221d61b8bd847997b6a94ec18b5d17b646333bd0683820b67fe9e6c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
content-type: application/javascript

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.26/one-ad/ Frame DA89 89 KB
11 KB 26ms
25ms Stylesheet
text/css 2606:4700:20::ac43:4a81

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.26/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=35659&b=131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3&f=wAkUdfjfdb6UEHmtwuEC447HzSATJJUz2p&c=300&d=250&e=&g=edbd718e1e3d723ee2c051080b660f94%2F3303225659553864476&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359920&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=35659&b=131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3&f=wAkUdfjfdb6UEHmtwuEC447HzSATJJUz2p&c=300&d=250&e=&g=edbd718e1e3d723ee2c051080b660f94%2F3303225659553864476&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359920&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1669909960
age: 984208
cf-polished: origSize=91628
x-guploader-uploadid: ADPycdtQkAdSc0DTs_WHdWK8MdqupDyiwMG-HAUSpoDZCrSlyEczXjpF0fpxBL-p014ddJ09_F2J5CMgUiex0mVi4cDOMQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 01 Dec 2022 15:53:06 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1669909986917312
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UyCyUe20QiZvE%2BI%2F%2Fz1RKVJL2g23mDC2xMShMnJLa71o9OIxCicSDKjFkgdU16pJh%2Frr0z0zCr42UCQCN21ib8tc%2FpduKFNjmhoycTURWxMMLonmIk7t1H55w0xzFs4n5nZXMPsi5c%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 778af76138eb9b1f-FRA
expires: Tue, 13 Dec 2022 02:36:00 GMT

GET
H2 200 tb.php Show response
www.telefonica-partner.de/ Frame DA89 3 KB
1 KB 16ms
14ms Script
application/javascript 84.200.5.215
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to

Full URL

https://www.telefonica-partner.de/tb.php?t=117693V1226162749F&click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kvwc9y39hda1c6808e8g8n1fwt0sc90nk8bwg6e7wrsfwn561h89dfdtz5kkq5e8df4nftb2ygg7r5pvrgrcb4agf1qf0zb9dnrakajdg308e92kwtzb9mdtppgggy10eq0st34yf5hha8rr8kbrxscpew1y420q681zr47qn1jgm475sxcq43cdgd6pzsecchntte2cwgxq19wpq03j554m58psbd016z2xfexznf7kexebwfmp19kddbmdn4d%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253D&subid=oneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0&js=1

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=35659&b=131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3&f=wAkUdfjfdb6UEHmtwuEC447HzSATJJUz2p&c=300&d=250&e=&g=edbd718e1e3d723ee2c051080b660f94%2F3303225659553864476&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359920&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.200.5.215 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

71b1e7cb6c62222c24c83feab0c97d3231f50e5ead960bcce48569bef4b141c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
content-type: application/javascript

GET
H/1.1

200
OK

/ Show response
partner.o2online.de/o2/ Frame 39EB
Redirect Chain

https://www.telefonica-partner.de/tb.php?t=117679V1226162771F&click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2...
https://partner.o2online.de/o2/?nw=lea1&affiliate=117679&partnerid=12218&s_id=117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView&camp=channel13&size=300x250&clicktag=h...

2 KB
2 KB

88ms
20ms

Document
text/html

46.4.41.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.o2online.de/o2/?nw=lea1&affiliate=117679&partnerid=12218&s_id=117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView&camp=channel13&size=300x250&clicktag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D&clickTag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=18986&b=ADXHYfqf7RwsAHwtkuktMMEURS4T88CeVX&f=Mx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4&c=300&d=250&e=&g=8498e484cd414191471c7cb4e55e4940%2F8223107598856800668&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359917&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads2.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5e0cbfb81dde23ac0014af52ccae6c7ecd0ccd892c526f76ae3cd4c90ef05d9c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:36:00 GMT
Keep-Alive: timeout=10
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

content-type: text/html; charset=UTF-8
date: Tue, 13 Dec 2022 01:36:00 GMT
location: https://partner.o2online.de/o2/?nw=lea1&affiliate=117679&partnerid=12218&s_id=117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView&camp=channel13&size=300x250&clicktag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D&clickTag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D
server: nginx
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2A97 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:00 GMT
AN-X-Request-Uuid: d9205b17-ff50-47c6-9c6a-d901605f0bd1
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

/ Show response
partner.o2online.de/o2/ Frame D758
Redirect Chain

https://www.telefonica-partner.de/tb.php?t=117679V1226162771F&click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13f...
https://partner.o2online.de/o2/?nw=lea1&affiliate=117679&partnerid=12218&s_id=117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView&camp=channel13&size=300x250&clicktag=h...

2 KB
2 KB

83ms
16ms

Document
text/html

46.4.41.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.o2online.de/o2/?nw=lea1&affiliate=117679&partnerid=12218&s_id=117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView&camp=channel13&size=300x250&clicktag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D&clickTag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=18986&b=ADXHYfqf7RwsAHwtkuktMMEURS4T88CeVX&f=Mx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4&c=300&d=250&e=&g=e0dae009920a10858fb13537cee28412%2F7960912867692032531&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359917&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads2.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c35c2f8c0a4c5930d155ff7e6869d4b46597e2b7ffb9da79845ee4b63597237a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:36:00 GMT
Keep-Alive: timeout=10
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

content-type: text/html; charset=UTF-8
date: Tue, 13 Dec 2022 01:36:00 GMT
location: https://partner.o2online.de/o2/?nw=lea1&affiliate=117679&partnerid=12218&s_id=117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView&camp=channel13&size=300x250&clicktag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D&clickTag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D
server: nginx
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 57EA 0
747 B 16ms
15ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:00 GMT
AN-X-Request-Uuid: 44d319e6-68eb-4fab-a20a-0c5e2e89c0ab
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8563 0
747 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:00 GMT
AN-X-Request-Uuid: 0045daba-ef61-4cd2-be8e-c038b4c8a921
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C416 0
747 B 47ms
47ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:00 GMT
AN-X-Request-Uuid: 240bd4f1-3e31-4b7e-8d37-2b9f4e50fcde
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
partner.o2online.de/o2/ Frame 4DCB 2 KB
2 KB 73ms
17ms Document
text/html 46.4.41.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.o2online.de/o2/?nw=lea1&affiliate=117693&partnerid=12218&s_id=117693V1226162749FSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView&camp=channel12&size=300x250&clicktag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hq7h3rswdaen46skpfbnw2zrz53n6k1w80kbfty5k614rf6hhphfeep7dp99hm6ax9yegn4vaydarbxcgad6hw70mhz7gcmemptvvy3bfrexfgw18p0nn0sssyczedcz3nrexfy1tzkrq0vdsas9mb1y5j4w833wtkkb61fw0j5q2ekm0gdrxmmsdk69vvf1wc0t4xbch3gkt13cvn8h4pch65vadndq7c7mdjnhn81nnzb36hcz3beeebpsvg%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117693C1226162749F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26deepurl%3D&clickTag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hq7h3rswdaen46skpfbnw2zrz53n6k1w80kbfty5k614rf6hhphfeep7dp99hm6ax9yegn4vaydarbxcgad6hw70mhz7gcmemptvvy3bfrexfgw18p0nn0sssyczedcz3nrexfy1tzkrq0vdsas9mb1y5j4w833wtkkb61fw0j5q2ekm0gdrxmmsdk69vvf1wc0t4xbch3gkt13cvn8h4pch65vadndq7c7mdjnhn81nnzb36hcz3beeebpsvg%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117693C1226162749F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26deepurl%3D
Requested by: Host: www.telefonica-partner.de
URL: https://www.telefonica-partner.de/tb.php?t=117693V1226162749F&click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hq7h3rswdaen46skpfbnw2zrz53n6k1w80kbfty5k614rf6hhphfeep7dp99hm6ax9yegn4vaydarbxcgad6hw70mhz7gcmemptvvy3bfrexfgw18p0nn0sssyczedcz3nrexfy1tzkrq0vdsas9mb1y5j4w833wtkkb61fw0j5q2ekm0gdrxmmsdk69vvf1wc0t4xbch3gkt13cvn8h4pch65vadndq7c7mdjnhn81nnzb36hcz3beeebpsvg%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253D&subid=oneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0&js=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads2.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 8d559f1235994035cbae55f1d9eadce94abd07f2a57488591fdc3f8e831c1dc2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:36:00 GMT
Keep-Alive: timeout=10
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
partner.o2online.de/o2/ Frame 00B6 2 KB
2 KB 71ms
16ms Document
text/html 46.4.41.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.o2online.de/o2/?nw=lea1&affiliate=117693&partnerid=12218&s_id=117693V1226162749FSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView&camp=channel12&size=300x250&clicktag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kvwc9y39hda1c6808e8g8n1fwt0sc90nk8bwg6e7wrsfwn561h89dfdtz5kkq5e8df4nftb2ygg7r5pvrgrcb4agf1qf0zb9dnrakajdg308e92kwtzb9mdtppgggy10eq0st34yf5hha8rr8kbrxscpew1y420q681zr47qn1jgm475sxcq43cdgd6pzsecchntte2cwgxq19wpq03j554m58psbd016z2xfexznf7kexebwfmp19kddbmdn4d%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117693C1226162749F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26deepurl%3D&clickTag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kvwc9y39hda1c6808e8g8n1fwt0sc90nk8bwg6e7wrsfwn561h89dfdtz5kkq5e8df4nftb2ygg7r5pvrgrcb4agf1qf0zb9dnrakajdg308e92kwtzb9mdtppgggy10eq0st34yf5hha8rr8kbrxscpew1y420q681zr47qn1jgm475sxcq43cdgd6pzsecchntte2cwgxq19wpq03j554m58psbd016z2xfexznf7kexebwfmp19kddbmdn4d%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117693C1226162749F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26deepurl%3D
Requested by: Host: www.telefonica-partner.de
URL: https://www.telefonica-partner.de/tb.php?t=117693V1226162749F&click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kvwc9y39hda1c6808e8g8n1fwt0sc90nk8bwg6e7wrsfwn561h89dfdtz5kkq5e8df4nftb2ygg7r5pvrgrcb4agf1qf0zb9dnrakajdg308e92kwtzb9mdtppgggy10eq0st34yf5hha8rr8kbrxscpew1y420q681zr47qn1jgm475sxcq43cdgd6pzsecchntte2cwgxq19wpq03j554m58psbd016z2xfexznf7kexebwfmp19kddbmdn4d%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253D&subid=oneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0&js=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads2.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: c22c1f9479535ebb7e6de622e30f1b0728fbeace42092fe0ce6480dfe26e1566

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:36:00 GMT
Keep-Alive: timeout=10
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1

200
OK

/ Show response
partner.o2online.de/a/ Frame D5DB
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117693V1226132702M&subid=oneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117693V1226132702M&subid=oneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117693&s_id=2022121302360079452111047X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_Max...

49 B
1 KB

36ms
28ms

Document
image/gif

46.4.41.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117693&s_id=2022121302360079452111047X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&gdpr_consent=&gdpr=0&cons=0&spid=2022121302360079452111047X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&wfid=117693&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=35659&b=131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3&f=wAkUdfjfdb6UEHmtwuEC447HzSATJJUz2p&c=300&d=250&e=&g=42d4f0f94a7533e0d3ab55ee2ecd0bd9%2F874961684115658629&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359918&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads2.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 49
Content-Type: image/gif
Date: Tue, 13 Dec 2022 01:36:00 GMT
Keep-Alive: timeout=10
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Server: nginx/1.10.3 (Ubuntu)
X-NODEIP: 46.4.41.145

Redirect headers

content-type: text/html; charset=UTF-8
date: Tue, 13 Dec 2022 01:36:00 GMT
location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117693&s_id=2022121302360079452111047X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&gdpr_consent=&gdpr=0&cons=0&spid=2022121302360079452111047X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&wfid=117693&partnerid=12218
server: nginx
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
partner.o2online.de/a/ Frame B095
Redirect Chain

https://www.telefonica-partner.de/tpv.php?t=117693V1226132702M&subid=oneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117693V1226132702M&subid=oneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117693&s_id=2022121302360079452111049X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_Max...

49 B
1 KB

38ms
28ms

Document
image/gif

46.4.41.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117693&s_id=2022121302360079452111049X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&gdpr_consent=&gdpr=0&cons=0&spid=2022121302360079452111049X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&wfid=117693&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=35659&b=131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3&f=wAkUdfjfdb6UEHmtwuEC447HzSATJJUz2p&c=300&d=250&e=&g=edbd718e1e3d723ee2c051080b660f94%2F3303225659553864476&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=adfPros_MaxView&r=1670895359920&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D52776760%3Bcrtbwp%3D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%3Bcrtbdata%3DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%3Badfibeg%3D0%3Bcdata%3D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%3B%3BCREFURL%3Dhttps%253a%252f%252fearnme.club%3BC%3D1%3Bcpdir%3D&y=1&s=&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads2.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 49
Content-Type: image/gif
Date: Tue, 13 Dec 2022 01:36:00 GMT
Keep-Alive: timeout=10
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Server: nginx/1.10.3 (Ubuntu)
X-NODEIP: 46.4.41.145

Redirect headers

content-type: text/html; charset=UTF-8
date: Tue, 13 Dec 2022 01:36:00 GMT
location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117693&s_id=2022121302360079452111049X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&gdpr_consent=&gdpr=0&cons=0&spid=2022121302360079452111049X117693V1226132702MSoneid131hbfKfjWrt9HGtBuAt22rh2SKTmmSjX3oneid__adfPros_MaxView&wfid=117693&partnerid=12218
server: nginx
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 30ms
29ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895360300&oz_l=502&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:36:00 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9F17 0
747 B 15ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:00 GMT
AN-X-Request-Uuid: 4919382a-70a3-4055-a731-cdddea6c823c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5158 0
747 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:00 GMT
AN-X-Request-Uuid: 030be3d6-777e-42e6-b040-6bf3e52ec182
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 39EB 28 KB
11 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: partner.o2online.de
URL: https://partner.o2online.de/o2/?nw=lea1&affiliate=117679&partnerid=12218&s_id=117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView&camp=channel13&size=300x250&clicktag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D&clickTag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner.o2online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10900
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 17:19:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 13 Dec 2022 02:03:36 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BF97 0
747 B 15ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:00 GMT
AN-X-Request-Uuid: d6a81116-0a10-44ec-b79f-d2ace9181d9f
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame D758 28 KB
11 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: partner.o2online.de
URL: https://partner.o2online.de/o2/?nw=lea1&affiliate=117679&partnerid=12218&s_id=117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView&camp=channel13&size=300x250&clicktag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D&clickTag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner.o2online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10900
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 17:19:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 13 Dec 2022 02:03:36 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A837 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:00 GMT
AN-X-Request-Uuid: 345eab9f-75b3-4208-ae8e-2a98a0acb74d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 69BF 0
747 B 13ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:00 GMT
AN-X-Request-Uuid: 33903bb3-8379-4c13-8b91-b12add12974d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 4DCB 28 KB
11 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: partner.o2online.de
URL: https://partner.o2online.de/o2/?nw=lea1&affiliate=117693&partnerid=12218&s_id=117693V1226162749FSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView&camp=channel12&size=300x250&clicktag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hq7h3rswdaen46skpfbnw2zrz53n6k1w80kbfty5k614rf6hhphfeep7dp99hm6ax9yegn4vaydarbxcgad6hw70mhz7gcmemptvvy3bfrexfgw18p0nn0sssyczedcz3nrexfy1tzkrq0vdsas9mb1y5j4w833wtkkb61fw0j5q2ekm0gdrxmmsdk69vvf1wc0t4xbch3gkt13cvn8h4pch65vadndq7c7mdjnhn81nnzb36hcz3beeebpsvg%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117693C1226162749F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26deepurl%3D&clickTag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hq7h3rswdaen46skpfbnw2zrz53n6k1w80kbfty5k614rf6hhphfeep7dp99hm6ax9yegn4vaydarbxcgad6hw70mhz7gcmemptvvy3bfrexfgw18p0nn0sssyczedcz3nrexfy1tzkrq0vdsas9mb1y5j4w833wtkkb61fw0j5q2ekm0gdrxmmsdk69vvf1wc0t4xbch3gkt13cvn8h4pch65vadndq7c7mdjnhn81nnzb36hcz3beeebpsvg%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117693C1226162749F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26deepurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner.o2online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10900
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 17:19:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 13 Dec 2022 02:03:36 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 00B6 28 KB
11 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: partner.o2online.de
URL: https://partner.o2online.de/o2/?nw=lea1&affiliate=117693&partnerid=12218&s_id=117693V1226162749FSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView&camp=channel12&size=300x250&clicktag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kvwc9y39hda1c6808e8g8n1fwt0sc90nk8bwg6e7wrsfwn561h89dfdtz5kkq5e8df4nftb2ygg7r5pvrgrcb4agf1qf0zb9dnrakajdg308e92kwtzb9mdtppgggy10eq0st34yf5hha8rr8kbrxscpew1y420q681zr47qn1jgm475sxcq43cdgd6pzsecchntte2cwgxq19wpq03j554m58psbd016z2xfexznf7kexebwfmp19kddbmdn4d%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117693C1226162749F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26deepurl%3D&clickTag=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kvwc9y39hda1c6808e8g8n1fwt0sc90nk8bwg6e7wrsfwn561h89dfdtz5kkq5e8df4nftb2ygg7r5pvrgrcb4agf1qf0zb9dnrakajdg308e92kwtzb9mdtppgggy10eq0st34yf5hha8rr8kbrxscpew1y420q681zr47qn1jgm475sxcq43cdgd6pzsecchntte2cwgxq19wpq03j554m58psbd016z2xfexznf7kexebwfmp19kddbmdn4d%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117693C1226162749F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26deepurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner.o2online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10900
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 17:19:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 13 Dec 2022 02:03:36 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 01CD 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:00 GMT
AN-X-Request-Uuid: 0884698e-cb10-4546-8b8b-1f0428f51f84
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0266 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:00 GMT
AN-X-Request-Uuid: ecece805-63d9-4638-9669-284725279943
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5704 0
747 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:00 GMT
AN-X-Request-Uuid: 2fad6153-6c4a-46be-9c50-9c0b059ba3c7
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 12A4 0
747 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:00 GMT
AN-X-Request-Uuid: 91780175-f828-4373-ad84-684ae953c08b
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 21FE 0
747 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:00 GMT
AN-X-Request-Uuid: 4e6edacd-9754-4354-8db9-e6b20cb41173
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 impl_v92.js Show response
www.googletagservices.com/dcm/ Frame 39EB 60 KB
23 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v92.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner.o2online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 01:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23563
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:32:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 01:33:10 GMT

GET
H3 200 impl_v92.js Show response
www.googletagservices.com/dcm/ Frame D758 60 KB
23 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v92.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner.o2online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 01:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23563
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:32:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 01:33:10 GMT

GET
H3 200 impl_v92.js Show response
www.googletagservices.com/dcm/ Frame 4DCB 60 KB
23 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v92.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner.o2online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 01:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23563
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:32:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 01:33:10 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 271A 0
20 B 81ms
80ms Ping
image/gif 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=46561633237&version=m202209210101&ct=2&x=8&cor=17103072907991036000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 impl_v92.js Show response
www.googletagservices.com/dcm/ Frame 00B6 60 KB
23 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v92.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partner.o2online.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 01:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23563
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 16:32:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 01:33:10 GMT

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 43ms
43ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895360480&oz_l=1053&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:36:00 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H2 200 /
track.adform.net/serving/unload/ Frame A30D 35 B
468 B 22ms
22ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-SMopbVCT6kgi8Z5Xjoz8CJ-m9tFOi7_nuybUF9Vlz-luIH_XNKszJyTBDjc4LoA6meHad8CzFZoDUZVNBq51ShghUEnP6WXKFQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,3143448279207922371,100|1128|0|0|0|0|0|0|0||44|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvzm4yZuqKj4BhpnBRkvb3lA7z_uuw_WOM1|7r-M8NIg3DJ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R8u3pKImRyrNrSwHb7qBseiWKRw4Z--Wz7ZsWXqITBbWdghNpsPngDQCn2rUiYgvpaYnqm_YHRyarYFuYefveqnS4j0MvbFrsD9jTA9wD4ksfMEX5By_Xskui0bMBUl7HZ5-dnmF1x8gO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame A30D 35 B
468 B 20ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,3143448279207922371,100|1129|0|0|0|0|0|0|0||44|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvzm4yZuqKj4BhpnBRkvb3lA7z_uuw_WOM1|7r-M8NIg3DJ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R8u3pKImRyrNrSwHb7qBseiWKRw4Z--Wz7ZsWXqITBbWdghNpsPngDQCn2rUiYgvpaYnqm_YHRyarYFuYefveqnS4j0MvbFrsD9jTA9wD4ksfMEX5By_Xskui0bMBUl7HZ5-dnmF1x8gO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 99E5 35 B
468 B 22ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-SMopbVCT6kgi8Z5Xjoz8CJ-m9tFOi7_nuybUF9Vlz-luIH_XNKszJyTBDjc4LoA6meHad8CzFZoDUZVNBq51ShghUEnP6WXKFQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,5105726833091375645,100|1129|0|0|0|0|0|0|0||44|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvdgRpVookxlRhpnBRkvb3lA7z_uuw_WOM1|1eVq6w26WOt42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SsN0tmH01sEYB613wE_-Y-sAmyZS3LqHAbdyRaGIQzblH01y219wsKseyBH4HYZS_mgO4blMDzigVgcKltZ74kUCGMpxWpEuwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7E0at5TinmFoAO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 99E5 35 B
468 B 21ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,5105726833091375645,100|1129|0|0|0|0|0|0|0||44|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvdgRpVookxlRhpnBRkvb3lA7z_uuw_WOM1|1eVq6w26WOt42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SsN0tmH01sEYB613wE_-Y-sAmyZS3LqHAbdyRaGIQzblH01y219wsKseyBH4HYZS_mgO4blMDzigVgcKltZ74kUCGMpxWpEuwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7E0at5TinmFoAO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 17AE 35 B
459 B 22ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-SMopbVCT6kgi8Z5Xjoz8CJ-m9tFOi7_nuybUF9Vlz-luIH_XNKszJyTBDjc4LoA6meHad8CzFZoDUZVNBq51ShghUEnP6WXKFQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,210255793324902225,100|1130|0|0|0|0|0|0|0||44|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvboaxTWpHGohhpnBRkvb3lA7z_uuw_WOM1|Ltz3FkLvzLh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-S0RQRDqt_Eq7UUDdWkpBFDbtTSpoMPBEgaEb7ErZtSV1SuCS7WvxI55oQQjqC0lfp04fv_0Q-eVAQ4X8xU_Pst72Ljv0LdVPwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7GvPRwYsYeIGAO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 17AE 35 B
459 B 22ms
22ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,210255793324902225,100|1130|0|0|0|0|0|0|0||44|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvboaxTWpHGohhpnBRkvb3lA7z_uuw_WOM1|Ltz3FkLvzLh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-S0RQRDqt_Eq7UUDdWkpBFDbtTSpoMPBEgaEb7ErZtSV1SuCS7WvxI55oQQjqC0lfp04fv_0Q-eVAQ4X8xU_Pst72Ljv0LdVPwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7GvPRwYsYeIGAO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 2674 35 B
468 B 21ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-SMopbVCT6kgi8Z5Xjoz8CJ-m9tFOi7_nuybUF9Vlz-luIH_XNKszJyTBDjc4LoA6meHad8CzFZoDUZVNBq51ShghUEnP6WXKFQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,7716537617838879247,100|1186|0|0|0|0|0|0|0||46|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvaCoPc01_HbRhpnBRkvb3lA7z_uuw_WOM1|9YFKyQKqGg142u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Tcjp1sSc42N6eThQihijlLiIXmNNq0KJDWPl13EhPjIUDZcRt17VZZ2khpvyYMYQaeCsfwlZDVLkujONcrnBbL7torgEaogysD9jTA9wD4ksfMEX5By_Xskui0bMBUl7ElVsqJlgaQcwO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 2674 35 B
468 B 35ms
35ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,7716537617838879247,100|1187|0|0|0|0|0|0|0||46|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvaCoPc01_HbRhpnBRkvb3lA7z_uuw_WOM1|9YFKyQKqGg142u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Tcjp1sSc42N6eThQihijlLiIXmNNq0KJDWPl13EhPjIUDZcRt17VZZ2khpvyYMYQaeCsfwlZDVLkujONcrnBbL7torgEaogysD9jTA9wD4ksfMEX5By_Xskui0bMBUl7ElVsqJlgaQcwO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame D4D7 35 B
468 B 36ms
35ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-SMopbVCT6kgi8Z5Xjoz8CJ-m9tFOi7_nuybUF9Vlz-luIH_XNKszJyTBDjc4LoA6meHad8CzFZoDUZVNBq51ShghUEnP6WXKFQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,3579830131137340763,100|1126|0|0|0|0|0|0|0||44|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKu22p4fuDw8txhpnBRkvb3lA7z_uuw_WOM1|azPcNvHoVYN42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-S2YUzo2hZul2buPF5JxMQxJZjiMIjDL5JuSQgE3WHzUbtLxij1L2_lg3-Jn6gKd3sv8blS7G1yaQ9jgx4TmFbhz5sK05aOAaS487kQPD7qPMfMEX5By_Xskui0bMBUl7FvKCtKAhuvEwO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame D4D7 35 B
468 B 36ms
36ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,3579830131137340763,100|1126|0|0|0|0|0|0|0||44|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKu22p4fuDw8txhpnBRkvb3lA7z_uuw_WOM1|azPcNvHoVYN42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-S2YUzo2hZul2buPF5JxMQxJZjiMIjDL5JuSQgE3WHzUbtLxij1L2_lg3-Jn6gKd3sv8blS7G1yaQ9jgx4TmFbhz5sK05aOAaS487kQPD7qPMfMEX5By_Xskui0bMBUl7FvKCtKAhuvEwO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 056F 35 B
468 B 38ms
36ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-SMopbVCT6kgi8Z5Xjoz8CJ-m9tFOi7_nuybUF9Vlz-luIH_XNKszJyTBDjc4LoA6meHad8CzFZoDUZVNBq51ShghUEnP6WXKFQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,5827619730191936662,100|1125|0|0|0|0|0|0|0||44|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvmnyQERldIuhhpnBRkvb3lA7z_uuw_WOM1|NzdvgD9gYJF42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SXOYPggT9YK4oafCEGqmAP39D7MSfrVkeeHqXI7BZTla6tzJEWFgODgIMAiDHzoAnrGU6O_bacNgzVhbT58Z3bjvRZ0QPlrLa487kQPD7qPMfMEX5By_Xskui0bMBUl7FrKxSbT51v4QO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 056F 35 B
468 B 37ms
33ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,5827619730191936662,100|1125|0|0|0|0|0|0|0||44|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvmnyQERldIuhhpnBRkvb3lA7z_uuw_WOM1|NzdvgD9gYJF42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SXOYPggT9YK4oafCEGqmAP39D7MSfrVkeeHqXI7BZTla6tzJEWFgODgIMAiDHzoAnrGU6O_bacNgzVhbT58Z3bjvRZ0QPlrLa487kQPD7qPMfMEX5By_Xskui0bMBUl7FrKxSbT51v4QO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 9E94 35 B
468 B 40ms
36ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-SMopbVCT6kgi8Z5Xjoz8CJ-m9tFOi7_nuybUF9Vlz-luIH_XNKszJyTBDjc4LoA6meHad8CzFZoDUZVNBq51ShghUEnP6WXKFQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,1215453984028289062,100|1188|0|0|0|0|0|0|0||46|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvWAdZTnkFoQxhpnBRkvb3lA7z_uuw_WOM1|o4EgYW9ieAx42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T4BpsGlAektJIkg-SUbE-OGMdrOqyImI8rt4YmCK4s2yPVhEL-LO5gL2ObMjJ1XrrY-QE_NL3A1opHUONa_ylky3yCGs4fa_ED9jTA9wD4ksfMEX5By_Xskui0bMBUl7Egn83A8QeQtAO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 9E94 35 B
468 B 35ms
31ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,1215453984028289062,100|1188|0|0|0|0|0|0|0||46|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvWAdZTnkFoQxhpnBRkvb3lA7z_uuw_WOM1|o4EgYW9ieAx42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T4BpsGlAektJIkg-SUbE-OGMdrOqyImI8rt4YmCK4s2yPVhEL-LO5gL2ObMjJ1XrrY-QE_NL3A1opHUONa_ylky3yCGs4fa_ED9jTA9wD4ksfMEX5By_Xskui0bMBUl7Egn83A8QeQtAO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame A3A3 35 B
468 B 34ms
32ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-SMopbVCT6kgi8Z5Xjoz8CJ-m9tFOi7_nuybUF9Vlz-luIH_XNKszJyTBDjc4LoA6meHad8CzFZoDUZVNBq51ShghUEnP6WXKFQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,6123160584022058838,100|1125|0|0|0|0|0|0|0||44|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsKWTybQejdtRhpnBRkvb3lA7z_uuw_WOM1|ZnZyU2CeQMZ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Smz6DiN2xBdd-YgH7ky7JZlUnhqCF6xwOl--QfGPSG_OzfaDIhLmsXlBWf7lXpubTAmCQC1ruH5CSwHNsjD6RfWHGPRR9qDwq487kQPD7qPMfMEX5By_Xskui0bMBUl7GIomjd2CVv1AO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame A3A3 35 B
468 B 37ms
35ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,6123160584022058838,100|1125|0|0|0|0|0|0|0||44|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsKWTybQejdtRhpnBRkvb3lA7z_uuw_WOM1|ZnZyU2CeQMZ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Smz6DiN2xBdd-YgH7ky7JZlUnhqCF6xwOl--QfGPSG_OzfaDIhLmsXlBWf7lXpubTAmCQC1ruH5CSwHNsjD6RfWHGPRR9qDwq487kQPD7qPMfMEX5By_Xskui0bMBUl7GIomjd2CVv1AO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 90A4 35 B
468 B 35ms
34ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-QqdtQRqY3PU9gUmpP7SbrEqyje-pR5qjFhbkEYKPZ_dDvbyr96bFKV7KtfkNo3srTr9pMc3qGCinyQs-RseBv4J4OC4IsPv1pQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,8279137521474703212,100|1115|0|0|0|0|0|0|0||44|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsLJlGEAF-xlBhpnBRkvb3lA7z_uuw_WOM1|dwM4mnrZthYWcRYtgUbgFKBG_kd7sUIQyQbNzqOyWmxMr4hLISKiONol5kSYxyp8wBT8A18WkWQdSihwuRFs2dLzik8OS_MJdLENeERtvyAFI1e6n61PJYj7Z_ssjYeSohcY6vbxqK860R6LeeqNBqShCn1yzlSyuTNlEnA-3LJnn_WO9d-tmQj9D2es57yWsM7lnDxo7-oXOqVKttkMPA2||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 90A4 35 B
468 B 34ms
34ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,8279137521474703212,100|1116|0|0|0|0|0|0|0||44|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsLJlGEAF-xlBhpnBRkvb3lA7z_uuw_WOM1|dwM4mnrZthYWcRYtgUbgFKBG_kd7sUIQyQbNzqOyWmxMr4hLISKiONol5kSYxyp8wBT8A18WkWQdSihwuRFs2dLzik8OS_MJdLENeERtvyAFI1e6n61PJYj7Z_ssjYeSohcY6vbxqK860R6LeeqNBqShCn1yzlSyuTNlEnA-3LJnn_WO9d-tmQj9D2es57yWsM7lnDxo7-oXOqVKttkMPA2||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 9EA9 35 B
468 B 29ms
22ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-SMopbVCT6kgi8Z5Xjoz8CJ-m9tFOi7_nuybUF9Vlz-luIH_XNKszJyTBDjc4LoA6meHad8CzFZoDUZVNBq51ShghUEnP6WXKFQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,3675219598283937811,100|1122|0|0|0|0|0|0|0||44|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKuWVRyxkOzQwBhpnBRkvb3lA7z_uuw_WOM1|yDsomYhG62l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R_ukBu4ag5a3bSvRg4jBp3H7xptAqVGZWPJI3fcArP757eVzc-64HRpCtgLd1wnBr6667J5fy7qX4nt2-FdKcpP4u3jTwHNpS487kQPD7qPMfMEX5By_Xskui0bMBUl7E3W_BpddaodwO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 9EA9 35 B
468 B 37ms
31ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,3675219598283937811,100|1122|0|0|0|0|0|0|0||44|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKuWVRyxkOzQwBhpnBRkvb3lA7z_uuw_WOM1|yDsomYhG62l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R_ukBu4ag5a3bSvRg4jBp3H7xptAqVGZWPJI3fcArP757eVzc-64HRpCtgLd1wnBr6667J5fy7qX4nt2-FdKcpP4u3jTwHNpS487kQPD7qPMfMEX5By_Xskui0bMBUl7E3W_BpddaodwO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 B25220131.294007390;dc_ver=92.271;sz=300x250;u_sd=1;kw=AFF_la_117679_12218_-;mco=AFF_la_117679_-;pid=O2_AFF_POV_EXA_15008;dc_adk=2707832954;ord=a458o4;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed... Show response
ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/ Frame 3C39 62 KB
29 KB 181ms
85ms Document
text/html 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B25220131.294007390;dc_ver=92.271;sz=300x250;u_sd=1;kw=AFF_la_117679_12218_-;mco=AFF_la_117679_-;pid=O2_AFF_POV_EXA_15008;dc_adk=2707832954;ord=a458o4;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3Dhttps%253A%252F%252Fpartner.o2online.de%252Fa%252F%253Fi%253Dclick%2526client%253Do2%2526camp%253Dlpurl%2526tcamp%253Dchannel13%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117679C1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxCiew%2526affiliate%253D117679%2526lpurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=4,https%3A%2F%2Fearnme.club$2,,,,https%3A%2F%2Fpartner.o2online.de%2Fo2%2F%3Fnw%3Dlea1%26affiliate%3D117679%26partnerid%3D12218%26s_id%3D117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26camp%3Dchannel13%26size%3D300x250%26clicktag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D$0;xdt=1;crlt=ukszgKEsdB;stc=1;chaa=1;sttr=179;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

bdd1024a5742568510ac9b59a2998bb5d8237d1e9dcd006438c812e40a2d04f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://partner.o2online.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 28896
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 B25220131.294007420;dc_ver=92.271;sz=300x250;u_sd=1;kw=AFF_la_117693_12218_-;mco=AFF_la_117693_-;pid=O2_AFF_POV_EXA_15008;dc_adk=1795295360;ord=k62i28;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed... Show response
ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/ Frame 6BBF 62 KB
29 KB 164ms
92ms Document
text/html 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B25220131.294007420;dc_ver=92.271;sz=300x250;u_sd=1;kw=AFF_la_117693_12218_-;mco=AFF_la_117693_-;pid=O2_AFF_POV_EXA_15008;dc_adk=1795295360;ord=k62i28;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hq7h3rswdaen46skpfbnw2zrz53n6k1w80kbfty5k614rf6hhphfeep7dp99hm6ax9yegn4vaydarbxcgad6hw70mhz7gcmemptvvy3bfrexfgw18p0nn0sssyczedcz3nrexfy1tzkrq0vdsas9mb1y5j4w833wtkkb61fw0j5q2ekm0gdrxmmsdk69vvf1wc0t4xbch3gkt13cvn8h4pch65vadndq7c7mdjnhn81nnzb36hcz3beeebpsvg%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117693C1226162749F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26deepurl%3Dhttps%253A%252F%252Fpartner.o2online.de%252Fa%252F%253Fi%253Dclick%2526client%253Do2%2526camp%253Dlpurl%2526tcamp%253Dchannel12%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117693C1226162749FSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxCiew%2526affiliate%253D117693%2526lpurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=4,https%3A%2F%2Fearnme.club$2,,,,https%3A%2F%2Fpartner.o2online.de%2Fo2%2F%3Fnw%3Dlea1%26affiliate%3D117693%26partnerid%3D12218%26s_id%3D117693V1226162749FSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26camp%3Dchannel12%26size%3D300x250%26clicktag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1hq7h3rswdaen46skpfbnw2zrz53n6k1w80kbfty5k614rf6hhphfeep7dp99hm6ax9yegn4vaydarbxcgad6hw70mhz7gcmemptvvy3bfrexfgw18p0nn0sssyczedcz3nrexfy1tzkrq0vdsas9mb1y5j4w833wtkkb61fw0j5q2ekm0gdrxmmsdk69vvf1wc0t4xbch3gkt13cvn8h4pch65vadndq7c7mdjnhn81nnzb36hcz3beeebpsvg%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117693C1226162749F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1hq7h3rswdaen46skpfbnw2zrz53n6k1w80kbfty5k614rf6hhphfeep7dp99hm6ax9yegn4vaydarbxcgad6hw70mhz7gcmemptvvy3bfrexfgw18p0nn0sssyczedcz3nrexfy1tzkrq0vdsas9mb1y5j4w833wtkkb61fw0j5q2ekm0gdrxmmsdk69vvf1wc0t4xbch3gkt13cvn8h4pch65vadndq7c7mdjnhn81nnzb36hcz3beeebpsvg%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117693C1226162749F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%2526deepurl%253D$0;xdt=1;crlt=ukszgKEsdB;stc=1;chaa=1;sttr=212;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

dc1c2ffc79fc7d1b3cec58dc05b8afb808703df7e64249c64f15060771b7769c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://partner.o2online.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 29277
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 B25220131.294007390;dc_ver=92.271;sz=300x250;u_sd=1;kw=AFF_la_117679_12218_-;mco=AFF_la_117679_-;pid=O2_AFF_POV_EXA_15008;dc_adk=66784750;ord=7elf5n;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3... Show response
ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/ Frame 3EB4 62 KB
28 KB 173ms
138ms Document
text/html 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B25220131.294007390;dc_ver=92.271;sz=300x250;u_sd=1;kw=AFF_la_117679_12218_-;mco=AFF_la_117679_-;pid=O2_AFF_POV_EXA_15008;dc_adk=66784750;ord=7elf5n;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3Dhttps%253A%252F%252Fpartner.o2online.de%252Fa%252F%253Fi%253Dclick%2526client%253Do2%2526camp%253Dlpurl%2526tcamp%253Dchannel13%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117679C1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxCiew%2526affiliate%253D117679%2526lpurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=4,https%3A%2F%2Fearnme.club$2,,,,https%3A%2F%2Fpartner.o2online.de%2Fo2%2F%3Fnw%3Dlea1%26affiliate%3D117679%26partnerid%3D12218%26s_id%3D117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26camp%3Dchannel13%26size%3D300x250%26clicktag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D$0;xdt=1;crlt=ukszgKEsdB;stc=1;chaa=1;sttr=250;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

bc1c5116372a096c20b3dc0f9ba5a213f58d7d51b02684fdab2d0205c155d406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://partner.o2online.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 29013
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 7DA7 35 B
488 B 19ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895360762

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame D00A 35 B
488 B 20ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895360763

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame D4D7 35 B
488 B 22ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895360772

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame A30D 35 B
488 B 21ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895360772

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 056F 35 B
488 B 21ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895360773

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 9173 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-SMopbVCT6kgi8Z5Xjoz8CJ-m9tFOi7_nuybUF9Vlz-luIH_XNKszJyTBDjc4LoA6meHad8CzFZoDUZVNBq51ShghUEnP6WXKFQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,328820988270215493,100|1057|0|0|0|0|0|0|0||41|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsEoFtRh9kH9xhpnBRkvb3lA7z_uuw_WOM1|vO7qQg4mkfh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-RfLdgNVu4qoPXplxquaSyMSnTRLePsZCwkmR36zPijdQxQvpuVynoRRO84aN3a-tUWeO2WfnWUxBWjWLle26hkPP--1FqfI34D9jTA9wD4ksfMEX5By_Xskui0bMBUl7FAoEqcFNfc9AO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 9173 35 B
468 B 20ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,328820988270215493,100|1057|0|0|0|0|0|0|0||41|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsEoFtRh9kH9xhpnBRkvb3lA7z_uuw_WOM1|vO7qQg4mkfh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-RfLdgNVu4qoPXplxquaSyMSnTRLePsZCwkmR36zPijdQxQvpuVynoRRO84aN3a-tUWeO2WfnWUxBWjWLle26hkPP--1FqfI34D9jTA9wD4ksfMEX5By_Xskui0bMBUl7FAoEqcFNfc9AO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame D00A 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-SMopbVCT6kgi8Z5Xjoz8CJ-m9tFOi7_nuybUF9Vlz-luIH_XNKszJyTBDjc4LoA6meHad8CzFZoDUZVNBq51ShghUEnP6WXKFQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,7668276795947582059,100|1057|0|0|0|0|0|0|0||41|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsREVqSXFPsfxhpnBRkvb3lA7z_uuw_WOM1|ozE4JXCaPuJ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-QB2lcHWVxukSHu7NqUA70v0RdBuZDhu6YYXIQd1e4BpXim3rfB42YWCtU8SE1K4YVshrdQM8Njt5pcBFDwgB108KGiHuRmzpYD9jTA9wD4ksfMEX5By_Xskui0bMBUl7Gt2o9QaDvyxgO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame D00A 35 B
468 B 20ms
17ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,7668276795947582059,100|1057|0|0|0|0|0|0|0||41|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsREVqSXFPsfxhpnBRkvb3lA7z_uuw_WOM1|ozE4JXCaPuJ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-QB2lcHWVxukSHu7NqUA70v0RdBuZDhu6YYXIQd1e4BpXim3rfB42YWCtU8SE1K4YVshrdQM8Njt5pcBFDwgB108KGiHuRmzpYD9jTA9wD4ksfMEX5By_Xskui0bMBUl7Gt2o9QaDvyxgO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 99E5 35 B
488 B 23ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895360781

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame C52D 35 B
468 B 23ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-SMopbVCT6kgi8Z5Xjoz8CJ-m9tFOi7_nuybUF9Vlz-luIH_XNKszJyTBDjc4LoA6meHad8CzFZoDUZVNBq51ShghUEnP6WXKFQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,4839034727572497589,100|1058|0|0|0|0|0|0|0||41|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsoYfcylllx6xhpnBRkvb3lA7z_uuw_WOM1|goNnsaK182l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T1RyGl5oNeOhLxdbyy5PSNhDUcUOV71ticeZrBkDzKA8GhcRuV4j5-T673vrAXZlSjHIebGTl9-_82Tw25g_wcNcNg2XJOgyC487kQPD7qPMfMEX5By_Xskui0bMBUl7GEW8GBzoZmDQO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame C52D 35 B
468 B 24ms
22ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,4839034727572497589,100|1059|0|0|0|0|0|0|0||41|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsoYfcylllx6xhpnBRkvb3lA7z_uuw_WOM1|goNnsaK182l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T1RyGl5oNeOhLxdbyy5PSNhDUcUOV71ticeZrBkDzKA8GhcRuV4j5-T673vrAXZlSjHIebGTl9-_82Tw25g_wcNcNg2XJOgyC487kQPD7qPMfMEX5By_Xskui0bMBUl7GEW8GBzoZmDQO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame A3A3 35 B
488 B 22ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895360783

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 17AE 35 B
488 B 24ms
15ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895360791

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 90A4 35 B
488 B 25ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895360792

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 7DA7 35 B
468 B 26ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-SMopbVCT6kgi8Z5Xjoz8CJ-m9tFOi7_nuybUF9Vlz-luIH_XNKszJyTBDjc4LoA6meHad8CzFZoDUZVNBq51ShghUEnP6WXKFQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,5859283581057071462,100|1066|0|0|0|0|0|0|0||42|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvKREJcKgidexhpnBRkvb3lA7z_uuw_WOM1|R4iX0eHrCix42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SVcsUw786y-LUGyr7jp1eKPfy0h_IB6gZ1KpI_22cKeyO4RsFn-ucpMMxhFn7iFYh6fNzOvM7seG3m-HTxGA4Vmg7Klcu1N_wD9jTA9wD4ksfMEX5By_Xskui0bMBUl7FkbBjxSa4glQO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 7DA7 35 B
468 B 27ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,5859283581057071462,100|1067|0|0|0|0|0|0|0||42|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvKREJcKgidexhpnBRkvb3lA7z_uuw_WOM1|R4iX0eHrCix42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SVcsUw786y-LUGyr7jp1eKPfy0h_IB6gZ1KpI_22cKeyO4RsFn-ucpMMxhFn7iFYh6fNzOvM7seG3m-HTxGA4Vmg7Klcu1N_wD9jTA9wD4ksfMEX5By_Xskui0bMBUl7FkbBjxSa4glQO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 9EA9 35 B
488 B 27ms
22ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895360793

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/Serving/Event/ Frame 7711 35 B
468 B 26ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=56680285&event=178&time=5&baid=54573432&name=Viewable%20impressions&imprid=8706680886045050883&icid=0&eData=w1TaGv3BjYHbY5OFieGEBDUyXTFuQeaqumjmAI-8sjxo4kOyoBiwbg2&rtbdata=RjLxfiHQw_jn7xi34bmqsy3c7UBwKD7QOm4MkqbVaBA-smWuS6dadgWa4mCAamGjiCR-qtG58IVvItvqXyf6-hMpVG1pj7EseXOI19JDVgrJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_mMRNgj-rLtUmpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1&rtbwp=vXgnwwQaEhSLbrKOIVyWtolpchFwPv_3-oI_bA&rnd=450864415

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 7711 35 B
468 B 27ms
22ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@56680285,8706680886045050883,100|1065|0|0|0|0|0|0|0||42|1|||||1|0|0|nxE18LZgeuni5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 2674 35 B
488 B 25ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895360796

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 9E94 35 B
488 B 19ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895360805

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 B25220131.294007420;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;kw=AFF_la_117693_12218_-;mco=AFF_la_117693_-;pid=O2_AFF_POV_EXA_15008;dc_adk=3648992709;ord=shy6p1;click=https%3A%2F%2Fas.ad4m.at... Show response
ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/ Frame 95B2 62 KB
29 KB 109ms
109ms Document
text/html 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B25220131.294007420;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;kw=AFF_la_117693_12218_-;mco=AFF_la_117693_-;pid=O2_AFF_POV_EXA_15008;dc_adk=3648992709;ord=shy6p1;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kvwc9y39hda1c6808e8g8n1fwt0sc90nk8bwg6e7wrsfwn561h89dfdtz5kkq5e8df4nftb2ygg7r5pvrgrcb4agf1qf0zb9dnrakajdg308e92kwtzb9mdtppgggy10eq0st34yf5hha8rr8kbrxscpew1y420q681zr47qn1jgm475sxcq43cdgd6pzsecchntte2cwgxq19wpq03j554m58psbd016z2xfexznf7kexebwfmp19kddbmdn4d%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117693C1226162749F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26deepurl%3Dhttps%253A%252F%252Fpartner.o2online.de%252Fa%252F%253Fi%253Dclick%2526client%253Do2%2526camp%253Dlpurl%2526tcamp%253Dchannel12%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117693C1226162749FSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxCiew%2526affiliate%253D117693%2526lpurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=4,https%3A%2F%2Fearnme.club$2,,,,https%3A%2F%2Fpartner.o2online.de%2Fo2%2F%3Fnw%3Dlea1%26affiliate%3D117693%26partnerid%3D12218%26s_id%3D117693V1226162749FSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26camp%3Dchannel12%26size%3D300x250%26clicktag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1kvwc9y39hda1c6808e8g8n1fwt0sc90nk8bwg6e7wrsfwn561h89dfdtz5kkq5e8df4nftb2ygg7r5pvrgrcb4agf1qf0zb9dnrakajdg308e92kwtzb9mdtppgggy10eq0st34yf5hha8rr8kbrxscpew1y420q681zr47qn1jgm475sxcq43cdgd6pzsecchntte2cwgxq19wpq03j554m58psbd016z2xfexznf7kexebwfmp19kddbmdn4d%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117693C1226162749F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1kvwc9y39hda1c6808e8g8n1fwt0sc90nk8bwg6e7wrsfwn561h89dfdtz5kkq5e8df4nftb2ygg7r5pvrgrcb4agf1qf0zb9dnrakajdg308e92kwtzb9mdtppgggy10eq0st34yf5hha8rr8kbrxscpew1y420q681zr47qn1jgm475sxcq43cdgd6pzsecchntte2cwgxq19wpq03j554m58psbd016z2xfexznf7kexebwfmp19kddbmdn4d%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117693C1226162749F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%2526deepurl%253D$0;xdt=1;crlt=ukszgKEsdB;stc=1;chaa=1;sttr=282;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v92.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

e1462d71a40ceebf3bd8016ff75e134d9d4c561dcb1334aff77db3a34ea3d842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://partner.o2online.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 29349
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C729 0
0 73ms
73ms Image
text/html 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=4478114197515087&bg=!Tk2lTQnNAAYgquz3AKo7ACkAdvg8WgGvmkgYGOS8BmP8bSWBxjwqAUNLnbpqlAw2a1HQO2-9wVJt3AIAAA7oUgAAAAZoAQeZAuQ5DiXGm8qFdgxeA3ojlb6jmmn7nspvbkMy2RJSO_4-QkfroP4phQA26yH948hU5_j8JR5VYvm41N1I7ttRvmetH05tBSDZGWlwCreFSA14xc3ZUtOLk0PFqQZevVCNSljqWlese6wlC5ZoE5tS3MpJ_6UBixfds6KDR_6cZiWIU0E3T7KdDUcJ9DoYHNbsdBnh8talzpOTVepftAsTD0FA-vKH5UjtoLYok59W9mDKFD0ewZGfz4SRUqps9lnAcD5NUKWQvTfLQnMbHpqSzHGLjh-OuyTTEERJGW__4sakbew45QwGrcU90CG6MxoI4NqqQIi-eRyWgcGL0shGZf4FDMeEmQoquj-8jDAdDylnj5VJ7qxuBvv2NUnEvGfAoUFE9tcLCmCIPMIwDEoNDa0PnAgdcubiY6npukiF2YBmO8MegoiTsa0C_xQpkh4oE0fazGxmzUv238gCpx9bFbtdO-mfG21yhQY2g7bUYTpuFBxsv-Zr5AKcPOpNxmYj2O3xKbPw5oUFusBA92_1EuDZ0A9zGb20m5yt2JNAfIR7hQSXu3p1xLDQTYVlWaUFCGkiUcVToxCwXowN1o9fJ9U9WxJLAzl_3zhJ_W-3PaeR0YlMXGYx4HKQUqc-SJrE4mWwfT0fzNKXTaBdjTfy4Ir9nJObgxb2_N7kGAfm456jNgHCirCt4NDUsHAycfngBVKE_7hs49tEaFFW-1EApdsyJ6RkcroF6iQKcULYmasDxrn4JnTW5ISHdwSYB3u0WP3kxsw6tee1qobmvhOIUw0dObBUTdlji5_Lg6J7JprE22zrYs4YOSDbiYwWXaSstgRTW613UU4h4mXFoukome059JiN9ti7Iw9RlEqv-0vQKUSTw4vAw4ZbV7M_beVfdB7SkEo4wp1AH0XzI9QMNStHCK53xzBV81jSqtOZyhYRa8ADoI3SPvKghJixjI4jPF60d78Tykkr8RR3wOPhr670TvHFuA
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 9173 35 B
488 B 19ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895360839

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame C52D 35 B
488 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895360872

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0987 0
0 73ms
72ms Image
text/html 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=707367829888826&bg=!9Pel97PNAAYgquz3AKo7ACkAdvg8WphmXSHUc5yC6l0GA8eUNzghSJDPwDxL1-IvQ-6sIgBN3SPKwwIAAA2IUgAAAANoAQeZAuRerzbSb9SIX8drnYp8sjEUpB-7ghCTWiDpx3JcCO867Xnk453wNs04yElWaQwOeOogWk6MunET21jnbGL4QjA0As_fSsqYTNgSOY2vSOFaElI2M3mfQRkPL8SWlKkgTX5jWINGXR2ShHHtIwSEXOy5VBwLsX8CMaJcarQY-vbJ5eYMm-r2-TZzX9sEaiyFLu7t9PuZFQKFPrvstj4cL62-bN-WaeogNdvbOSoTZ_VRYULYACIozHa392yxLVTJhIxKWbdquudk3epWFknNvJ9z8lr9PI4W6SRLXt_G-QNMp-WiAN-bGwideHtFNsaCCbeSJjBqsZtoLou8Qk9fg01H9AXto_gvOe54k41HMQ1D1b-V9bdA5wyup7-BFAviFsYxSoGyJgVwqHH5iCkSkXXUtzRGyIQEivwb3CiX5vjW9fKnSD92cct41JWdYQJP-p8YnLxfRDaScxkn5JKr8BVH13Kh_zRAEagPXPIVo0YdtS-Zvm0iau1Fyf44ExP098Zg8Q_igkfv57zvshhVnFYKf0rIOAoPSCu0GHX8OK5gXwTQTzaWDQQ-if3bSTJFSthqXhpcgFbW77RxllM77PebTmEKxkFEKJkHYZQi-wFDDZizZI7RY1BlEzg85X0FZLW2votEq9uFMRDfoF1p_9Vn9tFYrYTMEmpnFrp7A8Ua0IQyCWvlH0cc3l0IVxTTH7P2QL1gHyIp4Aizoa-lNa9p8ga5aaD83mtw0U2b-TXSciegM8PWv4PCWS_uxEWIR62wry28cSj7q0kZUHijrgVFeWh0WRJdcAAe12IqYtsMchBUBFT17AMz2Nsb0FyRSbsgGNC_q3X1olO4A6hWdYgPya6F1SwVf8XOSONE_fnsnmALWp0z_E7ZMVXjUavuyb09MFZB5qBRyL_ADXFdS2EX41awf1pulZsk5hOscNhdsXaconByx76pVfZnqupgnh4jvcWwIRdqGkYhQJtrwIWL4gcDzA
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3852 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bcq5E-9aXY-esBNrWgAeLirSQBwAAAAA4AeAEAg&bg=!a2ilaCzNAAYgquz3AKo7ACkAdvg8WoupiRmcmwI3P_WBWu2YADwsUBTmq52WMzCDjDk24Y4XbLXyuwIAAAMKUgAAAANoAQcKAHtj4ItxojEGSD9Apc0LSKR7jFwDVoPWr4IYS_EngdRpYWzY8-p2STN50W2sPieokqaodAAJuwSctCcGj_t7JS31un0uPFHjSkYVtv4Ckm-IB_HtQ2uCHwCVlrB-yHOx8Wh3joYTnLnFuriutVLwRu4BMlkC9r1P67seKzqZAx7RfLaBRt6x9bIpNvCfbFQ3v3O65-3kFjWv1rU5ImN52i7FQtzrMSY9EB4CS-zSY1MMDxq_OUf_UbtAtg3D-eVGupDvp-FXiKeMGC57ErA4l_drBaoIKV1_k-9JXNFEDXiQgf76oapK0B-IDAEWmjuGNLGhzgHe5ex-lja70PN-Z8Om0V4G0hOvizXnNC2ZkLinrAkPmVrSMZpTLond0qy5g17ethX5Rw-UWjuGbsh9EGuss3EQ1gZ8bAKb4rm1Spj8sWHsCa_eAaHUvOxfM-C2OU3fWOxAqKi-SLvvt8We9yXLMhdYMDb1krfPxZUmKaCJV0kl6Gtw5b7ES-E0VV-kj1Q3SkWtnRxusv0pbRHzbYcAZGNJeO_oXHTUsEjXEZefOqa8osI80f7K7irglNZZRWWuUUQHUmC_ATMKxBrSftjAilMhcnnCBDEclBwatJSaufRmkGOUYekD84i5jCYYczfBks_m7VSHW2cn3WDKYxJmZtMo76CUquQsnikEVqLWhvKNVyAg0aoiO2MN89NfsPN1wlT95mEiI6ylju-7gCithXJXs-M4h461omfMLHvI3mbZt5Ay2GUQpYcXuE6zcjwXhIX4oERg8kVLUzu-UutVweqVzzmjtgxgn_68SPtWO-82INAbFAC20s_8X-UfqSMWhmwP57zMPMz_XWjem5r6hz9-6wy7KrLye2Ok87F_Dh3REucYR0E4EjWN3bhOaEkaN-WmAbwDKFiuQrWl8rQc57sLC2DQLFKmVO8Gsj3nYs0cn1ouVBOff4x1oYhAp_yRr5jqD8jmFam_EoPGcYo7oLnrI6_KA2XBUbOmpX7mkkLjDdhRnKXbaSzODa793sRX1qSGWrgrzOStH2t4Q3F-E3tTde367-dAl0hSnUnT1v3sWpLeY9bGwmEj7hv220oSXmQFUmndcKylg8axE2aHXPkPqgZr6FSd9vPovVWsWBdRLC2N0v-JKP8OEmGdRM9idEyy63qutQ7f9f4iqQIF3rf78t95c8ZjQcab7N3AGgj-sg6c2-Hf3LSr1s_EZVQCuk64W0KxRFWMpqI

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 30ms
30ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895360838&oz_l=49&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:36:00 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK viewability Show response
hal900028.redintelligence.net/ Frame 11E6 0
150 B 38ms
15ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/viewability?s=60212100005016506516379012172028&a=8a8465a0&vb=v
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=60212100005016506516379012172028&a=82eaf16c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/request_content.php?s=60212100005016506516379012172028&a=82eaf16c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:36:00 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 3C39 8 KB
3 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B25220131.294007390;dc_ver=92.271;sz=300x250;u_sd=1;kw=AFF_la_117679_12218_-;mco=AFF_la_117679_-;pid=O2_AFF_POV_EXA_15008;dc_adk=2707832954;ord=a458o4;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3Dhttps%253A%252F%252Fpartner.o2online.de%252Fa%252F%253Fi%253Dclick%2526client%253Do2%2526camp%253Dlpurl%2526tcamp%253Dchannel13%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117679C1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxCiew%2526affiliate%253D117679%2526lpurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=4,https%3A%2F%2Fearnme.club$2,,,,https%3A%2F%2Fpartner.o2online.de%2Fo2%2F%3Fnw%3Dlea1%26affiliate%3D117679%26partnerid%3D12218%26s_id%3D117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26camp%3Dchannel13%26size%3D300x250%26clicktag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1jmwcz939sm1n4vsxfzhkbx90mbs6g93wj4xtkgh2v25qhcze66hns21n99vjwmh788efkyp7kskx97kc240p2pkyajgshyrttgf5xd55f2yj8jca9xs3wt8gmdeyt5zb8gvrv2fw938365sxv02tryee8zyke81rn9h9x6vvje7edg4veq0gm791m3cxddd89wjbfffx5a4ty0d5mg5wm2e5wgkmggazvh7kvmmg9jqa2cj3eyrrzkm12672stp%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DdvkQKAjbaCWrM7FySKtVQJ4x5b7-g-lalG44rpjfMzZBARRnTeMz8DZ9JNJrNRQTGbVbg29opjiFDiNn49hm4N4EDXy4MwX4mFr3gqvGkInJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69BH7a-Tl0rFrtRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17DSCFm7GB6w5rz3aaVhi21f2-TmwiOhRdyvZhEBkHI_cJoG9QWsDzBnaqsnq7WS-hHQv_N6uiTXom2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qe7rpONQXrAXzHk51yP85fnbCDc50wReLHnOsTipgvB-T6YUslD1CDuUUx4PkcTw007_gRqF_bmP4a_GCoVBNGH_SgXXZDbyZNl8BVqc3_VKfchxHaVNerPMD_rxmhFoK5zG05d8w5PcGq2nvm1N1cxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFq0LRZ90Mw74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D$0;xdt=1;crlt=ukszgKEsdB;stc=1;chaa=1;sttr=179;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:19:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 01:19:11 GMT

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 3F00 35 B
488 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895360915

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 6BBF 8 KB
3 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B25220131.294007420;dc_ver=92.271;sz=300x250;u_sd=1;kw=AFF_la_117693_12218_-;mco=AFF_la_117693_-;pid=O2_AFF_POV_EXA_15008;dc_adk=1795295360;ord=k62i28;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hq7h3rswdaen46skpfbnw2zrz53n6k1w80kbfty5k614rf6hhphfeep7dp99hm6ax9yegn4vaydarbxcgad6hw70mhz7gcmemptvvy3bfrexfgw18p0nn0sssyczedcz3nrexfy1tzkrq0vdsas9mb1y5j4w833wtkkb61fw0j5q2ekm0gdrxmmsdk69vvf1wc0t4xbch3gkt13cvn8h4pch65vadndq7c7mdjnhn81nnzb36hcz3beeebpsvg%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117693C1226162749F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26deepurl%3Dhttps%253A%252F%252Fpartner.o2online.de%252Fa%252F%253Fi%253Dclick%2526client%253Do2%2526camp%253Dlpurl%2526tcamp%253Dchannel12%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117693C1226162749FSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxCiew%2526affiliate%253D117693%2526lpurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=4,https%3A%2F%2Fearnme.club$2,,,,https%3A%2F%2Fpartner.o2online.de%2Fo2%2F%3Fnw%3Dlea1%26affiliate%3D117693%26partnerid%3D12218%26s_id%3D117693V1226162749FSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26camp%3Dchannel12%26size%3D300x250%26clicktag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1hq7h3rswdaen46skpfbnw2zrz53n6k1w80kbfty5k614rf6hhphfeep7dp99hm6ax9yegn4vaydarbxcgad6hw70mhz7gcmemptvvy3bfrexfgw18p0nn0sssyczedcz3nrexfy1tzkrq0vdsas9mb1y5j4w833wtkkb61fw0j5q2ekm0gdrxmmsdk69vvf1wc0t4xbch3gkt13cvn8h4pch65vadndq7c7mdjnhn81nnzb36hcz3beeebpsvg%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117693C1226162749F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1hq7h3rswdaen46skpfbnw2zrz53n6k1w80kbfty5k614rf6hhphfeep7dp99hm6ax9yegn4vaydarbxcgad6hw70mhz7gcmemptvvy3bfrexfgw18p0nn0sssyczedcz3nrexfy1tzkrq0vdsas9mb1y5j4w833wtkkb61fw0j5q2ekm0gdrxmmsdk69vvf1wc0t4xbch3gkt13cvn8h4pch65vadndq7c7mdjnhn81nnzb36hcz3beeebpsvg%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DMU7IUQdm5wiVla3rlbaVCPXBiXjVSOEb9jA6dSg0ocplwnyHjpfJxbkjpE4NLSXbWYxOZoiiyi649BzaWkKXSR4slsnOejBGZKQsKupjFTjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69DgoQFvQSLmSNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17PX-w2Yc_UECRxucVfVX8AiXL0m7BYlnYyvZhEBkHI_cJoG9QWsDzBkyghEoNu5V-UYdFqgoomHgm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qSeBPsIGFc8ljwJTpfpUj9i8ldkV-aF_EqvHxOhykrHug0VP1wNBACkyWCHx9tnRp9ksvNSyReXJTXhkPVY9LfGbJ0Neopser9GBRUJRS0b_4rXpmTozSPnMD_rxmhFoK51OhemccrVMZj5NLB0HtQxrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRFIvNgM5g6zVoVCRWfIwEGjuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117693C1226162749F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%2526deepurl%253D$0;xdt=1;crlt=ukszgKEsdB;stc=1;chaa=1;sttr=212;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:19:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 01:19:11 GMT

POST
H2 200 /
adx.adform.net/adx/unload/ Frame BFE3 35 B
488 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895360927

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3C39 170 KB
59 KB 111ms
35ms Script
text/javascript 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55512
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 10:10:49 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 3EB4 8 KB
3 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B25220131.294007390;dc_ver=92.271;sz=300x250;u_sd=1;kw=AFF_la_117679_12218_-;mco=AFF_la_117679_-;pid=O2_AFF_POV_EXA_15008;dc_adk=66784750;ord=7elf5n;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3Dhttps%253A%252F%252Fpartner.o2online.de%252Fa%252F%253Fi%253Dclick%2526client%253Do2%2526camp%253Dlpurl%2526tcamp%253Dchannel13%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117679C1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxCiew%2526affiliate%253D117679%2526lpurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=4,https%3A%2F%2Fearnme.club$2,,,,https%3A%2F%2Fpartner.o2online.de%2Fo2%2F%3Fnw%3Dlea1%26affiliate%3D117679%26partnerid%3D12218%26s_id%3D117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26camp%3Dchannel13%26size%3D300x250%26clicktag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D$0;xdt=1;crlt=ukszgKEsdB;stc=1;chaa=1;sttr=250;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:19:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 01:19:11 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 6BBF 170 KB
59 KB 96ms
39ms Script
text/javascript 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55512
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 10:10:49 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6BBF 41 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 07:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 07:06:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BD39 0
0 74ms
74ms Image
text/html 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=2464667968466042&bg=!T0ylTAjNAAYgquz3AKo7ACkAdvg8Wl1x9CTUPsJfH6Qmtciw6dVciJDPqyT70fTmvezGDHKTUI_txQIAAAwFUgAAAANoAQcKAH_VivYzRhBVJzzB7rPp4N7Z6sxc5fbK0WlLW7LSEdvJPUqzlkrXvUnwM_KCLuLcjCPcKa2RNDTK_ruAMUtkm2Hia_Ej3t-dsoSjPrv7QXzH_j2OIDL9-JsyQaVKs_PYPZ0rL1m_4-tPslmwAaGCPmxAm5s-4quMi4wzKjqADQZRmQL4Ls625IwcPY_CoezMGCceEIFYmRHNT8w836U5Hlr79hiHXlS27-LalvbB51MbAiAq1DFhc24yjYNTu0wI_lLnY1L7vvCacSFQ9lB8N97lruE4EIETKp4xalks_rpCXov5KbWW-9ln0iAnMhr-kR3MxT_oD0sIXoKzDt6G7LzZbGFLCU3peBunUE56lD_5GTIDY9G369HTAbQfsJQSRjBvC2SQVquEf-FUAGNgR3am4yh0MWYF60hyWua0d9AygpY4c7skth-FGHCEBJgR0OdTOUaYNiLqxMiLoj_Z-U-qpUCpC4o8-q0s6bGX0SSJQGvurlAo7xRfcCzQUs83TXYwbIN95iViE4DyWcdynrmFhXAh0cNIp_GNdO5I10FN9wYksymI8LFACxn2OrRcF40z2ULCmM_aRiTBfbmZfg9z1oRfxCdPOutDTnBn11dHu64IfFFlZ9IN1AzRA3VoS7AeMyajqChxwKu3yXVAjw18bnxdzEBESEGMMzSknAkPesO2HdxLVWMkBWQMCcr2Xp_QJd91y9PdbqW2Hxr_1xOVgpo6NGVpaDwUFaq8ZoPY2j3_YeL08lKT5k6zMFA7hoXAN9Swx4_ktLkQQKT6ERFu-JfDIwYGqaE6tbMT7htoZTZmg9KouXIwLpfqexgU9g57RB6iDg10RSiLJ-qhCLB6SVDrmVEcNnh1-RXKVEETE5FNKsMrz8cOQW0cZp2pZjMuyWGyJfdNPQQBtA4EDUveI8E3BfOc4Pv0OsTTFzhnOxecG9-TXLmKNxivESy7prSXkv-_ZjKS4dxq66eSBw4jO79B6VQU6O8GToC8CYGyJhY8iXis24WbBh_k0vqPgtBz5zuXnLVt6q7GYal4u0gyt_GtWO41EJVBC62m0PYf0Me247KSjBqdSG9_0bP9056AbXoBylkdK9xIhCqK3os37uNBInOp6R80Rv6356AJyCSCD1M7TAI-mnvFXoFHbVvV6gDWqj06WzzptmmMcHZ8Oodf5FuSgtHA-w
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

POST
H2 200 /
track.adform.net/serving/unload/ Frame 69D1 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-SMopbVCT6kgi8Z5Xjoz8CJ-m9tFOi7_nuybUF9Vlz-luIH_XNKszJyTBDjc4LoA6meHad8CzFZoDUZVNBq51ShghUEnP6WXKFQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,8078172746382293596,100|1070|0|0|0|0|0|0|0||42|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvvriiJ5WWfThhpnBRkvb3lA7z_uuw_WOM1|X8t-36h9nYR42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-QqHFCVDKYQGwdS1gx69IWBPnaSym6moQzLK1bfyl92rNIMheK2qV1G8ZXE8_p-CgxcqC6ZP3_v8UgO4kbKKRHjiVaigPj8CtC487kQPD7qPMfMEX5By_Xskui0bMBUl7GT4sDDTmQgWQO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 69D1 35 B
468 B 20ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,8078172746382293596,100|1070|0|0|0|0|0|0|0||42|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvvriiJ5WWfThhpnBRkvb3lA7z_uuw_WOM1|X8t-36h9nYR42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-QqHFCVDKYQGwdS1gx69IWBPnaSym6moQzLK1bfyl92rNIMheK2qV1G8ZXE8_p-CgxcqC6ZP3_v8UgO4kbKKRHjiVaigPj8CtC487kQPD7qPMfMEX5By_Xskui0bMBUl7GT4sDDTmQgWQO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 95B2 8 KB
3 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B25220131.294007420;dc_ver=92.271;dc_eid=40004001;sz=300x250;u_sd=1;kw=AFF_la_117693_12218_-;mco=AFF_la_117693_-;pid=O2_AFF_POV_EXA_15008;dc_adk=3648992709;ord=shy6p1;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kvwc9y39hda1c6808e8g8n1fwt0sc90nk8bwg6e7wrsfwn561h89dfdtz5kkq5e8df4nftb2ygg7r5pvrgrcb4agf1qf0zb9dnrakajdg308e92kwtzb9mdtppgggy10eq0st34yf5hha8rr8kbrxscpew1y420q681zr47qn1jgm475sxcq43cdgd6pzsecchntte2cwgxq19wpq03j554m58psbd016z2xfexznf7kexebwfmp19kddbmdn4d%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117693C1226162749F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26deepurl%3Dhttps%253A%252F%252Fpartner.o2online.de%252Fa%252F%253Fi%253Dclick%2526client%253Do2%2526camp%253Dlpurl%2526tcamp%253Dchannel12%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117693C1226162749FSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxCiew%2526affiliate%253D117693%2526lpurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=4,https%3A%2F%2Fearnme.club$2,,,,https%3A%2F%2Fpartner.o2online.de%2Fo2%2F%3Fnw%3Dlea1%26affiliate%3D117693%26partnerid%3D12218%26s_id%3D117693V1226162749FSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%26camp%3Dchannel12%26size%3D300x250%26clicktag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1kvwc9y39hda1c6808e8g8n1fwt0sc90nk8bwg6e7wrsfwn561h89dfdtz5kkq5e8df4nftb2ygg7r5pvrgrcb4agf1qf0zb9dnrakajdg308e92kwtzb9mdtppgggy10eq0st34yf5hha8rr8kbrxscpew1y420q681zr47qn1jgm475sxcq43cdgd6pzsecchntte2cwgxq19wpq03j554m58psbd016z2xfexznf7kexebwfmp19kddbmdn4d%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117693C1226162749F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1kvwc9y39hda1c6808e8g8n1fwt0sc90nk8bwg6e7wrsfwn561h89dfdtz5kkq5e8df4nftb2ygg7r5pvrgrcb4agf1qf0zb9dnrakajdg308e92kwtzb9mdtppgggy10eq0st34yf5hha8rr8kbrxscpew1y420q681zr47qn1jgm475sxcq43cdgd6pzsecchntte2cwgxq19wpq03j554m58psbd016z2xfexznf7kexebwfmp19kddbmdn4d%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DdvkQKAjbaCVaas4dp7FhbT2YyPkqYV8UxZxKdqs9RD3PbdUmHLVTEjN9KlWqfrAl6YL2irEX_rRPzL1s3oJLHxFiyzPHsfFqyszH7fo69cTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69AtxLWFKtJ6G9RJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17Er06LNVFpDqWn7GHW6_lfJAjbBJFEKDiivZhEBkHI_cJoG9QWsDzBkcG5PWjbB6ovUVj-WmztAQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qbzIddp5stwJTRQC1p2S-iVzc79BBTMghsPeem0U9WYSJnfr9e__B3RCmuQowZ3VGlBOhl0WBQz5q-UQbj-nvci9bzS7DLu0zWhtrqttfrUg4rXpmTozSPnMD_rxmhFoKxqhfgPAX1v775KAZisaWJZrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRSmSXsFJ0Qo1oVCRWfIwEGjuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117693C1226162749F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidwAkUdfjfdb6UEHmtwuEC447HzSATJJUz2poneid__adfPros_MaxView%2526deepurl%253D$0;xdt=1;crlt=ukszgKEsdB;stc=1;chaa=1;sttr=282;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:19:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1010
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 01:19:11 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 4439 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-SMopbVCT6kgi8Z5Xjoz8CJ-m9tFOi7_nuybUF9Vlz-luIH_XNKszJyTBDjc4LoA6meHad8CzFZoDUZVNBq51ShghUEnP6WXKFQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,6704022539701620899,65|1092|0|0|0|0|0|0|0||28|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvVPW2o-FsZzBhpnBRkvb3lA7z_uuw_WOM1|u0V96RrWX6h42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SmLsoGx7NKPFojyZHjkG7c8tjiCYe453KNRb8TcQu-OG6ZerffyPdz3MpirWevacmVKBsZMbsSOnpPbsBybqHO7pcn6Y5yVtS487kQPD7qPMfMEX5By_Xskui0bMBUl7GPSLnBsB6GAQO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 4439 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,6704022539701620899,65|1092|0|0|0|0|0|0|0||28|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvVPW2o-FsZzBhpnBRkvb3lA7z_uuw_WOM1|u0V96RrWX6h42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SmLsoGx7NKPFojyZHjkG7c8tjiCYe453KNRb8TcQu-OG6ZerffyPdz3MpirWevacmVKBsZMbsSOnpPbsBybqHO7pcn6Y5yVtS487kQPD7qPMfMEX5By_Xskui0bMBUl7GPSLnBsB6GAQO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3C39 41 KB
15 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 07:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 07:06:25 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3EB4 170 KB
59 KB 70ms
65ms Script
text/javascript 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B25220131.294007390;dc_ver=92.271;sz=300x250;u_sd=1;kw=AFF_la_117679_12218_-;mco=AFF_la_117679_-;pid=O2_AFF_POV_EXA_15008;dc_adk=66784750;ord=7elf5n;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3Dhttps%253A%252F%252Fpartner.o2online.de%252Fa%252F%253Fi%253Dclick%2526client%253Do2%2526camp%253Dlpurl%2526tcamp%253Dchannel13%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117679C1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxCiew%2526affiliate%253D117679%2526lpurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=4,https%3A%2F%2Fearnme.club$2,,,,https%3A%2F%2Fpartner.o2online.de%2Fo2%2F%3Fnw%3Dlea1%26affiliate%3D117679%26partnerid%3D12218%26s_id%3D117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26camp%3Dchannel13%26size%3D300x250%26clicktag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D$0;xdt=1;crlt=ukszgKEsdB;stc=1;chaa=1;sttr=250;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55512
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 10:10:49 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3EB4 41 KB
15 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B25220131.294007390;dc_ver=92.271;sz=300x250;u_sd=1;kw=AFF_la_117679_12218_-;mco=AFF_la_117679_-;pid=O2_AFF_POV_EXA_15008;dc_adk=66784750;ord=7elf5n;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3Dhttps%253A%252F%252Fpartner.o2online.de%252Fa%252F%253Fi%253Dclick%2526client%253Do2%2526camp%253Dlpurl%2526tcamp%253Dchannel13%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117679C1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxCiew%2526affiliate%253D117679%2526lpurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=4,https%3A%2F%2Fearnme.club$2,,,,https%3A%2F%2Fpartner.o2online.de%2Fo2%2F%3Fnw%3Dlea1%26affiliate%3D117679%26partnerid%3D12218%26s_id%3D117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26camp%3Dchannel13%26size%3D300x250%26clicktag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D$0;xdt=1;crlt=ukszgKEsdB;stc=1;chaa=1;sttr=250;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 07:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 07:06:25 GMT

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 3455 35 B
488 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895361034

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/Serving/Event/ Frame 15E8 35 B
468 B 20ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=57914107&event=178&time=5&baid=55483020&name=Viewable%20impressions&imprid=2515952391550305473&icid=0&eData=TSoVWy5CDOuhYJEnwmKyuzUyXTFuQeaqumjmAI-8sjxo4kOyoBiwbg2&rtbdata=xiHm6YAi-vVmr_3gZKRm98o9mQGY2QuHISffqLP7hA4tKTyUe4hs4hOKuvwmQ4wO_s_x9blzkuGytvWJqDnzen-16bq5Ws4PbvDITuqjyFbJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRrtdS2MB8-ROGdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrcEoKrUDHIGNMN4iOtIBxgX0&rtbwp=nWwrKoCBlz6HGt-U83xIK71BzXRAhF7GE6q8_Q&rnd=861648436

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 15E8 35 B
468 B 20ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@57914107,2515952391550305473,100|1072|0|0|0|0|0|0|0||42|1|||||1|0|0|Buf_lGENLMHi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/Serving/Event/ Frame 76B2 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=57914107&event=178&time=5&baid=55483020&name=Viewable%20impressions&imprid=5362805310867462538&icid=0&eData=XdM4-WjZqXChYJEnwmKyuzUyXTFuQeaqumjmAI-8sjxo4kOyoBiwbg2&rtbdata=ke90qzTFtgwUEGpwB2OIqC4RsVuxr1GI3JBvhZb6xGvOc7CsNg_ScpQ6P-edhvCJURcl37Kesj0aunzkbEvh61f1DkI7YuDkw3ZguOXyGLrJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_EpdKVVJPub9h8aTD3DHXZeu8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1&rtbwp=CjkTFq2MfMBS5qqFQ7YbLmtTm_xCLhNaVswVWA&rnd=167529534

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 76B2 35 B
468 B 20ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@57914107,5362805310867462538,100|1072|0|0|0|0|0|0|0||42|1|||||1|0|0|Buf_lGENLMHi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/Serving/Event/ Frame C6F8 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=56129379&event=178&time=5&baid=54008057&name=Viewable%20impressions&imprid=9067970625162598916&icid=0&eData=IC_SwPvieHNCmGGWX8_dGN9HfaTuwoEkumjmAI-8sjxo4kOyoBiwbg2&rtbdata=wne0tGld-9ln1ew8_xv8abSxUM8Ag-rBFx-TXaKZ6P-6lPtbCRI087HxLXDO7UtQZaJ2yecpWLs_8jAC91urPWwneLafaP4DLmkf3M6pIyHJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_wEqmWq2V8i5h8aTD3DHXZUaZE5fSFo-peTqcoE3up6MpcWlM66LloJcp1C8rulQawVlJQDJVhiYuouAqghP3omnlVwJhAxQOQeEimShqzcc1&rtbwp=e4NwOcW29uF7feEByOXVe6J0jcoeHMvkpZFDJQ&rnd=193256409

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame C6F8 35 B
468 B 20ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@56129379,9067970625162598916,100|1073|0|0|0|0|0|0|0||42|1|||||1|0|0|dl9lejCdnnLi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/Serving/Event/ Frame E46C 35 B
468 B 21ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=57892097&event=178&time=5&baid=55461633&name=Viewable%20impressions&imprid=2745373533687863285&icid=0&eData=iTDYAAtBfGSQfMq5sJZ4ojUyXTFuQeaqumjmAI-8sjxo4kOyoBiwbg2&rtbdata=w0gPlZmJKclf-oZP3yqTXtQnEJBpSwWI6S9GNls4EwOTNpx5Gr9VOxvIjdl7RKVdepWnkqbwvCvWzEt_cZvUKzsxOjnXeJux9CPSSKjEKpvJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRo_amOpC4z-tGdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrfiU0ly5wEI78N4iOtIBxgX0&rtbwp=em2hP2KdrNeVFKJt-SXORM1zN0I1FqtF6Un-3A&rnd=975908818

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame E46C 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@57892097,2745373533687863285,65|1082|0|0|0|0|0|0|0||28|1|||||1|0|0|BaNsvgXTho_i5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/Serving/Event/ Frame 8BC7 35 B
468 B 21ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=57914107&event=178&time=5&baid=55483020&name=Viewable%20impressions&imprid=4715473188288900858&icid=0&eData=eX4pSArZrUehYJEnwmKyuzUyXTFuQeaqumjmAI-8sjxo4kOyoBiwbg2&rtbdata=C8pQXsG6MGInaXEP9JmiFOVBFqH3xFVvas7a2nU_-OmzEqcjlxIRvraIVzTFqXjpuPNnD07tIllqiwC5SzjbT01S3DLbpjOTtKRn7DZziLHJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_zQ3UQQloec8mpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1&rtbwp=t6U2F2EWMU9ythgf51MWyGiIKjg1hTtwFVALSA&rnd=950318785

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 8BC7 35 B
468 B 21ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@57914107,4715473188288900858,100|1082|0|0|0|0|0|0|0||42|1|||||1|0|0|Buf_lGENLMHi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 95B2 170 KB
59 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Origin: https://ad.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55512
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 10:10:49 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 95B2 41 KB
15 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 07:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 07:06:25 GMT

POST
H2 200 /
track.adform.net/Serving/Event/ Frame 0550 35 B
468 B 25ms
22ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=57892097&event=178&time=5&baid=55461633&name=Viewable%20impressions&imprid=6724232126677883338&icid=0&eData=2jYjt_4YNo2QfMq5sJZ4ojUyXTFuQeaqumjmAI-8sjxo4kOyoBiwbg2&rtbdata=QbDIfGAuKeEH1MQ_220M9ATb70SElGa9xV07ZZotB6z5rq9aZskuf-wGnqiburzajWx22vlVDWhvY5J2i7tqw32INWQAw618_HLhW4zVJHTJdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_TjbJk6k5dowmpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQaREqrBtSb72kuouAqghP3omnlVwJhAxQOQeEimShqzcc1&rtbwp=boiAhbMWi2EyOmpRE12kgGrAPs1Fvmio11s9UA&rnd=473839478

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 0550 35 B
468 B 23ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@57892097,6724232126677883338,100|1096|0|0|0|0|0|0|0||43|1|||||1|0|0|BaNsvgXTho_i5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/Serving/Event/ Frame 2A6C 35 B
468 B 23ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=56680285&event=178&time=5&baid=54573432&name=Viewable%20impressions&imprid=6731843366334315055&icid=0&eData=RHnTLb6xdbbbY5OFieGEBDUyXTFuQeaqumjmAI-8sjxo4kOyoBiwbg2&rtbdata=-0zUFzE6t5t_IRPvTPxcZ-H-auXvF8cnTJPvBNmSDLYFkqBCj8BOyISaE_Zh8bPLjp2cf6dT8KZuimXNwQpa6R7qBcHyD6lM6Jk7-YbVvWLJdVNPTLJm4SM9Afw9re89ztqshedlpVB_ysvnzbZL8rtcIIqrWpTiBnb1QeP5vk_M3ckoKOI9jXCJhkgqjVF21Sw4YYP3sAXw3xnNdnf_W6F-2-qewsQQKfIqcIqo2m_KiWiBehypB738hB1OL9u8kUCAmqEu2s-IAEYO3r798u_X9MpLQToLEPLVsDIWovd0gew-eC1JRrbPiSuQrZ68GdfN1hm1XR-B7y7Do6yWRimJ_IU6mQ8ynW2_r432aB_a7x3CIa8WPKQ0AWB21j0wsYA4esHgKrevnFFEaS7agsN4iOtIBxgX0&rtbwp=zUi57vGt5nKTHPsQ2bnybJKuVObYMBE5yw3PRw&rnd=152916047

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 2A6C 35 B
468 B 21ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@56680285,6731843366334315055,100|1096|0|0|0|0|0|0|0||43|1|||||1|0|0|nxE18LZgeuni5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 3455 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=MpJruoWaRyI20_6hALu183UkRBngUe1010qPw3RlTTUTn96GGzODIakSoRhD_61GTAOagA-9dZ88kAt6lENKjYF-wBRS65a1OGosvdbdyL3R1IKaV5DKLuFjqrxUXOuZ6QmC08n3WiULqGiwQgYS_53yPn_laZvztJB5bgxifZwfnAUSC7OkV5DYF0FtBHlJG9SJENQcwkQ1&unload=8059699510355671993@@59973788,3932380047901735253,100|1151|0|0|0|0|0|0|0||45|1|||||1|0|0|Ebsdc2yzq66oMC9hkrxj6WYZlJRRj5rL2kBJRYARrKsmtWhzIniYJJ3PsErbyimS2kBJRYARrKto4kOyoBiwbg2|d1Lp7PzCglF42u1ywTJ-2lrE5z_TqIuLhMXjfvPR-5DT_Xu5LeVuf7EkOMSwEW3PscLnfLql09UNU04UiohQU3Zr4kbBOP_qk6uZHsZLLLoxHA33UP0PH2mnAbalgP-j8j9zlpS2mQZuKM90GWTYi8Y_Zsa4g9hCnzYymPlhv7zTmUy7WOFjysfMEX5By_Xskui0bMBUl7Eykz4k76ChXwO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 3455 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@59973788,3932380047901735253,100|1152|0|0|0|0|0|0|0||45|1|||||1|0|0|Ebsdc2yzq66oMC9hkrxj6WYZlJRRj5rL2kBJRYARrKsmtWhzIniYJJ3PsErbyimS2kBJRYARrKto4kOyoBiwbg2|d1Lp7PzCglF42u1ywTJ-2lrE5z_TqIuLhMXjfvPR-5DT_Xu5LeVuf7EkOMSwEW3PscLnfLql09UNU04UiohQU3Zr4kbBOP_qk6uZHsZLLLoxHA33UP0PH2mnAbalgP-j8j9zlpS2mQZuKM90GWTYi8Y_Zsa4g9hCnzYymPlhv7zTmUy7WOFjysfMEX5By_Xskui0bMBUl7Eykz4k76ChXwO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 749F 88 KB
29 KB 16ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:01 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 636E 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 192647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 20:05:14 GMT
expires: Sun, 10 Dec 2023 20:05:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 973F 22 KB
8 KB 39ms
37ms Document
text/html 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 192647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 20:05:14 GMT
expires: Sun, 10 Dec 2023 20:05:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 31ms
30ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895361116&oz_l=11&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:36:00 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 97D6 88 KB
29 KB 18ms
17ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:01 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 3F00 35 B
468 B 22ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-SMopbVCT6kgi8Z5Xjoz8CJ-m9tFOi7_nuybUF9Vlz-luIH_XNKszJyTBDjc4LoA6meHad8CzFZoDUZVNBq51ShghUEnP6WXKFQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,7383330283981946954,100|1056|0|0|0|0|0|0|0||41|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsdtOAN0sf5ghhpnBRkvb3lA7z_uuw_WOM1|qSa5lKNbOYR42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T-U_4_PkKvOAEn0u8UCDXJcaV2rIZ-uYMHSIOSGTPhw-_4r12wTmMaTvNa4PdpnBAhk3WoatXs9tf_t1_4lF9gBIAz7fY1yPq487kQPD7qPMfMEX5By_Xskui0bMBUl7FFlxhuOX0aOAO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 3F00 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,7383330283981946954,100|1057|0|0|0|0|0|0|0||41|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsdtOAN0sf5ghhpnBRkvb3lA7z_uuw_WOM1|qSa5lKNbOYR42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T-U_4_PkKvOAEn0u8UCDXJcaV2rIZ-uYMHSIOSGTPhw-_4r12wTmMaTvNa4PdpnBAhk3WoatXs9tf_t1_4lF9gBIAz7fY1yPq487kQPD7qPMfMEX5By_Xskui0bMBUl7FFlxhuOX0aOAO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8082 22 KB
8 KB 38ms
36ms Document
text/html 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 192647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 20:05:14 GMT
expires: Sun, 10 Dec 2023 20:05:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5168 22 KB
8 KB 45ms
36ms Document
text/html 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 192647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 20:05:14 GMT
expires: Sun, 10 Dec 2023 20:05:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 /
track.adform.net/serving/unload/ Frame BFE3 35 B
468 B 29ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=H7qwMqaV3dTNMp6nlBf-JCYPWbMVopi3ehSAjxOEu-SMopbVCT6kgi8Z5Xjoz8CJ-m9tFOi7_nuybUF9Vlz-luIH_XNKszJyTBDjc4LoA6meHad8CzFZoDUZVNBq51ShghUEnP6WXKFQrChXLby1d8PrmIiOew270&unload=8059699510355671993@@60048282,4803009998661704403,100|1073|0|0|0|0|0|0|0||42|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvap09BQMYH4hhpnBRkvb3lA7z_uuw_WOM1|C2p2hd2b5HV42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-TVgJBnfLkelLdyFlH6jrbbuNkQ1OEvk30OKK-aMiMtio8D7f9ddppjZUl_FOyH8hGPxu22c7tBtoypF-O_Ox7iCFZ7L1zmW1y487kQPD7qPMfMEX5By_Xskui0bMBUl7FkqXhNhponOQO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame BFE3 35 B
468 B 28ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,4803009998661704403,100|1073|0|0|0|0|0|0|0||42|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvap09BQMYH4hhpnBRkvb3lA7z_uuw_WOM1|C2p2hd2b5HV42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-TVgJBnfLkelLdyFlH6jrbbuNkQ1OEvk30OKK-aMiMtio8D7f9ddppjZUl_FOyH8hGPxu22c7tBtoypF-O_Ox7iCFZ7L1zmW1y487kQPD7qPMfMEX5By_Xskui0bMBUl7FkqXhNhponOQO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/Serving/Event/ Frame D7ED 35 B
468 B 30ms
22ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/Event/?bn=54901439&event=178&time=5&baid=53068672&name=Viewable%20impressions&imprid=8712314320817827995&icid=0&eData=Kp6AaEadeEFBAjrFtPFZg99HfaTuwoEkumjmAI-8sjxo4kOyoBiwbg2&rtbdata=aJKsiFVwk3mzCj2t8fHuYsKt-_ZI8256HlPvdGq1jL9jjnZSQn0X6VRzmorgIzdabsOEUD14wmr3F-MMmKRb7Z9K_U2srmWWp561Scw3SK7JdVNPTLJm4SM9Afw9re89ztqshedlpVBieaErX2zyaFdbKv5DtA9_oZCp-QDaIvImpjv65oM24Ou8iexRVlmIu7-jwbgTYGMpcWlM66LloJcp1C8rulQapFFk3vNLoIIuouAqghP3omAC5HLFvl7DQeEimShqzcc1&rtbwp=q5a_MJdgwArOEnF-cs_Mf-K0uQ2FiQ1xeo6mxg&rnd=329892736

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame D7ED 35 B
468 B 28ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@54901439,8712314320817827995,100|1073|0|0|0|0|0|0|0||42|1|||||1|0|0|SDG9sRpU6Kni5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A282 15 KB
6 KB 20ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 1405348
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 749F 89 KB
29 KB 20ms
17ms XHR
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:01 GMT

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 69D1 35 B
488 B 19ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895361244

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 4439 35 B
488 B 19ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895361271

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 137E 35 B
488 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895361286

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 2650 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=7nFBBAPMu5w20_6hALu18w3h0v_6Ev34L7VVGZQq3Dyvhk_PvGRTfAnLuJv2sWBdpB0zToaVlZD4wEF78xSwCj86VUy1oSXv8Iapbqlyuo9lJC6SxzKdoamNn7HtM7PVaO9XC2JxaeO5Yks1Czox6IoDrNjhQ_83w3iI60gHGBc1&unload=8059699510355671993@@52776760,656867547274285930,100|1012|0|0|0|0|0|0|0||40|1|||||1|0|0|hPFD6sAiWga48M5tcwHHbWYZlJRRj5rL2kBJRYARrKuRBMIkw2U5qRhpnBRkvb3lA7z_uuw_WOM1|NR6vD3u_96l42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOIZsskq0Op52_Lv187g21ptkhM1KAnYn6VX6KkkC2M17Ih1FcgCC3jJPPt1G4hHWK5vcMiNaLAME6wJt5VpXOvY_IAdJ_tTSlq487kQPD7qPMfMEX5By_Xskui0bMBUl7H_UuGAc_PQbAO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 2650 35 B
468 B 20ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@52776760,656867547274285930,100|1012|0|0|0|0|0|0|0||40|1|||||1|0|0|hPFD6sAiWga48M5tcwHHbWYZlJRRj5rL2kBJRYARrKuRBMIkw2U5qRhpnBRkvb3lA7z_uuw_WOM1|NR6vD3u_96l42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOIZsskq0Op52_Lv187g21ptkhM1KAnYn6VX6KkkC2M17Ih1FcgCC3jJPPt1G4hHWK5vcMiNaLAME6wJt5VpXOvY_IAdJ_tTSlq487kQPD7qPMfMEX5By_Xskui0bMBUl7H_UuGAc_PQbAO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BBF 153 KB
47 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:36:01 GMT

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/2599429262398193664/ Frame C45B 45 KB
12 KB 128ms
55ms Document
text/html 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=J4U1ZiaAbP&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

067a579ed5e2da39bf8a62b2f2eecd602422862fae65286e2d50bcb79f614646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:01 GMT
expires: Wed, 13 Dec 2023 01:36:01 GMT
last-modified: Tue, 27 Sep 2022 11:03:04 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6BBF 0
0 66ms
65ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFm4do9m2cux10SLesh0zNdYOCP1vQoGqL9dVZviBEMMlg9c7aggOSx8-XYO9QzupdLhRA6WxbZDrB2F15BMKm1_gphvhCdEWpgKBV-uViQsGwQLFmhWswnaB3HpatIjOdQfL4mI4MtGxPkwZueq349XTI5G1I&sai=AMfl-YQVIoh72OAgK4zMimUqduMz_J699mqSxOc8ZzcAVkOLicYr5-n_UYGzNHtWma69wBEBmP5rknUCxiAEPqzYEzqesKY2BiAqw68EUmQA&sig=Cg0ArKJSzG-9FogiOhq-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=363&cbvp=1&cstd=355&cisv=r20221207.92967&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 01:36:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C39 153 KB
47 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:36:01 GMT

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/2599429262398193664/ Frame 4186 45 KB
12 KB 124ms
64ms Document
text/html 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=sbFMV9EiX9&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

067a579ed5e2da39bf8a62b2f2eecd602422862fae65286e2d50bcb79f614646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:01 GMT
expires: Wed, 13 Dec 2023 01:36:01 GMT
last-modified: Tue, 27 Sep 2022 11:03:04 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3C39 0
0 69ms
69ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsve5T1XOms-WC2DJsE7kLw5XGvlULNINQnCl_hdlcO5AUdBToIYEpd-eGM0NBEMgvoFnBCfOQNfHPr6ENB2o8-ObecGXbkWlKcjgPnKGDhfALtC_rxErrdcUHXQGsDgFa9EXlV7v5AjI-vPLAyY_fbPhR65M0LW&sai=AMfl-YTNeC5wsRklx3IzKAGaZVmDtGbDwIjTr4tqtguypZSU5zKBiXNOe0dFRpPNVY9C_8aOn2Y3VgkuxeNqHLBRkQXxsja6O43-W3u-9byk&sig=Cg0ArKJSzNlZgp_r9yovEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=336&cbvp=1&cstd=332&cisv=r20221207.95562&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 01:36:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 95B2 153 KB
47 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:36:01 GMT

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/2599429262398193664/ Frame 0C7E 45 KB
12 KB 110ms
73ms Document
text/html 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=JTHdIJ0YHV&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

067a579ed5e2da39bf8a62b2f2eecd602422862fae65286e2d50bcb79f614646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:01 GMT
expires: Wed, 13 Dec 2023 01:36:01 GMT
last-modified: Tue, 27 Sep 2022 11:03:04 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 95B2 0
0 66ms
66ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJEATxHVHyx_zNxUKAggemPRtn_LVf-WjozPIzqbTl2zyFS2lxQnjsD6HfAanaqxFLDJf83-daxOhRQ49vNN0WqxXmSpa8t8TDfs8hPAU03ky2gDrkfXCoDQaR1hIaPdsQ-qGeGNk3qnVHfV84bevtymGGwv0x&sai=AMfl-YTyLxkw1GOKcSHlUt_MCHl2WUX4mS9XED6M3irNXNNNF3rguzDPW6vrm-z24CU5B_B1_4bDnjaj-NMQZ11I0otsbOmhhhXFo1tq1UuJ&sig=Cg0ArKJSzA8CDIxi7mHKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=309&cbvp=1&cstd=304&cisv=r20221207.29606&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 01:36:01 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3EB4 153 KB
47 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82a::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:36:01 GMT

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/2599429262398193664/ Frame 712E 45 KB
12 KB 72ms
47ms Document
text/html 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=E2CT7Eh6fK&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

067a579ed5e2da39bf8a62b2f2eecd602422862fae65286e2d50bcb79f614646

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:01 GMT
expires: Wed, 13 Dec 2023 01:36:01 GMT
last-modified: Tue, 27 Sep 2022 11:03:04 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3EB4 0
0 66ms
66ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuvv80tzKRvOdHBWAKSi_IPDOm3owd8t2ZgwVU4U4KW1Zxp--SliIWURRXL8J6yF5wc3zPf0CSQHxg6q0x1U2U_iy0i8GzybKVAC0A-UtMYzspQKbV8IsHdX5NpevoW7qHTkDcMpDLnMM5VOQ0_y9skDYN_btTc&sai=AMfl-YTOnxJP-QGnn_mHnKaKHrl89bPQDjUJCtfL2W6G23UU2QBaFZlGbOW40TJ-GVXretTnbnIaSvtu-3c6IeDhW8TmuWyUYO9-p57Fs38q&sig=Cg0ArKJSzEN_fZJNZW-GEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=357&cbvp=1&cstd=352&cisv=r20221207.31805&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B25220131.294007390;dc_ver=92.271;sz=300x250;u_sd=1;kw=AFF_la_117679_12218_-;mco=AFF_la_117679_-;pid=O2_AFF_POV_EXA_15008;dc_adk=66784750;ord=7elf5n;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3Dhttps%253A%252F%252Fpartner.o2online.de%252Fa%252F%253Fi%253Dclick%2526client%253Do2%2526camp%253Dlpurl%2526tcamp%253Dchannel13%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117679C1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxCiew%2526affiliate%253D117679%2526lpurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=4,https%3A%2F%2Fearnme.club$2,,,,https%3A%2F%2Fpartner.o2online.de%2Fo2%2F%3Fnw%3Dlea1%26affiliate%3D117679%26partnerid%3D12218%26s_id%3D117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26camp%3Dchannel13%26size%3D300x250%26clicktag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D$0;xdt=1;crlt=ukszgKEsdB;stc=1;chaa=1;sttr=250;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 01:36:01 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 3EE4 88 KB
29 KB 18ms
18ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:01 GMT

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 31ms
31ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895361272&oz_l=72&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:36:01 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame ED44 15 KB
6 KB 19ms
18ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 1286043
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 5226 35 B
488 B 22ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895361396

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2

200

sid Show response
mug.criteo.com/ Frame A282
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=0&topUrl=earnme.club&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=XSMbDXxXZ3dycy9nZGlib2lsM3JnSVR2WldhNEswNCt3SlpuY3g4cE1BQ2NlSmFmUGtUemRCbFRRd0NKMkZkbnk3bTFQODJjQWVZczNyNnB4OGlUdDlnZUFUb2JCZFlvSmlZZG43WC9lQlpIdHVWUXAvbVpSTXpQN2xKc3...

425 B
647 B

17ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XSMbDXxXZ3dycy9nZGlib2lsM3JnSVR2WldhNEswNCt3SlpuY3g4cE1BQ2NlSmFmUGtUemRCbFRRd0NKMkZkbnk3bTFQODJjQWVZczNyNnB4OGlUdDlnZUFUb2JCZFlvSmlZZG43WC9lQlpIdHVWUXAvbVpSTXpQN2xKc3lPN2F3LzlKdUJKMk9sQTJWcUptM2ZzRVV1UCtoUW13c09GeHU2UEZrKzJ4cFBYTDdvRG5jcXRsZHZ6RUJVL1NLczV4Mmk2NkM5NUoycndydkNoRzNKUFhkRzd4YmlQN1kwYnRuSGt3SkpPZzcrNE1HUE4rM0xjZm11RnJKTHA3Ny94UzFneXBKYVNEUTE1eUdpWFJqcEhtTGZYQ0t1d2FSWUFNTkdacnpsSmZIeElRRkpFST18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5212e1c53c0953ae2d179ed965750fd5d2bceae1b1814a13f7f8d595206d65af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1905154
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=XSMbDXxXZ3dycy9nZGlib2lsM3JnSVR2WldhNEswNCt3SlpuY3g4cE1BQ2NlSmFmUGtUemRCbFRRd0NKMkZkbnk3bTFQODJjQWVZczNyNnB4OGlUdDlnZUFUb2JCZFlvSmlZZG43WC9lQlpIdHVWUXAvbVpSTXpQN2xKc3lPN2F3LzlKdUJKMk9sQTJWcUptM2ZzRVV1UCtoUW13c09GeHU2UEZrKzJ4cFBYTDdvRG5jcXRsZHZ6RUJVL1NLczV4Mmk2NkM5NUoycndydkNoRzNKUFhkRzd4YmlQN1kwYnRuSGt3SkpPZzcrNE1HUE4rM0xjZm11RnJKTHA3Ny94UzFneXBKYVNEUTE1eUdpWFJqcEhtTGZYQ0t1d2FSWUFNTkdacnpsSmZIeElRRkpFST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 776341
content-length: 0
expires: 0

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame AD3A 88 KB
29 KB 18ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:01 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 636E 36 KB
16 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 17:48:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 17:48:06 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 973F 36 KB
16 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 17:48:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 17:48:06 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 8082 36 KB
16 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 17:48:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 17:48:06 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 5168 36 KB
16 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 17:48:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 17:48:06 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 5420 88 KB
29 KB 16ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:01 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame ED44
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=0&topUrl=earnme.club&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=iOt-B3w4c09lVDZvMFl5YllQeGtSVHJEM3M5WWg4WWN0eVBxQWc4aUgweEcyMHllSmhIbyt4eU9pQ1g3b0NkWGx1MnFBVnViNk45RnA4WW0zdmgwQU1kVUkyUkhDSFE1d0lqU01PMTRjNks3ME5HOXFubWlkT05SS3dUM3...

438 B
655 B

16ms
16ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=iOt-B3w4c09lVDZvMFl5YllQeGtSVHJEM3M5WWg4WWN0eVBxQWc4aUgweEcyMHllSmhIbyt4eU9pQ1g3b0NkWGx1MnFBVnViNk45RnA4WW0zdmgwQU1kVUkyUkhDSFE1d0lqU01PMTRjNks3ME5HOXFubWlkT05SS3dUM3hIWForZkFNRWV1T2RzRUFTUXBtWUJHK3RWS1dOUXNKYWRidGVwWUl3OEY1NTRtVGpjZ05RRXhzRlRIZXlaRFpUS0ZkTzFhZEw1aFo2Z056MHVyN3dVYWRvWldPVW9HOTRNSi8vcTVSZmFjZE1TbGlpb0NRdFJZb2lkZkdCWVV1WWtZNWtDZDZRdEwxRndQZFV0R0JaOUVjSUtvYy8vcHEwTjk2OHVuZGpac002Vjc0MlZ4cz18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3fdb0d99754931380dcc52574fe283d357270fe25cb1afbdcb6c537ca6512418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 850673
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=iOt-B3w4c09lVDZvMFl5YllQeGtSVHJEM3M5WWg4WWN0eVBxQWc4aUgweEcyMHllSmhIbyt4eU9pQ1g3b0NkWGx1MnFBVnViNk45RnA4WW0zdmgwQU1kVUkyUkhDSFE1d0lqU01PMTRjNks3ME5HOXFubWlkT05SS3dUM3hIWForZkFNRWV1T2RzRUFTUXBtWUJHK3RWS1dOUXNKYWRidGVwWUl3OEY1NTRtVGpjZ05RRXhzRlRIZXlaRFpUS0ZkTzFhZEw1aFo2Z056MHVyN3dVYWRvWldPVW9HOTRNSi8vcTVSZmFjZE1TbGlpb0NRdFJZb2lkZkdCWVV1WWtZNWtDZDZRdEwxRndQZFV0R0JaOUVjSUtvYy8vcHEwTjk2OHVuZGpac002Vjc0MlZ4cz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 505605
content-length: 0
expires: 0

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 2650 35 B
488 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1670895361482

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 5678 88 KB
29 KB 17ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:01 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F23B 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:00 GMT
server: Kestrel
server-processing-duration-in-ticks: 1284328
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 287E 88 KB
29 KB 18ms
18ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:01 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EC20 15 KB
6 KB 19ms
18ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:00 GMT
server: Kestrel
server-processing-duration-in-ticks: 1281312
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 214C 88 KB
29 KB 16ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:01 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 683E 88 KB
29 KB 22ms
20ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:01 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 5226 35 B
468 B 24ms
23ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=7nFBBAPMu5w20_6hALu18w3h0v_6Ev34L7VVGZQq3Dyvhk_PvGRTfAnLuJv2sWBdpB0zToaVlZD4wEF78xSwCj86VUy1oSXv8Iapbqlyuo9lJC6SxzKdoamNn7HtM7PVaO9XC2JxaeO5Yks1Czox6IoDrNjhQ_83w3iI60gHGBc1&unload=8059699510355671993@@52776760,4103328150831513249,100|1249|0|0|0|0|0|0|0||49|1|||||1|0|0|hPFD6sAiWga48M5tcwHHbWYZlJRRj5rL2kBJRYARrKt5_zJt1WGmCBhpnBRkvb3lA7z_uuw_WOM1|PH8G59wFgDN42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOLhkwluhosDW-sa8r9BNc91SWT-osaCa81NXGjqFeI9q1nBVAfOGIcw-7m_R-v-Hf1WtMcTT1wXfuIDuAq15YdMCjIRl_x6BFED9jTA9wD4ksfMEX5By_Xskui0bMBUl7HtZSuXXq4oFQO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 5226 35 B
468 B 23ms
22ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@52776760,4103328150831513249,100|1250|0|0|0|0|0|0|0||49|1|||||1|0|0|hPFD6sAiWga48M5tcwHHbWYZlJRRj5rL2kBJRYARrKt5_zJt1WGmCBhpnBRkvb3lA7z_uuw_WOM1|PH8G59wFgDN42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOLhkwluhosDW-sa8r9BNc91SWT-osaCa81NXGjqFeI9q1nBVAfOGIcw-7m_R-v-Hf1WtMcTT1wXfuIDuAq15YdMCjIRl_x6BFED9jTA9wD4ksfMEX5By_Xskui0bMBUl7HtZSuXXq4oFQO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 137E 35 B
468 B 24ms
24ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=7nFBBAPMu5w20_6hALu18w3h0v_6Ev34L7VVGZQq3Dyvhk_PvGRTfAnLuJv2sWBdpB0zToaVlZD4wEF78xSwCj86VUy1oSXv8Iapbqlyuo9lJC6SxzKdoamNn7HtM7PVaO9XC2JxaeO5Yks1Czox6IoDrNjhQ_83w3iI60gHGBc1&unload=8059699510355671993@@52776760,7991422500168618253,100|1250|0|0|0|0|0|0|0||49|1|||||1|0|0|hPFD6sAiWga48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvtaqbKv_uj2RhpnBRkvb3lA7z_uuw_WOM1|elQDvTaP-AJ42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOLNEl5eNwM_qxc1BeWi0xHh6reDgpWa5OhQZYntkz8hwjz5TzQ1MQEpCYeQl0TGzfaAyvSK0jPBpd7H0I2JLBFbVmmXAuRovJwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7E6lhanwaplcwO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 137E 35 B
468 B 24ms
23ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@52776760,7991422500168618253,100|1250|0|0|0|0|0|0|0||49|1|||||1|0|0|hPFD6sAiWga48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvtaqbKv_uj2RhpnBRkvb3lA7z_uuw_WOM1|elQDvTaP-AJ42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOLNEl5eNwM_qxc1BeWi0xHh6reDgpWa5OhQZYntkz8hwjz5TzQ1MQEpCYeQl0TGzfaAyvSK0jPBpd7H0I2JLBFbVmmXAuRovJwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7E6lhanwaplcwO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 29ms
29ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895361593&oz_l=100&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:36:01 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 712E 118 KB
40 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=E2CT7Eh6fK&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=E2CT7Eh6fK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 10:10:50 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 712E 63 KB
25 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=E2CT7Eh6fK&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=E2CT7Eh6fK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 01:36:01 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame C45B 118 KB
40 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=J4U1ZiaAbP&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=J4U1ZiaAbP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 10:10:50 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C45B 63 KB
25 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=J4U1ZiaAbP&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=J4U1ZiaAbP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 01:36:01 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 4186 118 KB
40 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=sbFMV9EiX9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=sbFMV9EiX9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 10:10:50 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4186 63 KB
25 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=sbFMV9EiX9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=sbFMV9EiX9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 01:36:01 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 0C7E 118 KB
40 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=JTHdIJ0YHV&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=JTHdIJ0YHV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 10:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 10:10:50 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 0C7E 63 KB
25 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=JTHdIJ0YHV&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=JTHdIJ0YHV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 01:36:01 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 501E 35 B
468 B 19ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,8059634247190906928,100|3417|0|0|0|0|0|0|0||133|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsbOHUdyK5LNBhpnBRkvb3lA7z_uuw_WOM1|ylQVxy0h3Id42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Qb_6smX1KGRxv1DSGA0RdMnZUVJHm7U4IN672X_Kv1WTGb5GQxU-uwRQTAIouGwYCOUdQWx7eaBE3qgsOAQNWc438McD3LeUID9jTA9wD4ksfMEX5By_Xskui0bMBUl7HUn5BwdnFtagO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2

200

sid Show response
mug.criteo.com/ Frame F23B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=0&topUrl=earnme.club&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=0kzJqXxhMVJqNnhIRUgwNlNhODl2M3l2OTdMSnVlYWRmSGFwRjRRYjFkeit0Y2VVNXdTeTBnTnVBK01mR21RVzdZL1k2c055cEpKZnVESmxXblFlNDVuVW5YYllBRFhvK1JjaHZyQi9peVRqR1NVUE5kU29tV1FJeDkxT1...

433 B
674 B

17ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=0kzJqXxhMVJqNnhIRUgwNlNhODl2M3l2OTdMSnVlYWRmSGFwRjRRYjFkeit0Y2VVNXdTeTBnTnVBK01mR21RVzdZL1k2c055cEpKZnVESmxXblFlNDVuVW5YYllBRFhvK1JjaHZyQi9peVRqR1NVUE5kU29tV1FJeDkxT1V1SDJjUlFyTkw0K1d1WVAyS3JYblBEejFVQ2xvemZ4QVZKRnFadXY0bHp0MWNuMWJsSXh4K3BCZlNHQ0loa3VBQkwzRjYvRHVFc045Q1YrZ3h1eTArWVBDK0hxNzV5NkhBeVdWYlNLNGwzczQ4UEZBdXpkZWNpam80Rnl3VG9rTEZOY0JIREdDV1dnQUVnZHRQNmsrYXVWT2lIeXdLanUwWVV1T2tmSHJxU3RUdXVCTG5Fdz18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

246798397d7848fc28a7f4e76bdacb45f9f35957dc894a6229cdd9bbc0cb827e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1668871
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=0kzJqXxhMVJqNnhIRUgwNlNhODl2M3l2OTdMSnVlYWRmSGFwRjRRYjFkeit0Y2VVNXdTeTBnTnVBK01mR21RVzdZL1k2c055cEpKZnVESmxXblFlNDVuVW5YYllBRFhvK1JjaHZyQi9peVRqR1NVUE5kU29tV1FJeDkxT1V1SDJjUlFyTkw0K1d1WVAyS3JYblBEejFVQ2xvemZ4QVZKRnFadXY0bHp0MWNuMWJsSXh4K3BCZlNHQ0loa3VBQkwzRjYvRHVFc045Q1YrZ3h1eTArWVBDK0hxNzV5NkhBeVdWYlNLNGwzczQ4UEZBdXpkZWNpam80Rnl3VG9rTEZOY0JIREdDV1dnQUVnZHRQNmsrYXVWT2lIeXdLanUwWVV1T2tmSHJxU3RUdXVCTG5Fdz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 634257
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame EC20
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=0&topUrl=earnme.club&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=0ZcIA3w4R0o5cGZESEdzR2wwOXVndGdNT2txMHVGU3oycjFQMG9WcXZEMkRweFdQaFJkMkk2ZVlodjlDby96aFVGM3B3Um1QemsrUHNBNnRjRytwdVMxR21uSVE3MVRjTzVOeENTZHVKL1JGdTNkK2pCNXdiZjFnYVQzZ1...

427 B
651 B

18ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=0ZcIA3w4R0o5cGZESEdzR2wwOXVndGdNT2txMHVGU3oycjFQMG9WcXZEMkRweFdQaFJkMkk2ZVlodjlDby96aFVGM3B3Um1QemsrUHNBNnRjRytwdVMxR21uSVE3MVRjTzVOeENTZHVKL1JGdTNkK2pCNXdiZjFnYVQzZ1hKYWE4WnA1R0l2MHNVZFovbmlxQ1VRbmRRYWpqbE9QOHdFM1Ayd1VCTlYzek5zaGdJYk55Ty9QU1o1dVZxK05QcGJsNWNFTW83M3hiN3ozd2JCSjVpTkJPZDFmRG53Z0ZKYU0wOEdXOUtWZ1E4MHZJUGJUcEtkM0crL3hqb0ZYMThVU25LM3NneGlZOUVOT2tGeHl0Y1hvNExHalZrNU5wOGVIRGhyQTFETUhXRXRwUzRBOD18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

feecf2a93cb109094da5c3f65141e46b2955524b87fdff49711bf0e3ec71d06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1269910
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=0ZcIA3w4R0o5cGZESEdzR2wwOXVndGdNT2txMHVGU3oycjFQMG9WcXZEMkRweFdQaFJkMkk2ZVlodjlDby96aFVGM3B3Um1QemsrUHNBNnRjRytwdVMxR21uSVE3MVRjTzVOeENTZHVKL1JGdTNkK2pCNXdiZjFnYVQzZ1hKYWE4WnA1R0l2MHNVZFovbmlxQ1VRbmRRYWpqbE9QOHdFM1Ayd1VCTlYzek5zaGdJYk55Ty9QU1o1dVZxK05QcGJsNWNFTW83M3hiN3ozd2JCSjVpTkJPZDFmRG53Z0ZKYU0wOEdXOUtWZ1E4MHZJUGJUcEtkM0crL3hqb0ZYMThVU25LM3NneGlZOUVOT2tGeHl0Y1hvNExHalZrNU5wOGVIRGhyQTFETUhXRXRwUzRBOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 343203
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C963 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:00 GMT
server: Kestrel
server-processing-duration-in-ticks: 1201745
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A047 15 KB
6 KB 17ms
16ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 1200614
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 01DD 15 KB
6 KB 21ms
20ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 1439505
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7F27 15 KB
6 KB 24ms
23ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 1227589
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C045 15 KB
6 KB 39ms
23ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 6325035
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 39ms
35ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895361861&oz_l=213&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:36:01 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK cookie_sync Show response
prebid.adnxs.com/pbs/v1/ 2 KB
1 KB 16ms
15ms XHR
application/json 185.89.208.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: f961b4fc6fee4825bf1acf6308789d27c178b1acbc44abe593e0660eefec623e

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:02 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 3B76 88 KB
29 KB 17ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3EB4 0
0 67ms
66ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuvv80tzKRvOdHBWAKSi_IPDOm3owd8t2ZgwVU4U4KW1Zxp--SliIWURRXL8J6yF5wc3zPf0CSQHxg6q0x1U2U_iy0i8GzybKVAC0A-UtMYzspQKbV8IsHdX5NpevoW7qHTkDcMpDLnMM5VOQ0_y9skDYN_btTc&sai=AMfl-YTOnxJP-QGnn_mHnKaKHrl89bPQDjUJCtfL2W6G23UU2QBaFZlGbOW40TJ-GVXretTnbnIaSvtu-3c6IeDhW8TmuWyUYO9-p57Fs38q&sig=Cg0ArKJSzEN_fZJNZW-GEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1134&vt=11&dtpt=777&dett=3&cstd=352&cisv=r20221207.31805&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N773418.3417549O2_AFFILIATE/B25220131.294007390;dc_ver=92.271;sz=300x250;u_sd=1;kw=AFF_la_117679_12218_-;mco=AFF_la_117679_-;pid=O2_AFF_POV_EXA_15008;dc_adk=66784750;ord=7elf5n;click=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%26a%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D52776760%253Bcrtbwp%253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%253Bcrtbdata%253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%253Badfibeg%253D0%253Bcdata%253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%253B%253BCREFURL%253Dhttps%25253a%25252f%25252fearnme.club%253BC%253D1%253Bcpdir%253Dhttps%3A%2F%2Fwww.telefonica-partner.de%2Ftc.php%3Ft%3D117679C1226162771F%26cons%3D%26gdpr%3D0%26gdpr_consent%3DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26deepurl%3Dhttps%253A%252F%252Fpartner.o2online.de%252Fa%252F%253Fi%253Dclick%2526client%253Do2%2526camp%253Dlpurl%2526tcamp%253Dchannel13%2526l%253Dde%2526type%253Dhtml5%2526nw%253Dlea1%2526sid%253D117679C1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxCiew%2526affiliate%253D117679%2526lpurl%253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=4,https%3A%2F%2Fearnme.club$2,,,,https%3A%2F%2Fpartner.o2online.de%2Fo2%2F%3Fnw%3Dlea1%26affiliate%3D117679%26partnerid%3D12218%26s_id%3D117679V1226162771FSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%26camp%3Dchannel13%26size%3D300x250%26clicktag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D%26clickTag%3Dhttps%253A%252F%252Fas.ad4m.at%252Fad%252Frct%253Fed%253D1ksrt80rmxcdmfvhe51wrannvc0nd0vmd9knx02ckbkc2a9fv2h6dhc90qhad9wfexry60qce5vkx37tnws13fc04xnn3amzccf6210q0dp9399chwpwvq73cbsmq0ktzt43jxz43xdqntg8tbrm4zprymwa99447fd4rc0p3n1pn534w1zr5yfyaq2yhq8cra6cf1me0t846tp2wa7b6xw2zvhvg1m09nzs7jjxp57tftx671vd49bra4apynps%2526a%253Dhttps%25253A%25252F%25252Ftrack.adform.net%25252FC%25252F%25253Fbn%25253D52776760%25253Bcrtbwp%25253D3Kc-EZ9TRFzGCH8EJ0QrmKzboUFQG3yp0%25253Bcrtbdata%25253DE6tQbzBjLA_gXOIQjlP6Dbai8t7rPjjK3IPm9Ia5dCVyT1MfsP96IpEOAGbjPBIsp3UscRGrldwFc7VfVXng2OuB5bjUQvKRx2dGWxrEdkDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEMD18-kGFalRRmggcV4l69B2sXOWVHm-qNRJ_RuvCpKMonGbz1Jop3LC5aMfAMXq60zEStNNEAMTsLrWODY1arbDeIjrSAcYFw2%25253Badfibeg%25253D0%25253Bcdata%25253D5jj0obbvZl_HzBF-Qcv17GVq9MeXnqNeTwMyCzQpHm0MIeQ5wpCVhSvZhEBkHI_cJoG9QWsDzBljAOH4QgM1H00fu9_7kyfQm2DnHzhXh35zGtHIotVzfWm44z-O7KzEdfNZLIDhu4BUGBJDCUH9qVA-NxqeRWnyp02O5iTGJwhPHZ-3K1QanB8V4VQRc9Tvd2uSPdv92ld71SDG55qxKcnS-IBmpys_B9JH600-iwRjr8Sp04BhUPckH72uu1Ud4rXpmTozSPnMD_rxmhFoK8_4Eer2VyR2ftSumgRgUzdrq__X0J06qK4WrCE8ovGnzIQIhGdsVEJholTa4zbQ2SUMpk3TK1lRoxtjXd7T4F74O-guf7YkdzuOiLq4yCDS0%25253B%25253BCREFURL%25253Dhttps%2525253a%2525252f%2525252fearnme.club%25253BC%25253D1%25253Bcpdir%25253Dhttps%253A%252F%252Fwww.telefonica-partner.de%252Ftc.php%253Ft%253D117679C1226162771F%2526cons%253D%2526gdpr%253D0%2526gdpr_consent%253DSoneidMx8tzfrfKkAuWHZtYuQC66BTBS4T99tzw4oneid__adfPros_MaxView%2526deepurl%253D$0;xdt=1;crlt=ukszgKEsdB;stc=1;chaa=1;sttr=250;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 01:36:02 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6BBF 0
0 70ms
70ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvFm4do9m2cux10SLesh0zNdYOCP1vQoGqL9dVZviBEMMlg9c7aggOSx8-XYO9QzupdLhRA6WxbZDrB2F15BMKm1_gphvhCdEWpgKBV-uViQsGwQLFmhWswnaB3HpatIjOdQfL4mI4MtGxPkwZueq349XTI5G1I&sai=AMfl-YQVIoh72OAgK4zMimUqduMz_J699mqSxOc8ZzcAVkOLicYr5-n_UYGzNHtWma69wBEBmP5rknUCxiAEPqzYEzqesKY2BiAqw68EUmQA&sig=Cg0ArKJSzG-9FogiOhq-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1194&vt=11&dtpt=831&dett=3&cstd=355&cisv=r20221207.92967&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 01:36:02 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame C963
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=1ogcql9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0JYV05rbzdNWktCeWZSRnJMUUZ0a3cyM2tiV...
https://mug.criteo.com/sid?cpp=ezxNeHwvKzliTTJNZDRJWHh6aUt4ZXdLMkdOMVpXOG9ERldaT1NzOHRRZVhNRldCTEg1cjFpSVV5dGdDOUZ6ZkZDVlJ0SnRTS2h0ZG5pOG5VczAzaTNZTzNrQ1RFcGNPNGxITGFTVFZwbmQ4VVB0QUpuQk45bWpZZ3RDK2...

438 B
656 B

17ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ezxNeHwvKzliTTJNZDRJWHh6aUt4ZXdLMkdOMVpXOG9ERldaT1NzOHRRZVhNRldCTEg1cjFpSVV5dGdDOUZ6ZkZDVlJ0SnRTS2h0ZG5pOG5VczAzaTNZTzNrQ1RFcGNPNGxITGFTVFZwbmQ4VVB0QUpuQk45bWpZZ3RDK2FXRklIaDYyakoyWDBHQ2YzRXBLSWhMZ29FTklUSDkwN3liZnlPZlZiT29mQlVrbmFsVXVBeXJEQ2pqTkFRdFVoelNXV3RkTmM0Z09IRmNqZElBV2VDTEdDN1pNMTdieFZMRTFTTFZuVlIrY3NPelJzQkVMWHJrenU2Tm0yVnFYU1pabXJXUGdYakEzUDVrbERFQ2JNaHRtZDhGbW1COXhJL0crRmx5RWZPQmsxNVdpd0hEaz18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2baacf0c7a3ae98372a353f958c1966571adefaa6375dc8e4c45c23cf99498d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1807396
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ezxNeHwvKzliTTJNZDRJWHh6aUt4ZXdLMkdOMVpXOG9ERldaT1NzOHRRZVhNRldCTEg1cjFpSVV5dGdDOUZ6ZkZDVlJ0SnRTS2h0ZG5pOG5VczAzaTNZTzNrQ1RFcGNPNGxITGFTVFZwbmQ4VVB0QUpuQk45bWpZZ3RDK2FXRklIaDYyakoyWDBHQ2YzRXBLSWhMZ29FTklUSDkwN3liZnlPZlZiT29mQlVrbmFsVXVBeXJEQ2pqTkFRdFVoelNXV3RkTmM0Z09IRmNqZElBV2VDTEdDN1pNMTdieFZMRTFTTFZuVlIrY3NPelJzQkVMWHJrenU2Tm0yVnFYU1pabXJXUGdYakEzUDVrbERFQ2JNaHRtZDhGbW1COXhJL0crRmx5RWZPQmsxNVdpd0hEaz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 507829
content-length: 0
expires: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3C39 0
0 67ms
67ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsve5T1XOms-WC2DJsE7kLw5XGvlULNINQnCl_hdlcO5AUdBToIYEpd-eGM0NBEMgvoFnBCfOQNfHPr6ENB2o8-ObecGXbkWlKcjgPnKGDhfALtC_rxErrdcUHXQGsDgFa9EXlV7v5AjI-vPLAyY_fbPhR65M0LW&sai=AMfl-YTNeC5wsRklx3IzKAGaZVmDtGbDwIjTr4tqtguypZSU5zKBiXNOe0dFRpPNVY9C_8aOn2Y3VgkuxeNqHLBRkQXxsja6O43-W3u-9byk&sig=Cg0ArKJSzNlZgp_r9yovEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1179&vt=11&dtpt=843&dett=3&cstd=332&cisv=r20221207.95562&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 01:36:02 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 95B2 0
0 67ms
67ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJEATxHVHyx_zNxUKAggemPRtn_LVf-WjozPIzqbTl2zyFS2lxQnjsD6HfAanaqxFLDJf83-daxOhRQ49vNN0WqxXmSpa8t8TDfs8hPAU03ky2gDrkfXCoDQaR1hIaPdsQ-qGeGNk3qnVHfV84bevtymGGwv0x&sai=AMfl-YTyLxkw1GOKcSHlUt_MCHl2WUX4mS9XED6M3irNXNNNF3rguzDPW6vrm-z24CU5B_B1_4bDnjaj-NMQZ11I0otsbOmhhhXFo1tq1UuJ&sig=Cg0ArKJSzA8CDIxi7mHKEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1133&vt=11&dtpt=824&dett=3&cstd=304&cisv=r20221207.29606&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 01:36:02 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame A047
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=1ogcql9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0JYV05rbzdNWktCeWZSRnJMUUZ0a3cyM2tiV...
https://mug.criteo.com/sid?cpp=-XZ_5nxxdWVFRXJ5SjhFa0VTeWFlYmRUOFpXVDdEYjVzQjdpYW1lV1NlNFVqTVJKcmxsdmVSQ2RmYkZheWVJa0VjT3RUenpIMG1wTFVTMVIrcnVPQUlNeGoyVTdVSHJ3ZVdFSTBYdEhML0FLWEIrYUM1UGtXRHV3UVpJVn...

428 B
652 B

20ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=-XZ_5nxxdWVFRXJ5SjhFa0VTeWFlYmRUOFpXVDdEYjVzQjdpYW1lV1NlNFVqTVJKcmxsdmVSQ2RmYkZheWVJa0VjT3RUenpIMG1wTFVTMVIrcnVPQUlNeGoyVTdVSHJ3ZVdFSTBYdEhML0FLWEIrYUM1UGtXRHV3UVpJVnpFU3BiQ3F3L2lVVklYRUNZUjYreUdZNUp3bFJzSEs3QU9Xc084ZzRFLzhvaWtLTjgxVG1mZU4yY01YeFBMd0lkQ2xrN3FCaU9oKzFKRGN1eVNUTTMrQVY4bC9qVFlXQlZjVlNQbkFuaXp4eW1zY1FxSUdORkcrL0hqbk1DeFNvKzRJb0s5bklmaXNBOGVLd2dvVDNIZFJ6aFQ2Zmw2YlQvMnhFeXFqZmtNTHg5S0JQMGIyRT18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

110316df935c0ed2f6011b55711a0e91afb255ff5d09e3cd261f58d7cbc71b9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1336435
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=-XZ_5nxxdWVFRXJ5SjhFa0VTeWFlYmRUOFpXVDdEYjVzQjdpYW1lV1NlNFVqTVJKcmxsdmVSQ2RmYkZheWVJa0VjT3RUenpIMG1wTFVTMVIrcnVPQUlNeGoyVTdVSHJ3ZVdFSTBYdEhML0FLWEIrYUM1UGtXRHV3UVpJVnpFU3BiQ3F3L2lVVklYRUNZUjYreUdZNUp3bFJzSEs3QU9Xc084ZzRFLzhvaWtLTjgxVG1mZU4yY01YeFBMd0lkQ2xrN3FCaU9oKzFKRGN1eVNUTTMrQVY4bC9qVFlXQlZjVlNQbkFuaXp4eW1zY1FxSUdORkcrL0hqbk1DeFNvKzRJb0s5bklmaXNBOGVLd2dvVDNIZFJ6aFQ2Zmw2YlQvMnhFeXFqZmtNTHg5S0JQMGIyRT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 624871
content-length: 0
expires: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/prebid/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
https://ib.adnxs.com/prebid/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=26bc8b51-5cd4-41ad-ba2d-671531c2d5ff&gdpr=&gdpr_consent=&us_privacy=

43 B
1 KB

14ms
13ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=26bc8b51-5cd4-41ad-ba2d-671531c2d5ff&gdpr=&gdpr_consent=&us_privacy=

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:02 GMT
AN-X-Request-Uuid: 95d2d929-ab26-4b0f-b950-d80349102dfb
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/prebid/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=26bc8b51-5cd4-41ad-ba2d-671531c2d5ff&gdpr=&gdpr_consent=&us_privacy=
date: Tue, 13 Dec 2022 01:36:01 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 01DD
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=1ogcql9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0JYV05rbzdNWktCeWZSRnJMUUZ0a3cyM2tiV...
https://mug.criteo.com/sid?cpp=x8oHaHxGQmQ3N3VxQjBwKzFuTEVrYVZsR1Jwek0rQUNJdlJvUHQ5QU5lbWhUVXdFWnc4RmhuVTBSYVJjTXBVOFNzdnBwUXdrTTRCZHB6MHBoWnY1Z1JFYkdVeUovRFlIRjRsTnlWeTRoMHNBSWhlbTFzSlUxd25XRWZOUU...

428 B
668 B

17ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=x8oHaHxGQmQ3N3VxQjBwKzFuTEVrYVZsR1Jwek0rQUNJdlJvUHQ5QU5lbWhUVXdFWnc4RmhuVTBSYVJjTXBVOFNzdnBwUXdrTTRCZHB6MHBoWnY1Z1JFYkdVeUovRFlIRjRsTnlWeTRoMHNBSWhlbTFzSlUxd25XRWZOUUNGeTgrZ1RSemROZ0wxR2EzeXVrbnhVMitqditkKzdIb2FWVElEVWl0WlNURm92cEZtbUpWaGNqNGlwc2thZDhQZjEyTWtHQjBhdWZRWHd6RVduWU1uUXhOTWMwRkpTNmhhTWJGdnhsdGszSkNlZ2JTeHdWN2ZqQW9GYlNvTWtySm5CTnFxT3ovcjZBOHBmTzhCVmc0K3FPYklENWxFRGlHd2NETVpuVk5VUitOTUtJclArcz18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

06396185ce1293b36f36751d26de2a8f359088358a7205ef58bf7d1a3564b715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1757278
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=x8oHaHxGQmQ3N3VxQjBwKzFuTEVrYVZsR1Jwek0rQUNJdlJvUHQ5QU5lbWhUVXdFWnc4RmhuVTBSYVJjTXBVOFNzdnBwUXdrTTRCZHB6MHBoWnY1Z1JFYkdVeUovRFlIRjRsTnlWeTRoMHNBSWhlbTFzSlUxd25XRWZOUUNGeTgrZ1RSemROZ0wxR2EzeXVrbnhVMitqditkKzdIb2FWVElEVWl0WlNURm92cEZtbUpWaGNqNGlwc2thZDhQZjEyTWtHQjBhdWZRWHd6RVduWU1uUXhOTWMwRkpTNmhhTWJGdnhsdGszSkNlZ2JTeHdWN2ZqQW9GYlNvTWtySm5CTnFxT3ovcjZBOHBmTzhCVmc0K3FPYklENWxFRGlHd2NETVpuVk5VUitOTUtJclArcz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 758296
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7F27
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=1ogcql9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0JYV05rbzdNWktCeWZSRnJMUUZ0a3cyM2tiV...
https://mug.criteo.com/sid?cpp=wHfOn3xubEJweUg4YzBVNnV0TjBXMnhPUkdhUHVLTTgrVkhFaCtKem5PdkE4K0szK3ZudzdFZ0Z3Z2JUejRiVUl2cnF5QmlBUnNjNWFMT1IvTDAwMDdSQnVTYU1PV1hUZnlwNnRFNElQUlE2SjRkNFI3cmxLQWRZaWZRRU...

438 B
666 B

24ms
20ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=wHfOn3xubEJweUg4YzBVNnV0TjBXMnhPUkdhUHVLTTgrVkhFaCtKem5PdkE4K0szK3ZudzdFZ0Z3Z2JUejRiVUl2cnF5QmlBUnNjNWFMT1IvTDAwMDdSQnVTYU1PV1hUZnlwNnRFNElQUlE2SjRkNFI3cmxLQWRZaWZRRUdscE43a3V0a2dER3A4b0dLbWRiS2h6RDh1bFBFWXRKanB6ejV0VmN4MU9kdWd1dFJPY3c1VnhBdENjUGgxWXRLTFZNbGpTRjRONW5sTE91SkcwVGp3VUZ4ZmtwYzBiK1h5TDVZK2R6U1dUZDZMcEFGVjhaVXYrczVTamkydGo1RC8zN3RaV0wzV0thb0V1SE05aWJ4bGs2cjl3c3huenUxNnpnWUR2SlFsR1ZkcGcrWmhuOD18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b22f2fb9dbc3de746b484da49d3aca9d71785479a802bb5d736dce485d7319ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2213381
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=wHfOn3xubEJweUg4YzBVNnV0TjBXMnhPUkdhUHVLTTgrVkhFaCtKem5PdkE4K0szK3ZudzdFZ0Z3Z2JUejRiVUl2cnF5QmlBUnNjNWFMT1IvTDAwMDdSQnVTYU1PV1hUZnlwNnRFNElQUlE2SjRkNFI3cmxLQWRZaWZRRUdscE43a3V0a2dER3A4b0dLbWRiS2h6RDh1bFBFWXRKanB6ejV0VmN4MU9kdWd1dFJPY3c1VnhBdENjUGgxWXRLTFZNbGpTRjRONW5sTE91SkcwVGp3VUZ4ZmtwYzBiK1h5TDVZK2R6U1dUZDZMcEFGVjhaVXYrczVTamkydGo1RC8zN3RaV0wzV0thb0V1SE05aWJ4bGs2cjl3c3huenUxNnpnWUR2SlFsR1ZkcGcrWmhuOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 465454
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame C045
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=1ogcql9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0JYV05rbzdNWktCeWZSRnJMUUZ0a3cyM2tiV...
https://mug.criteo.com/sid?cpp=tZ5kcXwvcThEM3UzaVlvL1EzdG9ESUd5QWk3NFh3elRYK051Q3pLZ29zOVdCZXRPZ0VWN2lqaHkrb0VZWnp1bGJMYjRQendpNm9YUk9VS214YjMwQWhqUTRuR1UyOHo0Si94OXd3c1RseGFQaGVBbGdHQzA5UEpaUWNael...

438 B
657 B

18ms
16ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=tZ5kcXwvcThEM3UzaVlvL1EzdG9ESUd5QWk3NFh3elRYK051Q3pLZ29zOVdCZXRPZ0VWN2lqaHkrb0VZWnp1bGJMYjRQendpNm9YUk9VS214YjMwQWhqUTRuR1UyOHo0Si94OXd3c1RseGFQaGVBbGdHQzA5UEpaUWNaelRNcGpaajkxanpWV215WGdxK0pYQ1JyKzlwZWpJMy8zcHladTc0R2dNajF4Wkh5RFB0d2daLy9LK0JDTXorZWQxbEE1TEY5Y3Y0Y2NuQUlLenpDZW9Ka21ETkJKZys5S09CZmJnYityY2xTandUSldJdEZqditDOVdaWHFhZFdLUmJGMWFTMGJNSG14YU9nS1ZicURtZFJiazlOSDlSVHBMaXZHYVlTaFNwcFZvSTN4MmlwMD18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7e373f0f629f005bd4c038b5947919a6ce1813b3fec2049b759b30c2f7debc55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1527751
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=tZ5kcXwvcThEM3UzaVlvL1EzdG9ESUd5QWk3NFh3elRYK051Q3pLZ29zOVdCZXRPZ0VWN2lqaHkrb0VZWnp1bGJMYjRQendpNm9YUk9VS214YjMwQWhqUTRuR1UyOHo0Si94OXd3c1RseGFQaGVBbGdHQzA5UEpaUWNaelRNcGpaajkxanpWV215WGdxK0pYQ1JyKzlwZWpJMy8zcHladTc0R2dNajF4Wkh5RFB0d2daLy9LK0JDTXorZWQxbEE1TEY5Y3Y0Y2NuQUlLenpDZW9Ka21ETkJKZys5S09CZmJnYityY2xTandUSldJdEZqditDOVdaWHFhZFdLUmJGMWFTMGJNSG14YU9nS1ZicURtZFJiazlOSDlSVHBMaXZHYVlTaFNwcFZvSTN4MmlwMD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 698454
content-length: 0
expires: 0

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame E958 88 KB
29 KB 18ms
17ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 8F79 88 KB
29 KB 17ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame C45B 47 KB
47 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=J4U1ZiaAbP&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:23:39 GMT
x-content-type-options: nosniff
age: 743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 01:38:39 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame C45B 46 KB
46 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=J4U1ZiaAbP&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:28:21 GMT
x-content-type-options: nosniff
age: 461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 01:43:21 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C45B 7 KB
6 KB 57ms
56ms XHR
application/json 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

bedcb6bdf5ba5c9509cc8d5ac8252780ffe9b45e6cdbc97b9ad30ff0afac0ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5772
x-xss-protection: 0

GET
H3 200 60005582_20220429062203167_ASSET_Grow.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame C45B 15 KB
15 KB 42ms
41ms Image
image/png 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220429062203167_ASSET_Grow.png

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1966576d5d002cc523469a1dc9e5f9dc6955391d6cf06d6a8c79b73920f2189e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=J4U1ZiaAbP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 12:51:46 GMT
x-content-type-options: nosniff
age: 45856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15300
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 13:22:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 12:51:46 GMT

GET
H3 200 60005582_20220825085147454_300x250_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame C45B 28 KB
28 KB 45ms
44ms Image
image/png 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085147454_300x250_BG.png

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=J4U1ZiaAbP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 08:01:29 GMT
x-content-type-options: nosniff
age: 63273
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28198
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:51:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 08:01:29 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 407E 88 KB
29 KB 17ms
17ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 0C7E 47 KB
47 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=JTHdIJ0YHV&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:23:39 GMT
x-content-type-options: nosniff
age: 743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 01:38:39 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 0C7E 46 KB
46 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=JTHdIJ0YHV&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:28:21 GMT
x-content-type-options: nosniff
age: 461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 01:43:21 GMT

GET
H3 200 60005582_20220429062203167_ASSET_Grow.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 0C7E 15 KB
15 KB 80ms
80ms Image
image/png 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220429062203167_ASSET_Grow.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=JTHdIJ0YHV&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

1966576d5d002cc523469a1dc9e5f9dc6955391d6cf06d6a8c79b73920f2189e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=JTHdIJ0YHV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 12:51:46 GMT
x-content-type-options: nosniff
age: 45856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15300
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 13:22:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 12:51:46 GMT

GET
H3 200 60005582_20220825085147454_300x250_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 0C7E 28 KB
28 KB 81ms
81ms Image
image/png 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085147454_300x250_BG.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=JTHdIJ0YHV&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=JTHdIJ0YHV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 08:01:29 GMT
x-content-type-options: nosniff
age: 63273
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28198
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:51:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 08:01:29 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0C7E 7 KB
6 KB 49ms
49ms XHR
application/json 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

41e37a7abda352b5296c013fe604176208b98b6577c9ef9922e1d698f4555fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5615
x-xss-protection: 0

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame E96D 88 KB
29 KB 19ms
18ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 712E 47 KB
47 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=E2CT7Eh6fK&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:23:39 GMT
x-content-type-options: nosniff
age: 743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 01:38:39 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 712E 46 KB
46 KB 45ms
44ms Font
font/woff2 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=E2CT7Eh6fK&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:28:21 GMT
x-content-type-options: nosniff
age: 461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 01:43:21 GMT

GET
H3 200 60005582_20220825085147454_300x250_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 712E 28 KB
28 KB 79ms
79ms Image
image/png 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085147454_300x250_BG.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=E2CT7Eh6fK&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=E2CT7Eh6fK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 08:01:29 GMT
x-content-type-options: nosniff
age: 63273
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28198
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:51:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 08:01:29 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 712E 7 KB
6 KB 50ms
49ms XHR
application/json 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

7f7963e5d7a286cbcb0445d70900ba9e04140daff28828b6bf63c28522f79e41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5708
x-xss-protection: 0

GET
H3 200 60005582_20220912092933278_SIM-Karte-2022.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 712E 5 KB
5 KB 80ms
79ms Image
image/png 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220912092933278_SIM-Karte-2022.png

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

442218dc805a5f3724196d4543380b91ae96882c1e69b0acb3c452c10a9e81f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=E2CT7Eh6fK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 19:55:06 GMT
x-content-type-options: nosniff
age: 20456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4750
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 16:29:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 19:55:06 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 9173 35 B
468 B 23ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,328820988270215493,100|2676|0|0|0|0|0|0|0||105|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsEoFtRh9kH9xhpnBRkvb3lA7z_uuw_WOM1|vO7qQg4mkfh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-RfLdgNVu4qoPXplxquaSyMSnTRLePsZCwkmR36zPijdQxQvpuVynoRRO84aN3a-tUWeO2WfnWUxBWjWLle26hkPP--1FqfI34D9jTA9wD4ksfMEX5By_Xskui0bMBUl7FAoEqcFNfc9AO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 0994 35 B
468 B 23ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,4796740382069172762,28|0|0|0|0|0|0|0|0||0|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKuqDBEUC6o9vBhpnBRkvb3lA7z_uuw_WOM1|-HNN12Wpgbd42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-TiyfUUBa-J7ThpJC9mpUBzRLc3XDHBE8UUumzOKOyZrjfJX6OCxjnQTdNS5DnsFFjRtGvEG9tWa-6-tUwHafRpOQNq5iNkiCAD9jTA9wD4ksfMEX5By_Xskui0bMBUl7ERHjUBrsVxsAO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 2650 35 B
468 B 22ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@52776760,656867547274285930,100|2124|0|0|0|0|0|0|0||83|1|||||1|0|0|hPFD6sAiWga48M5tcwHHbWYZlJRRj5rL2kBJRYARrKuRBMIkw2U5qRhpnBRkvb3lA7z_uuw_WOM1|NR6vD3u_96l42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOIZsskq0Op52_Lv187g21ptkhM1KAnYn6VX6KkkC2M17Ih1FcgCC3jJPPt1G4hHWK5vcMiNaLAME6wJt5VpXOvY_IAdJ_tTSlq487kQPD7qPMfMEX5By_Xskui0bMBUl7H_UuGAc_PQbAO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame D00A 35 B
468 B 22ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,7668276795947582059,100|2677|0|0|0|0|0|0|0||105|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsREVqSXFPsfxhpnBRkvb3lA7z_uuw_WOM1|ozE4JXCaPuJ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-QB2lcHWVxukSHu7NqUA70v0RdBuZDhu6YYXIQd1e4BpXim3rfB42YWCtU8SE1K4YVshrdQM8Njt5pcBFDwgB108KGiHuRmzpYD9jTA9wD4ksfMEX5By_Xskui0bMBUl7Gt2o9QaDvyxgO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 4186 47 KB
47 KB 43ms
41ms Font
font/woff2 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=sbFMV9EiX9&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:23:39 GMT
x-content-type-options: nosniff
age: 743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 01:38:39 GMT

GET
H3 200 OnAir-Light.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame 4186 46 KB
46 KB 44ms
43ms Font
font/woff2 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Light.woff2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=sbFMV9EiX9&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:28:21 GMT
x-content-type-options: nosniff
age: 461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46936
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 01:43:21 GMT

GET
H3 200 60005582_20220912092933278_SIM-Karte-2022.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 4186 5 KB
5 KB 70ms
69ms Image
image/png 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220912092933278_SIM-Karte-2022.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=sbFMV9EiX9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

442218dc805a5f3724196d4543380b91ae96882c1e69b0acb3c452c10a9e81f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=sbFMV9EiX9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 19:55:06 GMT
x-content-type-options: nosniff
age: 20456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4750
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 16:29:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 19:55:06 GMT

GET
H3 200 60005582_20220825085147454_300x250_BG.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 4186 28 KB
28 KB 70ms
67ms Image
image/png 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20220825085147454_300x250_BG.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=sbFMV9EiX9&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=sbFMV9EiX9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 08:01:29 GMT
x-content-type-options: nosniff
age: 63273
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28198
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 15:51:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 08:01:29 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4186 7 KB
6 KB 53ms
50ms XHR
application/json 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

60fc79186daf0beaa178656644e1f0f404635e60179cdd4d0953ded38832789e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5709
x-xss-protection: 0

POST
H2 200 /
track.adform.net/serving/unload/ Frame C52D 35 B
468 B 22ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,4839034727572497589,100|2684|0|0|0|0|0|0|0||105|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsoYfcylllx6xhpnBRkvb3lA7z_uuw_WOM1|goNnsaK182l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T1RyGl5oNeOhLxdbyy5PSNhDUcUOV71ticeZrBkDzKA8GhcRuV4j5-T673vrAXZlSjHIebGTl9-_82Tw25g_wcNcNg2XJOgyC487kQPD7qPMfMEX5By_Xskui0bMBUl7GEW8GBzoZmDQO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame A372 35 B
468 B 21ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@52776760,7038717225345672913,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|hPFD6sAiWga48M5tcwHHbWYZlJRRj5rL2kBJRYARrKtiaKqZFK-IDRhpnBRkvb3lA7z_uuw_WOM1|Qoj6L5KxVT942u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOIUquuRB6dDAK3m21jRn1toLUhj0OruplRydjVB2b1Bbn0XgsEEHJOfilXC83Ln8ApD7Ie2G3HfFH7cXH6RtSU_nfEg0iTdYXkD9jTA9wD4ksfMEX5By_Xskui0bMBUl7Fjv4RNbzNKFQO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame C45B 26 KB
26 KB 67ms
66ms Image
image/png 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=J4U1ZiaAbP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:22:20 GMT
x-content-type-options: nosniff
age: 822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 01:37:20 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 0C7E 26 KB
26 KB 63ms
62ms Image
image/png 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=JTHdIJ0YHV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:22:20 GMT
x-content-type-options: nosniff
age: 822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 01:37:20 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 4186 26 KB
26 KB 62ms
58ms Image
image/png 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=sbFMV9EiX9&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:22:20 GMT
x-content-type-options: nosniff
age: 822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 01:37:20 GMT

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 30ms
29ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895362325&oz_l=32&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:36:02 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A569 15 KB
6 KB 18ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 1459021
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 9F1A 88 KB
29 KB 16ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 1BBF 88 KB
29 KB 17ms
17ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 3BAE 88 KB
29 KB 20ms
19ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C45B 17 KB
6 KB 50ms
44ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:36:02 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 02EC 88 KB
29 KB 17ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 14A0 0
0 689ms
123ms Document
text/plain 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.24 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-105.static.steadfastdns.net
Software: 33XP017 /
Resource Hash

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
server: 33XP017
x-33x-status: 2000208

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0C7E 17 KB
6 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:36:02 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 712E 17 KB
6 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:36:02 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4186 17 KB
6 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:36:02 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame A30D 35 B
468 B 21ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,3143448279207922371,100|3065|0|0|0|0|0|0|0||120|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvzm4yZuqKj4BhpnBRkvb3lA7z_uuw_WOM1|7r-M8NIg3DJ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R8u3pKImRyrNrSwHb7qBseiWKRw4Z--Wz7ZsWXqITBbWdghNpsPngDQCn2rUiYgvpaYnqm_YHRyarYFuYefveqnS4j0MvbFrsD9jTA9wD4ksfMEX5By_Xskui0bMBUl7HZ5-dnmF1x8gO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 5226 35 B
468 B 22ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@52776760,4103328150831513249,100|2159|0|0|0|0|0|0|0||84|1|||||1|0|0|hPFD6sAiWga48M5tcwHHbWYZlJRRj5rL2kBJRYARrKt5_zJt1WGmCBhpnBRkvb3lA7z_uuw_WOM1|PH8G59wFgDN42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOLhkwluhosDW-sa8r9BNc91SWT-osaCa81NXGjqFeI9q1nBVAfOGIcw-7m_R-v-Hf1WtMcTT1wXfuIDuAq15YdMCjIRl_x6BFED9jTA9wD4ksfMEX5By_Xskui0bMBUl7HtZSuXXq4oFQO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 137E 35 B
468 B 21ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@52776760,7991422500168618253,100|2159|0|0|0|0|0|0|0||84|1|||||1|0|0|hPFD6sAiWga48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvtaqbKv_uj2RhpnBRkvb3lA7z_uuw_WOM1|elQDvTaP-AJ42u1ywTJ-2hqex31Ym8CNRvoPKGhF0sdz-s0-8_kQcpG4dWAZeGGw-gzg17EEyOLNEl5eNwM_qxc1BeWi0xHh6reDgpWa5OhQZYntkz8hwjz5TzQ1MQEpCYeQl0TGzfaAyvSK0jPBpd7H0I2JLBFbVmmXAuRovJwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7E6lhanwaplcwO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 99E5 35 B
468 B 21ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,5105726833091375645,100|3066|0|0|0|0|0|0|0||120|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvdgRpVookxlRhpnBRkvb3lA7z_uuw_WOM1|1eVq6w26WOt42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SsN0tmH01sEYB613wE_-Y-sAmyZS3LqHAbdyRaGIQzblH01y219wsKseyBH4HYZS_mgO4blMDzigVgcKltZ74kUCGMpxWpEuwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7E0at5TinmFoAO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 17AE 35 B
468 B 20ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,210255793324902225,100|3068|0|0|0|0|0|0|0||120|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvboaxTWpHGohhpnBRkvb3lA7z_uuw_WOM1|Ltz3FkLvzLh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-S0RQRDqt_Eq7UUDdWkpBFDbtTSpoMPBEgaEb7ErZtSV1SuCS7WvxI55oQQjqC0lfp04fv_0Q-eVAQ4X8xU_Pst72Ljv0LdVPwD9jTA9wD4ksfMEX5By_Xskui0bMBUl7GvPRwYsYeIGAO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 2674 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,7716537617838879247,100|3134|0|0|0|0|0|0|0||122|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvaCoPc01_HbRhpnBRkvb3lA7z_uuw_WOM1|9YFKyQKqGg142u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Tcjp1sSc42N6eThQihijlLiIXmNNq0KJDWPl13EhPjIUDZcRt17VZZ2khpvyYMYQaeCsfwlZDVLkujONcrnBbL7torgEaogysD9jTA9wD4ksfMEX5By_Xskui0bMBUl7ElVsqJlgaQcwO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 9E94 35 B
468 B 19ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,1215453984028289062,100|3157|0|0|0|0|0|0|0||123|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvWAdZTnkFoQxhpnBRkvb3lA7z_uuw_WOM1|o4EgYW9ieAx42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T4BpsGlAektJIkg-SUbE-OGMdrOqyImI8rt4YmCK4s2yPVhEL-LO5gL2ObMjJ1XrrY-QE_NL3A1opHUONa_ylky3yCGs4fa_ED9jTA9wD4ksfMEX5By_Xskui0bMBUl7Egn83A8QeQtAO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/creatives/assets/4085730/ Frame 712E 26 KB
26 KB 36ms
36ms Image
image/png 2a00:1450:4001:831::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4085730/bubblespritesheettiny.png

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2599429262398193664/300x250.html?e=69&leftOffset=0&topOffset=0&c=E2CT7Eh6fK&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:22:20 GMT
x-content-type-options: nosniff
age: 822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 12 Mar 2021 15:44:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 01:37:20 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 1F55 88 KB
29 KB 16ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A90A 15 KB
6 KB 18ms
18ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 2398394
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame E1F0 88 KB
29 KB 19ms
18ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 11DD 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 1262976
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 89B2 88 KB
29 KB 17ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 6863 88 KB
29 KB 17ms
17ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 055F 88 KB
29 KB 17ms
17ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3C39 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYy2Lbng86-FR7a-msYvg0Z4k0TfM1pJBcPgGiDDMUU4swj9LGsPIZDKyM9mWL-1fWC2m3eJgEHswcZtE0xpUyOtvxseffXNw&sig=Cg0ArKJSzNDMNnply37vEAE&id=lidar2&mcvt=1148&p=0,0,250,300&mtos=0,1148,1148,1148,1148&tos=0,1148,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=34&adk=2707832954&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670895360689&rpt=848&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6BBF 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEIPPI6rOnYv6QPEi372lanuUJj-WSS62pQiisAZ6kmj3BXfi6NQuBvVsncp14qY9QfMTTAuNdN_rliUFCCsyV4vaIR4ug41o&sig=Cg0ArKJSzJaEEMxvCV37EAE&id=lidar2&mcvt=1150&p=0,0,250,300&mtos=0,1150,1150,1150,1150&tos=0,1150,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=34&adk=1795295360&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670895360713&rpt=790&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 46C6 88 KB
29 KB 17ms
17ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A21E 15 KB
6 KB 19ms
18ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:01 GMT
server: Kestrel
server-processing-duration-in-ticks: 1347013
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame C88E 88 KB
29 KB 18ms
17ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 6B92 88 KB
29 KB 19ms
19ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame A569
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=9LlwKl9mQ0FEYk1GJTJCV21qRlpMdHBUZFRPa2FLZGtPQzBhMkVjcWRGWFlMQ2NoSnR6RkRae...
https://mug.criteo.com/sid?cpp=vcXtyHxkVkp0U3kzL0VFVER0cmJ3SnNldzNBS0xDWXVqY2hXS0l4aTU0V0NqVE02TVh3U0lxcU9aMjFpVktBbmgrU011VzkxWExIN0hSRkRzbGoySHRrYzhDcURzaTdialpqVk56em9QQnpDM29VT1hqWHhDUGRQK0MvOG...

441 B
658 B

17ms
16ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=vcXtyHxkVkp0U3kzL0VFVER0cmJ3SnNldzNBS0xDWXVqY2hXS0l4aTU0V0NqVE02TVh3U0lxcU9aMjFpVktBbmgrU011VzkxWExIN0hSRkRzbGoySHRrYzhDcURzaTdialpqVk56em9QQnpDM29VT1hqWHhDUGRQK0MvOGxyVzBodDFUZFVCSmdEZWRoVGR3RTBlODM0VHF0dDJXZlZvYUtSclZHQ3FpVFhUYVloNXVMQ0lXcVpSK01zVXBwK01XUFpZMDJYc09zMmVSRnZXb0NVT08zdWVxOWZ5bVhDZ3BnWXF2WExmcFQ0bXZSK1ZOY0RWdlpsMXc0NXJ0UHFibTRSMG44eDk0QUVDZXBuZTNDSkZwV3J2cjExL0hPeEcxN0lFb0JHbno4Z1laK1B4WT18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

818399528677b7805188c3a37e8cc537b86b7372382ae8ebc7c2ef12ed54d199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1467401
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=vcXtyHxkVkp0U3kzL0VFVER0cmJ3SnNldzNBS0xDWXVqY2hXS0l4aTU0V0NqVE02TVh3U0lxcU9aMjFpVktBbmgrU011VzkxWExIN0hSRkRzbGoySHRrYzhDcURzaTdialpqVk56em9QQnpDM29VT1hqWHhDUGRQK0MvOGxyVzBodDFUZFVCSmdEZWRoVGR3RTBlODM0VHF0dDJXZlZvYUtSclZHQ3FpVFhUYVloNXVMQ0lXcVpSK01zVXBwK01XUFpZMDJYc09zMmVSRnZXb0NVT08zdWVxOWZ5bVhDZ3BnWXF2WExmcFQ0bXZSK1ZOY0RWdlpsMXc0NXJ0UHFibTRSMG44eDk0QUVDZXBuZTNDSkZwV3J2cjExL0hPeEcxN0lFb0JHbno4Z1laK1B4WT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 567939
content-length: 0
expires: 0

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 8F56 88 KB
29 KB 24ms
24ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 95B2 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst--orFX3nKotcQhwmdosr1uSS5x_UEJUfqefpvY53tEwEGV-LCbcjnfXT_ElUsrfuohRbs8TQ7gz_7R_a-5-Ghn2cqC4LQZZw&sig=Cg0ArKJSzGkUpjYddO2AEAE&id=lidar2&mcvt=1130&p=0,0,250,300&mtos=0,1130,1130,1130,1130&tos=0,1130,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=34&adk=3648992709&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670895360831&rpt=752&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 6F35 88 KB
29 KB 16ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:02 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3468 15 KB
6 KB 18ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 1400110
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D70B 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 1081467
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A2B6 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 1436652
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EAE1 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 1167470
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 12BE 15 KB
6 KB 18ms
18ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 665246
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 0E1A 36 KB
16 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame A90A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=9LlwKl9mQ0FEYk1GJTJCV21qRlpMdHBUZFRPa2FLZGtPQzBhMkVjcWRGWFlMQ2NoSnR6RkRae...
https://mug.criteo.com/sid?cpp=E8qziHxlbklkNzN1UXpJWEFORC93N1JQaUpnbG45UEpqb2t3bkVFREVFWmRIdElNbGx6WEJmRkpSZ1l5Ulo1amlCK2xCZ2JrK3Q1L05PVTRyMW1reWNwTlFwR2lWNFMzOEg0YjVTeUpndlMvTENvSkpKK0FYOU04Q1dBTT...

431 B
669 B

18ms
16ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=E8qziHxlbklkNzN1UXpJWEFORC93N1JQaUpnbG45UEpqb2t3bkVFREVFWmRIdElNbGx6WEJmRkpSZ1l5Ulo1amlCK2xCZ2JrK3Q1L05PVTRyMW1reWNwTlFwR2lWNFMzOEg0YjVTeUpndlMvTENvSkpKK0FYOU04Q1dBTTRGakpJWUh2WHgvOTIwNHdTbisxUHAzMFAvUFNuNThzUXB3aVhFdkkycXMwTU84UDl0NktSUDlpMCtHM0cxeTEvbWtkSVpNU29Xb3JES0VaUXdnVTdjaWhTUEkyTFp4VXhZWmNqOHdNMDNpUi81YjVJYzlzSW10eVliU2J0WEVjVEc4VFNNenVHSmQ3SGdRdGt0NXFqK0t2RzJoSTBOd0RCUlNleGUyY2hUWjBkcml2L3BnQT18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

82d1176156ad955c865eb051b169296fe5399ff60f109de769b7f308bb53a571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1276294
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=E8qziHxlbklkNzN1UXpJWEFORC93N1JQaUpnbG45UEpqb2t3bkVFREVFWmRIdElNbGx6WEJmRkpSZ1l5Ulo1amlCK2xCZ2JrK3Q1L05PVTRyMW1reWNwTlFwR2lWNFMzOEg0YjVTeUpndlMvTENvSkpKK0FYOU04Q1dBTTRGakpJWUh2WHgvOTIwNHdTbisxUHAzMFAvUFNuNThzUXB3aVhFdkkycXMwTU84UDl0NktSUDlpMCtHM0cxeTEvbWtkSVpNU29Xb3JES0VaUXdnVTdjaWhTUEkyTFp4VXhZWmNqOHdNMDNpUi81YjVJYzlzSW10eVliU2J0WEVjVEc4VFNNenVHSmQ3SGdRdGt0NXFqK0t2RzJoSTBOd0RCUlNleGUyY2hUWjBkcml2L3BnQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 713775
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 11DD
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=9LlwKl9mQ0FEYk1GJTJCV21qRlpMdHBUZFRPa2FLZGtPQzBhMkVjcWRGWFlMQ2NoSnR6RkRae...
https://mug.criteo.com/sid?cpp=kG_gjHxiZmducjI1MS9WR0Y2R3VRZ3AvTkpKaEhFWHE0TXpyNjVNVU94dVNkTnk4V3d1dFFJT3RvcWl5OW5mSHZSVUJPWC94YXV6MVNqUkREeW5TeXBrWE5IREF1ZjVLU2xJMzdqWjh6WitwTk4yR3dZeGxsZ0VtdE9jbW...

438 B
652 B

18ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=kG_gjHxiZmducjI1MS9WR0Y2R3VRZ3AvTkpKaEhFWHE0TXpyNjVNVU94dVNkTnk4V3d1dFFJT3RvcWl5OW5mSHZSVUJPWC94YXV6MVNqUkREeW5TeXBrWE5IREF1ZjVLU2xJMzdqWjh6WitwTk4yR3dZeGxsZ0VtdE9jbWJzdzhzYkIxaHZXT2d0dXVCdkJsM0NVTXhSRC9KMVJ0SkZnbGEwQmlYbXNkVzZnUWpLSXZzY0dwc2ZFSUNUTU1xSE00L2lPWVJzVkdqMTYwaHB1NnBGdU9GdGdFVnluN3Rxa1JlR25YZHF4V2tod0wyNU8wZnVFaTFVOUQvanc2dVhuUnM5bGhIclhJaHZwUVFYNzI0U3RZSVB2TzJwQjVoa01LOEVmZGk5bVRqRVJLZkduYz18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d087a12e8544847a0f3a994b9ec757da314536e27096c57b1ff4973f7801d19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1942708
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=kG_gjHxiZmducjI1MS9WR0Y2R3VRZ3AvTkpKaEhFWHE0TXpyNjVNVU94dVNkTnk4V3d1dFFJT3RvcWl5OW5mSHZSVUJPWC94YXV6MVNqUkREeW5TeXBrWE5IREF1ZjVLU2xJMzdqWjh6WitwTk4yR3dZeGxsZ0VtdE9jbWJzdzhzYkIxaHZXT2d0dXVCdkJsM0NVTXhSRC9KMVJ0SkZnbGEwQmlYbXNkVzZnUWpLSXZzY0dwc2ZFSUNUTU1xSE00L2lPWVJzVkdqMTYwaHB1NnBGdU9GdGdFVnluN3Rxa1JlR25YZHF4V2tod0wyNU8wZnVFaTFVOUQvanc2dVhuUnM5bGhIclhJaHZwUVFYNzI0U3RZSVB2TzJwQjVoa01LOEVmZGk5bVRqRVJLZkduYz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 578482
content-length: 0
expires: 0

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 4DD8 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 38DC 3 KB
2 KB 81ms
12ms Document
text/html 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 536
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 778af772ef6c698f-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 13 Dec 2022 01:36:03 GMT
expires: Tue, 13 Dec 2022 05:36:03 GMT
last-modified: Mon, 25 Jul 2022 19:18:30 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame AD9E 281 B
554 B 8ms
7ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 13 Dec 2022 01:36:02 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 6852 0
0 227ms
122ms Document
text/plain 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dYto7aKmqr7io0rkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.24 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-105.static.steadfastdns.net
Software: 33XP014 /
Resource Hash

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

date: Tue, 13 Dec 2022 01:36:02 GMT
server: 33XP014
x-33x-status: 2000208

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 6222 0
91 B 63ms
37ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Tue, 13 Dec 2022 01:36:02 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8C27 52 KB
17 KB 7ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 6691
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 13 Dec 2022 01:36:02 GMT
ETag: W/"623de86a-cf34"
Expires: Sat, 10 Dec 2022 23:44:27 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 34, 12500
X-Served-By: cache-lga13626-LGA, cache-hhn-etou8220070-HHN
X-Timer: S1670895363.972615,VS0,VE0

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame ECB5 23 KB
8 KB 43ms
17ms Document
text/html 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUQWX43D&prvid=2034%2C2033%2C2030%2C112%2C233%2C2028%2C2027%2C159%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C3012%2C3010%2C244%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C9%2C208%2C2055%2C172%2C173%2C294%2C251%2C175%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C336%2C337%2C338%2C70%2C77%2C2023%2C2022%2C141%2C262%2C222%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

43559f00343c7e012dae0fb5f393c41b0e64a9370bd2918769d155dedcd630d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8369
content-type: text/html; charset=UTF-8
date: Tue, 13 Dec 2022 01:36:03 GMT
expires: Thu, 15 Dec 2022 01:36:03 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 204 /
onetag-sys.com/usync/ Frame CE4A 0
0 9ms
7ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1670895347625

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=themediagrid&gdpr=&gdpr_consent=&us_privacy=
https://match.prod.bidr.io/cookie-sync/bidswitch?bidswitch_ssp_id=themediagrid&gdpr=&gdpr_consent=&us_privacy=&_bee_ppp=1
https://x.bidswitch.net/sync?dsp_id=269&expires=5&user_id=AAB6YE7HL64AACCkCfh0iA&ssp=themediagrid

43 B
145 B

9ms
6ms

Image
image/gif

52.58.171.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=269&expires=5&user_id=AAB6YE7HL64AACCkCfh0iA&ssp=themediagrid
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: H2
Server: 52.58.171.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-171-208.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=269&expires=5&user_id=AAB6YE7HL64AACCkCfh0iA&ssp=themediagrid
Date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 2799 36 KB
16 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame A21E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=9LlwKl9mQ0FEYk1GJTJCV21qRlpMdHBUZFRPa2FLZGtPQzBhMkVjcWRGWFlMQ2NoSnR6RkRae...
https://mug.criteo.com/sid?cpp=5uMrgHx6dS9QeGlBR1VyWFB0eEF3enRBajFabEFncVJTRnJVYUMyOStGT09WRTVvU2R6M0g0dUpSWTBNcjJreVlwNlBFcGVqbm1sN1BUV2hPUmdYMm5HMkpkZmp0UGE2b0RyZU05azVJRXRkNXkwMFhJL2lkcEdaa0dla2...

433 B
670 B

17ms
16ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=5uMrgHx6dS9QeGlBR1VyWFB0eEF3enRBajFabEFncVJTRnJVYUMyOStGT09WRTVvU2R6M0g0dUpSWTBNcjJreVlwNlBFcGVqbm1sN1BUV2hPUmdYMm5HMkpkZmp0UGE2b0RyZU05azVJRXRkNXkwMFhJL2lkcEdaa0dla250MDQ5TDc4ZjdFUXdMeFkyajA2NTF1cjBuVGNFMTVzclBEaGc1NlhRTFB4YithRVpCcXJmWlA3cFZpNUNWaDkxSDJ4MW8xbTNaUDRiUHJnVWQvY2twYjBmS3VpaXRTRnhOek82dFltdUFtcXpGMzBFNXdjTUNaTEsyMUlNSWJ5UFdsTmYxV0VLbzlsN2l5a2RGWkE0WDdicjduQVdWcFBIbEF5cy9HTFo2NEZyUFdESEMxZz18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d99b2d34c343dd1405ee9476e4238bf2d1de6a7395954042f5bfefe3a98caeed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1593680
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=5uMrgHx6dS9QeGlBR1VyWFB0eEF3enRBajFabEFncVJTRnJVYUMyOStGT09WRTVvU2R6M0g0dUpSWTBNcjJreVlwNlBFcGVqbm1sN1BUV2hPUmdYMm5HMkpkZmp0UGE2b0RyZU05azVJRXRkNXkwMFhJL2lkcEdaa0dla250MDQ5TDc4ZjdFUXdMeFkyajA2NTF1cjBuVGNFMTVzclBEaGc1NlhRTFB4YithRVpCcXJmWlA3cFZpNUNWaDkxSDJ4MW8xbTNaUDRiUHJnVWQvY2twYjBmS3VpaXRTRnhOek82dFltdUFtcXpGMzBFNXdjTUNaTEsyMUlNSWJ5UFdsTmYxV0VLbzlsN2l5a2RGWkE0WDdicjduQVdWcFBIbEF5cy9HTFo2NEZyUFdESEMxZz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 848507
content-length: 0
expires: 0

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame E324 36 KB
16 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 636E 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXaI2ANeXY4CZMZGG9u8Px9Ge6AMAAAAAOAHgBAI&bg=!DA-lD0vNAAYgquz3AKo7ACkAdvg8WqpAJdYjRCsOct0AfaZbxOZeVSdLOHtALoAcsxu7GcfjwDkKlgIAAAQzUgAAAANoAQeZA3y6viHDEYQm9kxUWn_dlDLsiv0e8w6PhOmb4D92cR4yjX5a4vQqG1XOjSQ8VDzoeeZd0PYTroQ3aKprQsPTGXFhH8btsfbWC6Pk8dgKTH6AuvRQRGedNmisz1792mz8MnyF3VRUlzXGteX9SfWKnpNRSPlX40LKQFhAbBbTltcp-gY2LyNS9FAvyKC9TxE3SIx3k9CL02vCU-SIcPZz74fAnEJ3V35_bZQZpT0rUcCsd0ykwLeIRdNIDd6vmteaYdqMtMqRsRtj8Pv4rZlby21rRCReUX3uL4lIFAlr64Za4L27lEP6mqxS0pz0JIa69zPcoMOO6mNh5NVXMj0_ilnJ6IKNATZ8v6CElmGTUf6j2eBiHjBZPXBLJTHtgoyxh0RYQKiSR5NQLDM33WNfjo9Rs_u18SjRdtiNLDO1YRwNClgRGoYrHDSByU3UHDgAJYssZ5d7O_UkqQZbVDQln-WRpFkavdNwfG5ttEUmmnpoXjgYesVRI4jMZY2Y11BMGZPteTHpFR9JqmeJZuAIdFfRT3lDOD5fjkKzPK4fSH7SoSNDAXmFOtVXSMxlJFlRGpsc1bGeQ-IF2xJWhZp81_Bm6ICIbjYkP3VazqU7r9PHdfYSFWwjWxbKKm4NeLn-hWkUT7ZZkcKZwNNxCbiitedCL0GM5lLqeZ7x0vC56HoMLwhOKqsMuiZJ2OFZCsahVUmRsd0GKDI5Q8-Ug8zO_0wCPW-6jxXCUlJsXxkmFI7eN60bhP_OIiMi7wiaSb9ckJKYk-ZZ-Wl92KW6G4T_hgrdk1kkaVDoX6KDDj7dpCESZF7-fax7Jb0S8sBqRoS02eKPOkQP6bCnFs5IOklr44vyw2G5vtrEgCyodh8-T8tIsTt4LhVrpy87GcVQqQUOvgwd1XtDX9IsYD3sKPExskgCABLzBtCPHR9wKkeNyn_of8LMnKMngtNHccHrFq5immv1b1xyIsnvWakDKTletmi30amZKbVtANx-Ct3HLBFFGhC8ftNsQbzhPQVy-eeHYxeoYQoA9ELH7YHn6Qre7RP2UnZPJ8pFSaRTj4QP9uszQIiIq2ofuvbZLJaCp0qKvQqfIv8EAqz-_hues6UuhE--4w6a-Vbt3w7G2-6gZ-wOK6E3oJ78Jrbgl3eZDstgQLVJHJ8-4JSEsVL394nXOUgs6wbVZUNX7SRqzr5x

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3468
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=lfUOWl9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0E1NiUyRlpUYmNpOWVUMWRHb28lMkZoMk9DZ...
https://mug.criteo.com/sid?cpp=xVe6jnx3WUZJQ0V4eDhKUWJybEh5L1BneU41VmJCNXk5c2ZyaUFQdDdXMEdheFd6OTRrVG5SY2hWeXVmRjBkTUZYS0ZNRlRkc1pzL2hYSDkwS3hoL0wyZHVMQStBZU1VUVJGSDVWSzl2TitkKzYrYmRTbHlWMnBxUzdxTE...

422 B
650 B

17ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=xVe6jnx3WUZJQ0V4eDhKUWJybEh5L1BneU41VmJCNXk5c2ZyaUFQdDdXMEdheFd6OTRrVG5SY2hWeXVmRjBkTUZYS0ZNRlRkc1pzL2hYSDkwS3hoL0wyZHVMQStBZU1VUVJGSDVWSzl2TitkKzYrYmRTbHlWMnBxUzdxTEZEd1lXc2dBS2xGQjhqWWpEL1hXbTE1QUF0WWFYa292U1ZKYnpDYnJFcnYrS25ZSGluTEhwaHJ2bEFvMXpZOWNBTVA1bDdFQmNWQjQ5QUxSbDNueTlzZW1GWDlLSUZmQy81YlZyR3ZnbWNLUlpPb3hFb0tRY29DMVFHV3oyWU4vQktGdEs3YWJFbGo1VnRPRVZQWTZaeGh0ZUVqR0FPMG9CeFl3S0ZrUVFucUpNSTcyRDJOaz18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

15fdf63fb35bbfa6be90ce64844bbd6cce82fe63e5442ae9ca92e0d1c2878013

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1841998
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=xVe6jnx3WUZJQ0V4eDhKUWJybEh5L1BneU41VmJCNXk5c2ZyaUFQdDdXMEdheFd6OTRrVG5SY2hWeXVmRjBkTUZYS0ZNRlRkc1pzL2hYSDkwS3hoL0wyZHVMQStBZU1VUVJGSDVWSzl2TitkKzYrYmRTbHlWMnBxUzdxTEZEd1lXc2dBS2xGQjhqWWpEL1hXbTE1QUF0WWFYa292U1ZKYnpDYnJFcnYrS25ZSGluTEhwaHJ2bEFvMXpZOWNBTVA1bDdFQmNWQjQ5QUxSbDNueTlzZW1GWDlLSUZmQy81YlZyR3ZnbWNLUlpPb3hFb0tRY29DMVFHV3oyWU4vQktGdEs3YWJFbGo1VnRPRVZQWTZaeGh0ZUVqR0FPMG9CeFl3S0ZrUVFucUpNSTcyRDJOaz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 564561
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C8CF 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 1503825
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 95B8 15 KB
6 KB 19ms
19ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 1460372
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 50C0 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 1350760
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9976 15 KB
6 KB 31ms
30ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 1064741
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B667 15 KB
6 KB 26ms
26ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 1453846
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 33ms
29ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895362954&oz_l=35&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:36:02 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AD9E 34 KB
10 KB 16ms
15ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 01:36:03 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Dec 2022 18:02:02 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59163
Connection: keep-alive
Content-Length: 10064
Expires: Tue, 13 Dec 2022 18:02:06 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E667 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 1376657
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6CC6 15 KB
6 KB 18ms
18ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 1467090
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame D70B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=gs65ll9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0JVNXglMkI2aWtpWm51SGxtb3RueGpoUGxyU...
https://mug.criteo.com/sid?cpp=uk9GEXxjY1QxN0w2V0dkMmNneFF0S2ZYVjQwSkJVbnN2T2x2RkRnOU1rcWVEV3l6bEFyRGJWOTdJZGFDRkJnK1lOcUVtM1YwN1MwY25mYTNoTEliSWwzb05lN3I2Vi9tTFZMVm5NYzdFTmNyQTZmQ3ZjV21MbUlSazZHRU...

438 B
654 B

18ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uk9GEXxjY1QxN0w2V0dkMmNneFF0S2ZYVjQwSkJVbnN2T2x2RkRnOU1rcWVEV3l6bEFyRGJWOTdJZGFDRkJnK1lOcUVtM1YwN1MwY25mYTNoTEliSWwzb05lN3I2Vi9tTFZMVm5NYzdFTmNyQTZmQ3ZjV21MbUlSazZHRUE3cnFVVHhPN1E4dDR1cHNGMUNOUWNxTVc2WXhPOHhHOVZmVjJpRmhBSVp4Qmxma1c1V2NnWmRpemg1SXdGZ3pJeUFXSS9DL0w2cnJNbGZnNEJ2alQ3dk5KQXUxUDJXb2NGblRhOHFTVVpmWTVHV3JmNkZVL3pEWHZSUmJhMHpGdWh2QzB6K1JVa0p3VEowQXp6SnFqR0RIN3dGV1JSd1UzcWR5VlhWTWl6VUlZUms5L0tWWT18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4ab60f52db3b2036f42bca2d25d936b3942640dcf8e3b0c9862bf4942989a94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2034974
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=uk9GEXxjY1QxN0w2V0dkMmNneFF0S2ZYVjQwSkJVbnN2T2x2RkRnOU1rcWVEV3l6bEFyRGJWOTdJZGFDRkJnK1lOcUVtM1YwN1MwY25mYTNoTEliSWwzb05lN3I2Vi9tTFZMVm5NYzdFTmNyQTZmQ3ZjV21MbUlSazZHRUE3cnFVVHhPN1E4dDR1cHNGMUNOUWNxTVc2WXhPOHhHOVZmVjJpRmhBSVp4Qmxma1c1V2NnWmRpemg1SXdGZ3pJeUFXSS9DL0w2cnJNbGZnNEJ2alQ3dk5KQXUxUDJXb2NGblRhOHFTVVpmWTVHV3JmNkZVL3pEWHZSUmJhMHpGdWh2QzB6K1JVa0p3VEowQXp6SnFqR0RIN3dGV1JSd1UzcWR5VlhWTWl6VUlZUms5L0tWWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 327624
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame A2B6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=m4pbSl9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0VjVnFtUU5FJTJCUjZuYlJqRHNubzRKNEVmN...
https://mug.criteo.com/sid?cpp=Ds6yUHxkRDJtQmRwOHN4cXplWS9vcDI0TUhtMmd3NHliTUhhbENqL0hPa1l1YXRQYUV6ZXhMOEZqb3dVYXpPWWhyY3d0UU5OSUJWY2U5ak5vU0dwdEhUQlh6V1Yvb21jSkx5TmdOeFdLcS82Vk9Tb2FSTnhvaTRLSHJyTT...

436 B
670 B

17ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Ds6yUHxkRDJtQmRwOHN4cXplWS9vcDI0TUhtMmd3NHliTUhhbENqL0hPa1l1YXRQYUV6ZXhMOEZqb3dVYXpPWWhyY3d0UU5OSUJWY2U5ak5vU0dwdEhUQlh6V1Yvb21jSkx5TmdOeFdLcS82Vk9Tb2FSTnhvaTRLSHJyTTBPMkdmYUhMNXdrQ3Zuem04ZHBzbDVjbnZWc1R3NS83aDVtS3UxU2dUUVd1aWEydVlQR3d6bER1c0NXZUtQT0t1bW8xUVZyQThsMTlEU1hjSmlhWjBMb1J5aVNuS1BVekIwcWVJekdCK2MvZFJnRXpJNkFoV0lsSmxZbjZqMXhjckc3R2tQYjZieEpFWDdGM2lNeVZNVW9KTGNUREI2dno0ekZMM1hORmxhTDY2NnkwNTBZRT18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dd3bf7a02e828eb1c9b59675152e1c3d47c1c75699d83e99a7d570ac5824c9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1668791
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Ds6yUHxkRDJtQmRwOHN4cXplWS9vcDI0TUhtMmd3NHliTUhhbENqL0hPa1l1YXRQYUV6ZXhMOEZqb3dVYXpPWWhyY3d0UU5OSUJWY2U5ak5vU0dwdEhUQlh6V1Yvb21jSkx5TmdOeFdLcS82Vk9Tb2FSTnhvaTRLSHJyTTBPMkdmYUhMNXdrQ3Zuem04ZHBzbDVjbnZWc1R3NS83aDVtS3UxU2dUUVd1aWEydVlQR3d6bER1c0NXZUtQT0t1bW8xUVZyQThsMTlEU1hjSmlhWjBMb1J5aVNuS1BVekIwcWVJekdCK2MvZFJnRXpJNkFoV0lsSmxZbjZqMXhjckc3R2tQYjZieEpFWDdGM2lNeVZNVW9KTGNUREI2dno0ekZMM1hORmxhTDY2NnkwNTBZRT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 611803
content-length: 0
expires: 0

POST
H2 200 /
track.adform.net/serving/unload/ Frame 7DA7 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,5859283581057071462,100|3603|0|0|0|0|0|0|0||141|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvKREJcKgidexhpnBRkvb3lA7z_uuw_WOM1|R4iX0eHrCix42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SVcsUw786y-LUGyr7jp1eKPfy0h_IB6gZ1KpI_22cKeyO4RsFn-ucpMMxhFn7iFYh6fNzOvM7seG3m-HTxGA4Vmg7Klcu1N_wD9jTA9wD4ksfMEX5By_Xskui0bMBUl7FkbBjxSa4glQO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2

200

sid Show response
mug.criteo.com/ Frame EAE1
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0U...
https://mug.criteo.com/sid?cpp=QtK8yXxaTkY5UzFNTDJyb3o0QUJIa0VaeHdTam5lWkdNQmp5Q2JxSDlJNE4xOVJzbHBKWFo0TVdpWU0rUkl4cllCUnRieFBRK0JXckJ5RjFoc2x4U1doSzdXYURINGVDbGE3K2ZGdURWRXdkU1FCOThjL2crdzRmc2doTX...

435 B
663 B

18ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=QtK8yXxaTkY5UzFNTDJyb3o0QUJIa0VaeHdTam5lWkdNQmp5Q2JxSDlJNE4xOVJzbHBKWFo0TVdpWU0rUkl4cllCUnRieFBRK0JXckJ5RjFoc2x4U1doSzdXYURINGVDbGE3K2ZGdURWRXdkU1FCOThjL2crdzRmc2doTXJVdlVTT2llMm81Wnp1S1BjclN3V3I1ZW94Wml1OVRxL3p4WWtYNlhuWXJOdkY2M2I3dDJlS0c5aTVOdDlrYy9NMmxRWDU2R0Q2cG0vV2txTEQwYlI2cU16L042ZGVSTlVJaUNFck04Y3M1SHhEeVRoeWpLc0lFTGtMTmJtSEFORnNRVjhsMi9MTTl3NUF6ZWxLb1lFbHcrdWJ4VzlQUDlFZ0dCR1ljS21ra3F0Vkc5REgxMD18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

445ea1447fcbeb9657fd42642d7ba8d6a4d4aa263f15291d8c780edb70e90c93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1768855
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=QtK8yXxaTkY5UzFNTDJyb3o0QUJIa0VaeHdTam5lWkdNQmp5Q2JxSDlJNE4xOVJzbHBKWFo0TVdpWU0rUkl4cllCUnRieFBRK0JXckJ5RjFoc2x4U1doSzdXYURINGVDbGE3K2ZGdURWRXdkU1FCOThjL2crdzRmc2doTXJVdlVTT2llMm81Wnp1S1BjclN3V3I1ZW94Wml1OVRxL3p4WWtYNlhuWXJOdkY2M2I3dDJlS0c5aTVOdDlrYy9NMmxRWDU2R0Q2cG0vV2txTEQwYlI2cU16L042ZGVSTlVJaUNFck04Y3M1SHhEeVRoeWpLc0lFTGtMTmJtSEFORnNRVjhsMi9MTTl3NUF6ZWxLb1lFbHcrdWJ4VzlQUDlFZ0dCR1ljS21ra3F0Vkc5REgxMD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 586321
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame D730 15 KB
6 KB 18ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 1287113
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3BA0 15 KB
6 KB 19ms
19ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 1286553
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3BB6 15 KB
6 KB 18ms
18ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 1129894
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 12BE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0U...
https://mug.criteo.com/sid?cpp=jMDn0nxOTjNqSlIxR0krNUVGRk0vRytUdEx1L0dMUWVmMVd6Z2ZPemRtb1krTzBxMjIzNFZNV2d3blNrTUJyR055aHorL3l1RjRsTCt3K2llWVIzNGNvQ0g5Y245ZUQrT0llREZBeW5CK0JJMHMzT1Fid1QyS0RlbWllek...

457 B
675 B

17ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=jMDn0nxOTjNqSlIxR0krNUVGRk0vRytUdEx1L0dMUWVmMVd6Z2ZPemRtb1krTzBxMjIzNFZNV2d3blNrTUJyR055aHorL3l1RjRsTCt3K2llWVIzNGNvQ0g5Y245ZUQrT0llREZBeW5CK0JJMHMzT1Fid1QyS0RlbWllekkvUitoSkJlNFJOYTNBSmZudTR6dm52RWFjalBMUzNlNmZ1SFdWS2EyWDJlQkFNU1ptU3BuM0JFdDF0NC9ldDMwK1JmSUR1R2lHL1dYTWQxZmt1d3g4NDZKZlFTOE9aM2lvaDY1cUNleHVLaFJHd0tsS3Rjelg0WWp0TVFTYU5KTndLeE9QTVorTHoyMStReFloQzcyM0czdm1LYXN0MG5HR1JKL3h5UXlXNHlxZ3YvenlPZz18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f51fe01f2785b88e280d05804e5117bff086d8f889a5363c63d98cef56a39377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1816220
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=jMDn0nxOTjNqSlIxR0krNUVGRk0vRytUdEx1L0dMUWVmMVd6Z2ZPemRtb1krTzBxMjIzNFZNV2d3blNrTUJyR055aHorL3l1RjRsTCt3K2llWVIzNGNvQ0g5Y245ZUQrT0llREZBeW5CK0JJMHMzT1Fid1QyS0RlbWllekkvUitoSkJlNFJOYTNBSmZudTR6dm52RWFjalBMUzNlNmZ1SFdWS2EyWDJlQkFNU1ptU3BuM0JFdDF0NC9ldDMwK1JmSUR1R2lHL1dYTWQxZmt1d3g4NDZKZlFTOE9aM2lvaDY1cUNleHVLaFJHd0tsS3Rjelg0WWp0TVFTYU5KTndLeE9QTVorTHoyMStReFloQzcyM0czdm1LYXN0MG5HR1JKL3h5UXlXNHlxZ3YvenlPZz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 644422
content-length: 0
expires: 0

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame C863 88 KB
29 KB 16ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:03 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame F999 88 KB
29 KB 16ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:03 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8C27 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:03 GMT
AN-X-Request-Uuid: f88f7079-08a9-4e75-8899-9f6df83115f8
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 0723 88 KB
29 KB 17ms
17ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:03 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame D4D7 35 B
468 B 19ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,3579830131137340763,100|3987|0|0|0|0|0|0|0||156|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKu22p4fuDw8txhpnBRkvb3lA7z_uuw_WOM1|azPcNvHoVYN42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-S2YUzo2hZul2buPF5JxMQxJZjiMIjDL5JuSQgE3WHzUbtLxij1L2_lg3-Jn6gKd3sv8blS7G1yaQ9jgx4TmFbhz5sK05aOAaS487kQPD7qPMfMEX5By_Xskui0bMBUl7FvKCtKAhuvEwO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 056F 35 B
468 B 20ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,5827619730191936662,100|3986|0|0|0|0|0|0|0||156|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvmnyQERldIuhhpnBRkvb3lA7z_uuw_WOM1|NzdvgD9gYJF42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SXOYPggT9YK4oafCEGqmAP39D7MSfrVkeeHqXI7BZTla6tzJEWFgODgIMAiDHzoAnrGU6O_bacNgzVhbT58Z3bjvRZ0QPlrLa487kQPD7qPMfMEX5By_Xskui0bMBUl7FrKxSbT51v4QO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame A3A3 35 B
468 B 19ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,6123160584022058838,100|3995|0|0|0|0|0|0|0||156|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsKWTybQejdtRhpnBRkvb3lA7z_uuw_WOM1|ZnZyU2CeQMZ42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-Smz6DiN2xBdd-YgH7ky7JZlUnhqCF6xwOl--QfGPSG_OzfaDIhLmsXlBWf7lXpubTAmCQC1ruH5CSwHNsjD6RfWHGPRR9qDwq487kQPD7qPMfMEX5By_Xskui0bMBUl7GIomjd2CVv1AO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 90A4 35 B
468 B 20ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,8279137521474703212,100|3984|0|0|0|0|0|0|0||156|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsLJlGEAF-xlBhpnBRkvb3lA7z_uuw_WOM1|dwM4mnrZthYWcRYtgUbgFKBG_kd7sUIQyQbNzqOyWmxMr4hLISKiONol5kSYxyp8wBT8A18WkWQdSihwuRFs2dLzik8OS_MJdLENeERtvyAFI1e6n61PJYj7Z_ssjYeSohcY6vbxqK860R6LeeqNBqShCn1yzlSyuTNlEnA-3LJnn_WO9d-tmQj9D2es57yWsM7lnDxo7-oXOqVKttkMPA2||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 9EA9 35 B
468 B 20ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,3675219598283937811,100|3985|0|0|0|0|0|0|0||156|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKuWVRyxkOzQwBhpnBRkvb3lA7z_uuw_WOM1|yDsomYhG62l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R_ukBu4ag5a3bSvRg4jBp3H7xptAqVGZWPJI3fcArP757eVzc-64HRpCtgLd1wnBr6667J5fy7qX4nt2-FdKcpP4u3jTwHNpS487kQPD7qPMfMEX5By_Xskui0bMBUl7E3W_BpddaodwO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 1DD4 88 KB
29 KB 16ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:03 GMT

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 1DB9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

54ms
44ms

Document
text/html

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c277cb839bac2bf86d6508ff6cb9e1cb6541b71a4d89ba614a8d74d04a0ffc1c

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 778af776ac729152-FRA
content-encoding: br
content-type: text/html
date: Tue, 13 Dec 2022 01:36:03 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjD6GBbXPZV%2FIZpExtETvCVDuDuQwi%2Bal7ERa%2FU%2FtSqfXC%2BKC%2Bl8JgtoJ0%2FTA05%2FzpjQK%2FcVJCoWHbq87OaB5mzZwt6mZaXM7HgnADOxGlMKEByI7Lufgl%2BAbZFRuIxZV9%2BcxBIVyidyvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 778af7764de19b28-FRA
content-length: 0
date: Tue, 13 Dec 2022 01:36:03 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8C7n8g55ph6llZD7iraPF4g3CZAyP7gT3iP6UbvtSDEqNn7zoL9NjCJ237NPPpYTYx7Th%2BvVRlJ45RsLlDKk%2F2xnaO2vodyu9iE39jbJvi%2F0iQVY97qG%2BMAkm2CDMi%2By4KlZxUyKlwwsg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame C8CF
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0U...
https://mug.criteo.com/sid?cpp=1RvRHnwwL3FVb3Y2NDdiNEhBNzFGdUppdytma1VRei9qOWFIaWY2cmVqTm1aU3BLVDVGTEhhbWl3RUsyNm9PYXFrUDMvOEJFbXNBdEtwd1doYlBVd3dUQ3NuSS81WElLZkZKaWtpTjJObE1qcGg2cnRneFhzN1R2TXdwQT...

431 B
650 B

17ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=1RvRHnwwL3FVb3Y2NDdiNEhBNzFGdUppdytma1VRei9qOWFIaWY2cmVqTm1aU3BLVDVGTEhhbWl3RUsyNm9PYXFrUDMvOEJFbXNBdEtwd1doYlBVd3dUQ3NuSS81WElLZkZKaWtpTjJObE1qcGg2cnRneFhzN1R2TXdwQTVLcUp6aFp1UFQyemZrbGVKaUVjaG5NMlg0bGw0a2M4QjB3VWU5ZkdsNjVaR0Y3WXRiU2lMdW9FbHgwelJKU0Z6Nk1hZElJWHZWNklNLysvMW1ZTFNjQURqaU9FaWJLOFE4aHJyd0lXWVJJdHptWHJyajc5Ykx0Q2pkVnFlTDg5WHBSWW5tN3dwM3hlRzZ5Ykk2TWJ2anQwenFXS0E2ckZVejJOSTlJWC9KcCs4bGgydFp1az18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

774070d68c5bc55e30a08e64a3ea70d17e656de05f1733a9997b89ea83289eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1681631
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=1RvRHnwwL3FVb3Y2NDdiNEhBNzFGdUppdytma1VRei9qOWFIaWY2cmVqTm1aU3BLVDVGTEhhbWl3RUsyNm9PYXFrUDMvOEJFbXNBdEtwd1doYlBVd3dUQ3NuSS81WElLZkZKaWtpTjJObE1qcGg2cnRneFhzN1R2TXdwQTVLcUp6aFp1UFQyemZrbGVKaUVjaG5NMlg0bGw0a2M4QjB3VWU5ZkdsNjVaR0Y3WXRiU2lMdW9FbHgwelJKU0Z6Nk1hZElJWHZWNklNLysvMW1ZTFNjQURqaU9FaWJLOFE4aHJyd0lXWVJJdHptWHJyajc5Ykx0Q2pkVnFlTDg5WHBSWW5tN3dwM3hlRzZ5Ykk2TWJ2anQwenFXS0E2ckZVejJOSTlJWC9KcCs4bGgydFp1az18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 668284
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 95B8
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0U...
https://mug.criteo.com/sid?cpp=wtZnYHxtaG5wNzhKK21PVVA4RUczNEo4UlAwb28vekxXYURwSFEzTkFzTzJNU05nNUtid3diQ1ArMVNvVmNzSGJtcTA0VXpRYkVEaHJSYWlrU2h6cGR4MFJTemhmWm53TW1HTVdoYzFLMVBjSDlvWnRZTFNDV3RDbmlKaU...

425 B
645 B

17ms
16ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=wtZnYHxtaG5wNzhKK21PVVA4RUczNEo4UlAwb28vekxXYURwSFEzTkFzTzJNU05nNUtid3diQ1ArMVNvVmNzSGJtcTA0VXpRYkVEaHJSYWlrU2h6cGR4MFJTemhmWm53TW1HTVdoYzFLMVBjSDlvWnRZTFNDV3RDbmlKaU5CS1VzYmpBNDYyNWtlR01Dbm5GY3VTTUowVEZwUTlGTDNoVGt4N2VlR1NteFVtVm82bXlLWHh4cVVPR0FvQng4MEpWd2d0VjNDbkZlSnIxTTQvY1VESzJQTTBDNzJOOFZhckU5d3NZWWM4SEFiUHBGVTRmNW1uK0xiWEZleUF2emt3QVY4c1hIL0M3TFZGVFBUbHRZTUhKZnZzWWN4U2VRYjRFcjFnODY1LzZFYUVxbWdGMD18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2f7c8ac4c7fb817bd2c51ffed611fc8eb045bd5d994d81260ff904ced1b327de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1567487
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=wtZnYHxtaG5wNzhKK21PVVA4RUczNEo4UlAwb28vekxXYURwSFEzTkFzTzJNU05nNUtid3diQ1ArMVNvVmNzSGJtcTA0VXpRYkVEaHJSYWlrU2h6cGR4MFJTemhmWm53TW1HTVdoYzFLMVBjSDlvWnRZTFNDV3RDbmlKaU5CS1VzYmpBNDYyNWtlR01Dbm5GY3VTTUowVEZwUTlGTDNoVGt4N2VlR1NteFVtVm82bXlLWHh4cVVPR0FvQng4MEpWd2d0VjNDbkZlSnIxTTQvY1VESzJQTTBDNzJOOFZhckU5d3NZWWM4SEFiUHBGVTRmNW1uK0xiWEZleUF2emt3QVY4c1hIL0M3TFZGVFBUbHRZTUhKZnZzWWN4U2VRYjRFcjFnODY1LzZFYUVxbWdGMD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 638126
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 50C0
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0U...
https://mug.criteo.com/sid?cpp=j6a5qXxEUkI0U0xmc2ZJeW1SZ09MbXlCNzFmRjlPbHZlbTVNMXJuSkxoNllxZ2Rnd3llOVFZYWVjVFlJdTNLRkFYanBhQWpzdGM3emhoTGFxTzl2bnFhZHErYzNnQ2V0NG9vMG80ODZIeldwVzRPSTBxYllkeUhuOXYzdl...

422 B
648 B

17ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=j6a5qXxEUkI0U0xmc2ZJeW1SZ09MbXlCNzFmRjlPbHZlbTVNMXJuSkxoNllxZ2Rnd3llOVFZYWVjVFlJdTNLRkFYanBhQWpzdGM3emhoTGFxTzl2bnFhZHErYzNnQ2V0NG9vMG80ODZIeldwVzRPSTBxYllkeUhuOXYzdlJTVUFKS0hoL1g0dXgzd0JwV3ppRENVVFJiNFp6alhrQVpiM3NQRjAwRU1qTDVYaTNxdnBCMGZ1TTh4cTNmR2pDQVNxNEF5RnFkVFFFODl6M0lJT0N6TGt0T3doUmROQ21sMFhyZGYyVjlJK3g3ZnB2SUdjeW9wS2pIa2w4Ykp1YVBhQXpZYUNCNGoyWHpkSHNxVmR2VUVGVW9GQk9GRzI1bERRVTJ0ZGNRTkNRVWhta2ZTTT18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

eaf3f04b75d3dba33f2ffe10fb1ebe6297f3239976f7aeec02954eb3d40f7130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1686211
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=j6a5qXxEUkI0U0xmc2ZJeW1SZ09MbXlCNzFmRjlPbHZlbTVNMXJuSkxoNllxZ2Rnd3llOVFZYWVjVFlJdTNLRkFYanBhQWpzdGM3emhoTGFxTzl2bnFhZHErYzNnQ2V0NG9vMG80ODZIeldwVzRPSTBxYllkeUhuOXYzdlJTVUFKS0hoL1g0dXgzd0JwV3ppRENVVFJiNFp6alhrQVpiM3NQRjAwRU1qTDVYaTNxdnBCMGZ1TTh4cTNmR2pDQVNxNEF5RnFkVFFFODl6M0lJT0N6TGt0T3doUmROQ21sMFhyZGYyVjlJK3g3ZnB2SUdjeW9wS2pIa2w4Ykp1YVBhQXpZYUNCNGoyWHpkSHNxVmR2VUVGVW9GQk9GRzI1bERRVTJ0ZGNRTkNRVWhta2ZTTT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 727708
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9976
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0U...
https://mug.criteo.com/sid?cpp=AH-ot3xXNHBiWm44dnlxeTN0a01sYUJlTlVjWU83eG9FKzZhWUlJbW5neURsZlZBdVRFNFlDaUg1dkREeUNpeExBaXp2cDlrbTd6K2Z1Y3FReXRXWkdlMlJiNFhoVkgzMkJtV3ZycFFPN00yckc4bDdpQnZXbmhBRHZEN0...

431 B
652 B

17ms
16ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=AH-ot3xXNHBiWm44dnlxeTN0a01sYUJlTlVjWU83eG9FKzZhWUlJbW5neURsZlZBdVRFNFlDaUg1dkREeUNpeExBaXp2cDlrbTd6K2Z1Y3FReXRXWkdlMlJiNFhoVkgzMkJtV3ZycFFPN00yckc4bDdpQnZXbmhBRHZEN0taL1dQQ3UxM3h4dU9wK1IxdGtBRTVuVThwVWk0T2krYkg0UjFhRTdMSkNGQ21LemJzTlpzS25vMTRaSERwUE5wODNLU0JZR1pHcExPN0kyeE1GTkNMZmE0YVlFTVdsOFJQWks1OGllSXhGWTNtb2NKTWNlVjJEUldqQVprVFhPNWxOTFlMMXl1UjlZVnNhcjlqSUxZS2NuUURIMUVMOVVtYXF2ZkVBM0dYaEdrOVpldFM5Zz18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

254b30d850212f356d819c2864c13b8b19a6f7f270ab50a0bbb0cba7e4ed01dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1493795
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=AH-ot3xXNHBiWm44dnlxeTN0a01sYUJlTlVjWU83eG9FKzZhWUlJbW5neURsZlZBdVRFNFlDaUg1dkREeUNpeExBaXp2cDlrbTd6K2Z1Y3FReXRXWkdlMlJiNFhoVkgzMkJtV3ZycFFPN00yckc4bDdpQnZXbmhBRHZEN0taL1dQQ3UxM3h4dU9wK1IxdGtBRTVuVThwVWk0T2krYkg0UjFhRTdMSkNGQ21LemJzTlpzS25vMTRaSERwUE5wODNLU0JZR1pHcExPN0kyeE1GTkNMZmE0YVlFTVdsOFJQWks1OGllSXhGWTNtb2NKTWNlVjJEUldqQVprVFhPNWxOTFlMMXl1UjlZVnNhcjlqSUxZS2NuUURIMUVMOVVtYXF2ZkVBM0dYaEdrOVpldFM5Zz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 646504
content-length: 0
expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8082 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJ1wYANeXY9SjM6WYlQeJmLfgDgAAAAA4AeAEAg&bg=!AQKlAkbNAAYgquz3AKo7ACkAdvg8Wtu0rZ6epLDGN8QDVztMmUTACO07Y2OvBt37gLMvj0DXLCoi4QIAAAS8UgAAAANoAQeZA2R4YT1P53zyq059zgIY8GhL2_Tz9EenZhMV0h9mD_CzNdD46C5Dew_ON_qXfAmGKXuJqDgooFodPKJ7OaS4NhW1Ko10DML4ZjjlxA1NKQ-ofh9axLTaujDCAfRWVA3lxzKqf9pmVLbbwxNkfzuAC5GiUPoGH0Rtd55k4ffeXSN4zsJ4TC0NTm02V2Dqbh8f5Ea7Q0Z6mO5yVLLDicJdkP6cjkARSJ4W85Bcl00jtLvpM1861wP9duSwiAEjMCgwKDADZig3SUc4W_bewxtoi28s18tG0QB0WjPVsL-s6M4ybj_W32k0CQYWsz-CSHIAg1mzXpHpsVFbDcoxtUMvVKAsbaRjnKetdmqNKPGtOyrRA0mhrxOkWNhJG4rI4iRGeC1crGltqGhb2rwmT84tvoVjzKz-LJYYWz0gM8Gvc33GGETubbMZ2nMroPl_jUcQD8XsOzD8aZ28JAg0pfWilGhZWy6hjcv0uWtlUakvMUYrXAEL3w32CkOSHfBvzYeXWK_nRCTQi5q0BlTZHudYMHH-NOLGgJ_MTgNhAkCJc5QubRVrj-_ApBXptbCo8TbdwqyRugcaQIpRZEXe3htPYC9AVgO5TbR0gS6-ph1fuJPKR-BlDmcVMXtHjgBCgwaLMJltmPRWBZBnDFKaqmLh7zOLyCYqh19C76FsB8kxJuUhk4IbAZqt3RoGf4SJ3fuJcc1b1wRUIra-4zvoNcm0MhW6DSlrDrSB6FvqIQGtTa4SB8eTMp82jvXEtjpR3j8yPXfS66sMHdD4tGiRg3BXzmomp3u9ebpflhEu7JcNFMjqg67LlxLLDzAeOd98XAS8IxK23awLs8onCWW9C6izFv64Pcp0Yq-MjLk39WpVrWiOKxhp2DX4Wl8BwjeM_jcy8_VwHgD03cQ8dUIrBZlg5HOfRR8i-l9-azxDZrW1IkzC_wq_lhg9mqNAlOnqPd9gkwEh7cH512RWgltarLH1Ee6HZu3RflxVBU-uiMc9ytt2zliHx5c1IJhBusOpnthvsH_zIryXSYAg6HGQk0P8OWrmOwk6ehOVvcN6-TYrSv76PTwbGKFxqScgHFeDB4ZN8IsHehZVquaLS6Dxm6VJZQOsDh0ZQqLZgVfq4Wyc0xRSgBDUvsLcGpaTtRvO7GwW8iCwnMqA

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame C49D 88 KB
29 KB 18ms
17ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:03 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame B667
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0U...
https://mug.criteo.com/sid?cpp=k4WqBnxIaytxY3lHVnp1d3FDNTlnK3BTN2tjelpCZHpzcW4xMTROOEhEN1d6dEpkeDJxMEhqSG5sRjdXRG1SR2JlQUo1aThDYXN1OFZCSWZ5UXd1WEFYemJXbU55Zk1FcndYUUJZbGcvaUFUUGVWaWRHaGJtalduNjhoeU...

428 B
667 B

19ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=k4WqBnxIaytxY3lHVnp1d3FDNTlnK3BTN2tjelpCZHpzcW4xMTROOEhEN1d6dEpkeDJxMEhqSG5sRjdXRG1SR2JlQUo1aThDYXN1OFZCSWZ5UXd1WEFYemJXbU55Zk1FcndYUUJZbGcvaUFUUGVWaWRHaGJtalduNjhoeUZpT0FzTGJZcUozNDdTa0ZxRmp5dndYdzRraXYzaHlsUktOQWlJZ3Z5MkloUWlyUkM3cjVCQ3JhQUJPQW9Vc1FKNHNJRWN2R1FNSE1HdGpiS0V1TGxKMFFxRHdYNVc3WE1hS0VYUmluVVFxaVFtRHV4cFlxNjdQbVhLdzZxNHM0N2gvVE1GSzNETHg2bkZOVnJ6cG1DdHVBbXV0eHZNN0hLWHI0c0g2a2pDaXUzWENnYU5Saz18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2d789fa8321bfbec00515ca6fcaf0baf56b3a021a79adf4631a4f39fe100c0f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1725456
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=k4WqBnxIaytxY3lHVnp1d3FDNTlnK3BTN2tjelpCZHpzcW4xMTROOEhEN1d6dEpkeDJxMEhqSG5sRjdXRG1SR2JlQUo1aThDYXN1OFZCSWZ5UXd1WEFYemJXbU55Zk1FcndYUUJZbGcvaUFUUGVWaWRHaGJtalduNjhoeUZpT0FzTGJZcUozNDdTa0ZxRmp5dndYdzRraXYzaHlsUktOQWlJZ3Z5MkloUWlyUkM3cjVCQ3JhQUJPQW9Vc1FKNHNJRWN2R1FNSE1HdGpiS0V1TGxKMFFxRHdYNVc3WE1hS0VYUmluVVFxaVFtRHV4cFlxNjdQbVhLdzZxNHM0N2gvVE1GSzNETHg2bkZOVnJ6cG1DdHVBbXV0eHZNN0hLWHI0c0g2a2pDaXUzWENnYU5Saz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 543053
content-length: 0
expires: 0

GET
BLOB 200
OK 60150528-e7d1-4138-8e57-db360c96cf70
https://flashnetic.com/ Frame E500 802 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://flashnetic.com/60150528-e7d1-4138-8e57-db360c96cf70
Requested by: Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0359b74bdc8a9ce5cf1f38a364b781b7169fe7892d7247cb4dbb2acc3cb07463

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 802

GET
H2

200

sid Show response
mug.criteo.com/ Frame E667
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0U...
https://mug.criteo.com/sid?cpp=GpsR0nxUcHFZTjdWMW5xblR5Y2tXMExtaEFhYmI1V0NvV0p1V3dLQWxocGphVHRoakZrbGdGVDRKQTZ5S3FqbmtoR0tsK2lxUDIraENxYzNVVGZKenNjV2JCVkQrRlM4bEZFS2NtSnlMd0IveGlPWHdaaFBYVHlYR0FuOE...

433 B
671 B

17ms
16ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=GpsR0nxUcHFZTjdWMW5xblR5Y2tXMExtaEFhYmI1V0NvV0p1V3dLQWxocGphVHRoakZrbGdGVDRKQTZ5S3FqbmtoR0tsK2lxUDIraENxYzNVVGZKenNjV2JCVkQrRlM4bEZFS2NtSnlMd0IveGlPWHdaaFBYVHlYR0FuOEN0cXFyNGFMTHZRTkl6VXhiVUMvWTk5S0hPSThWZW9Mb2tXKzR4VjlvSWU4cFhveU91dW9Ib0ovZXdGL0lHZ1ZhWnRBYmgzZVlrUFIvRldCT1E5eUJQRkd6WGRPTFBXdHFVZHd0WUZKdjM3Szdaa3dUZzBUZUp3RUxXVFQ4L1pxd1FiT0NReGlOZU5BK1JNSE8rdm1ua0k0a0IrOERTZithWTdpVnZvWFpJTDFLUnJlSjFCaz18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4df5f8e5879dd3099af09f9de22bce62c9592b91228994989bf09f96c45e0831

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1638638
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=GpsR0nxUcHFZTjdWMW5xblR5Y2tXMExtaEFhYmI1V0NvV0p1V3dLQWxocGphVHRoakZrbGdGVDRKQTZ5S3FqbmtoR0tsK2lxUDIraENxYzNVVGZKenNjV2JCVkQrRlM4bEZFS2NtSnlMd0IveGlPWHdaaFBYVHlYR0FuOEN0cXFyNGFMTHZRTkl6VXhiVUMvWTk5S0hPSThWZW9Mb2tXKzR4VjlvSWU4cFhveU91dW9Ib0ovZXdGL0lHZ1ZhWnRBYmgzZVlrUFIvRldCT1E5eUJQRkd6WGRPTFBXdHFVZHd0WUZKdjM3Szdaa3dUZzBUZUp3RUxXVFQ4L1pxd1FiT0NReGlOZU5BK1JNSE8rdm1ua0k0a0IrOERTZithWTdpVnZvWFpJTDFLUnJlSjFCaz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 651851
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6CC6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0U...
https://mug.criteo.com/sid?cpp=ba6manxRS2tpQ1pxR2R2dXNQTUFKc2dUeTFKdllPVjFHbWZEN1ZCL2doemphZjdWWUVmOUk2bXpWd2NaNFo2SmRDWHpCSy9FVGdvcWtqL1NjM1lJZHZXQ0dRTmY1Q2F6Ums5M1k4VVJSMTZ1UE5FYUYreEdXdHlKMnRDVW...

425 B
663 B

17ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ba6manxRS2tpQ1pxR2R2dXNQTUFKc2dUeTFKdllPVjFHbWZEN1ZCL2doemphZjdWWUVmOUk2bXpWd2NaNFo2SmRDWHpCSy9FVGdvcWtqL1NjM1lJZHZXQ0dRTmY1Q2F6Ums5M1k4VVJSMTZ1UE5FYUYreEdXdHlKMnRDVWd6LzdCdks1dEE0cUsvL0lTVXVyS1ZtdVQ2MWRRTTYrL3RVc3kzcitQRm0rOFp6UTZVMXBoRGs3QjJsTVJLUk0rd3FmbHNRVkdJL0JXVnh0ZXlZOGM2QlZ1K0JpOG8zVW4vYkh2LzM3OTR3cjQzV21Fa05mU1RMR0szL2RrK2VGNjVxNjJlTnJ3RUpVQzJUazlVT0YwdlFnckRCTUFLNEhPaDliQjdBWks1aXpSQ0RJUFFPMD18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

63f27e23b80e8b821c171cabb41e06b31e84d62f85b10c44aefda6ff81d70f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1821215
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ba6manxRS2tpQ1pxR2R2dXNQTUFKc2dUeTFKdllPVjFHbWZEN1ZCL2doemphZjdWWUVmOUk2bXpWd2NaNFo2SmRDWHpCSy9FVGdvcWtqL1NjM1lJZHZXQ0dRTmY1Q2F6Ums5M1k4VVJSMTZ1UE5FYUYreEdXdHlKMnRDVWd6LzdCdks1dEE0cUsvL0lTVXVyS1ZtdVQ2MWRRTTYrL3RVc3kzcitQRm0rOFp6UTZVMXBoRGs3QjJsTVJLUk0rd3FmbHNRVkdJL0JXVnh0ZXlZOGM2QlZ1K0JpOG8zVW4vYkh2LzM3OTR3cjQzV21Fa05mU1RMR0szL2RrK2VGNjVxNjJlTnJ3RUpVQzJUazlVT0YwdlFnckRCTUFLNEhPaDliQjdBWks1aXpSQ0RJUFFPMD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 609142
content-length: 0
expires: 0

GET
H3 200 cm Show response
u.openx.net/w/1.0/ Frame 7DFA 0
35 B 70ms
37ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Tue, 13 Dec 2022 01:36:03 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

sid Show response
mug.criteo.com/ Frame D730
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0U...
https://mug.criteo.com/sid?cpp=pu7gqXxyV0prOXlha0l4L3JJMXUyQ0V3WkxDRTlzd2RsUzZxcXpJcXY3M0ExRFNVMzhCaXVMNThWNmQxNlErQjF1WkxVdnhVM0NnOFV2SElSelp1Qjg4NUoxV0RxaHZGRmdwRVkyejUrZWN0ajVXRzBVb2lDeWVCdVprZU...

428 B
654 B

17ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=pu7gqXxyV0prOXlha0l4L3JJMXUyQ0V3WkxDRTlzd2RsUzZxcXpJcXY3M0ExRFNVMzhCaXVMNThWNmQxNlErQjF1WkxVdnhVM0NnOFV2SElSelp1Qjg4NUoxV0RxaHZGRmdwRVkyejUrZWN0ajVXRzBVb2lDeWVCdVprZUtqbGZBeHpVcDYyKzZpSFR4TG1tTGo2NElRNjJpZzRBZ0V1S1NxWHNwTCs1eHlFZWZMZnVVUWJEZ2lHMml1cWdtN2grN1Irei96TXJNOEhDWURFT2dxeDNNc3d2QWpQK1RJb0RoL3Qrei9ndjczbmVhL2lhTkc4cXJTQmFTQWx3eE4zTmhQSkMwaDhCOWVvQWdkVlZVSWVQS1JjNFNHaEI2NHhPZ3B2NXJWMEpxYjhsYnY0ST18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

448a88c3b6e1d96d99615dee9ea6df46707d0a29e3cfec07a6ca2ae15fbf5074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1825784
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=pu7gqXxyV0prOXlha0l4L3JJMXUyQ0V3WkxDRTlzd2RsUzZxcXpJcXY3M0ExRFNVMzhCaXVMNThWNmQxNlErQjF1WkxVdnhVM0NnOFV2SElSelp1Qjg4NUoxV0RxaHZGRmdwRVkyejUrZWN0ajVXRzBVb2lDeWVCdVprZUtqbGZBeHpVcDYyKzZpSFR4TG1tTGo2NElRNjJpZzRBZ0V1S1NxWHNwTCs1eHlFZWZMZnVVUWJEZ2lHMml1cWdtN2grN1Irei96TXJNOEhDWURFT2dxeDNNc3d2QWpQK1RJb0RoL3Qrei9ndjczbmVhL2lhTkc4cXJTQmFTQWx3eE4zTmhQSkMwaDhCOWVvQWdkVlZVSWVQS1JjNFNHaEI2NHhPZ3B2NXJWMEpxYjhsYnY0ST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 456384
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3BA0
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0U...
https://mug.criteo.com/sid?cpp=sB-Tt3xNem5OUmhWNU5PazlwZW1xaTJ4V1RaSklsRm13OXRmdmlubjBpM1ZYOTZ2VjVOS1JNanpmdnF2YnFCK2pzOXdVU2QwN3NGSTF4Q1NLd1ZqV1BINkc0R295ZnBOVzlvWjBkc1daWWFUU1Y1MlZ5d2E3M21kbmNOVE...

425 B
648 B

17ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=sB-Tt3xNem5OUmhWNU5PazlwZW1xaTJ4V1RaSklsRm13OXRmdmlubjBpM1ZYOTZ2VjVOS1JNanpmdnF2YnFCK2pzOXdVU2QwN3NGSTF4Q1NLd1ZqV1BINkc0R295ZnBOVzlvWjBkc1daWWFUU1Y1MlZ5d2E3M21kbmNOVEJvTVNBcDlEQnppQW5kdEJXWE1qNW1yWHFxdmFlWWZleWZaWjhEckg3RHI0bkFhYi9Ld3BFMnF1QVJ0ZkpyNTJna3JMN00rYU1SOWJES3R5SERYUVd0eXlIYlhTb2xWRFRvZlErTjJxRkV2d2F6bFBabHZwSHpvdHJ4WVdWMzRHZkFIRHVNUml5NWF1eFBNZkVCVnpJQUF2YWFYT296ZjNwQzdyK2ZsUjhRcG15b004MzhCUT18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fb64750d41658ebca9a30dbd0605bf86c0c77e3fbd67a6582b5d7cada9bac685

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1504109
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=sB-Tt3xNem5OUmhWNU5PazlwZW1xaTJ4V1RaSklsRm13OXRmdmlubjBpM1ZYOTZ2VjVOS1JNanpmdnF2YnFCK2pzOXdVU2QwN3NGSTF4Q1NLd1ZqV1BINkc0R295ZnBOVzlvWjBkc1daWWFUU1Y1MlZ5d2E3M21kbmNOVEJvTVNBcDlEQnppQW5kdEJXWE1qNW1yWHFxdmFlWWZleWZaWjhEckg3RHI0bkFhYi9Ld3BFMnF1QVJ0ZkpyNTJna3JMN00rYU1SOWJES3R5SERYUVd0eXlIYlhTb2xWRFRvZlErTjJxRkV2d2F6bFBabHZwSHpvdHJ4WVdWMzRHZkFIRHVNUml5NWF1eFBNZkVCVnpJQUF2YWFYT296ZjNwQzdyK2ZsUjhRcG15b004MzhCUT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 776482
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3BB6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DQN2-V9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV0RZODhReXlISDMzbFUwVUhTTVlDM1RtaUI0U...
https://mug.criteo.com/sid?cpp=1V6_uXxGRmtmbWVyN3c4YTVOazBpUmtJNXFEWlRlOVcrSkFEM0ZSMjRFbVhMMUhvQ2FIZ3JScWsrNnNoT053RHZUOGtaM1pDOGpEMDlvaEd1b0VuTTVzSnVmeUZiNlRPUG9UeHNLeFRjT0xhUmc2bjVtU0NjUkpZaGl3UG...

441 B
657 B

19ms
16ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=1V6_uXxGRmtmbWVyN3c4YTVOazBpUmtJNXFEWlRlOVcrSkFEM0ZSMjRFbVhMMUhvQ2FIZ3JScWsrNnNoT053RHZUOGtaM1pDOGpEMDlvaEd1b0VuTTVzSnVmeUZiNlRPUG9UeHNLeFRjT0xhUmc2bjVtU0NjUkpZaGl3UGNGaVROdnlsNzVOUlFDZkoxMkFYZExUWVBKSHhiZSsvcm50ZWhyTGxNZzhZLzRuenFYWUNxanlMWmY5QWdMcmJnUktzbFRWVWlrWldCMEd5TDZMYzJqS2d6WWVpUDUrVXUxWDh5WjRyNWtpWWVrSDhsZlpscFkxcWRaOHRuZzU4dnFiRFhkaXZMMlB3eC9Zb3BlUW9mNFNMWkUrdklWKzRodXN2NDgvcEtBWG92cmp5RVRZcz18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7e0c6bc1cb62ee838e01d576bcd3bbffc80546c98e3c3281b57a4f86b74b1062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1966565
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=1V6_uXxGRmtmbWVyN3c4YTVOazBpUmtJNXFEWlRlOVcrSkFEM0ZSMjRFbVhMMUhvQ2FIZ3JScWsrNnNoT053RHZUOGtaM1pDOGpEMDlvaEd1b0VuTTVzSnVmeUZiNlRPUG9UeHNLeFRjT0xhUmc2bjVtU0NjUkpZaGl3UGNGaVROdnlsNzVOUlFDZkoxMkFYZExUWVBKSHhiZSsvcm50ZWhyTGxNZzhZLzRuenFYWUNxanlMWmY5QWdMcmJnUktzbFRWVWlrWldCMEd5TDZMYzJqS2d6WWVpUDUrVXUxWDh5WjRyNWtpWWVrSDhsZlpscFkxcWRaOHRuZzU4dnFiRFhkaXZMMlB3eC9Zb3BlUW9mNFNMWkUrdklWKzRodXN2NDgvcEtBWG92cmp5RVRZcz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 706158
content-length: 0
expires: 0

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 1DB9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5fXA4Ycaq61IQ4SLlsT7QAABI0AAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDOa_FvZ3qI6Obxzac_ebqE&google_cver=1

43 B
847 B

20ms
20ms

Image
image/gif

104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDOa_FvZ3qI6Obxzac_ebqE&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIlJophZ3SDGfYsUWBiQ%2BC1%2BSKPDK9Eb%2BA8xEx23zec0qpprKBtnJNdSstMegHwg8ui2jWW9MwwowsnSqIxIW49ngTQIRzgLnaGN3rqp3z6T9gdxzj33mxYDBVzLLEvOV%2F%2Fkf0RV%2BNCKWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 778af778ce8b9152-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEDOa_FvZ3qI6Obxzac_ebqE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1DB9 70 B
264 B 34ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 1DB9 43 B
855 B 119ms
116ms Image
image/gif 52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5fXA4Ycaq61IQ4SLlsT7QAABI0AAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:03 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RE1HYZ93M90019CJNM82
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1DB9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5fXA4Ycaq61IQ4SLlsT7QAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKGZK1aHOZjSicjS7ikyGqQ&google_cver=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKGZK1aHOZjSicjS7ikyGqQ&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEKGZK1aHOZjSicjS7ikyGqQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1DB9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=29
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8059699510355671993&expiration=1672104964

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8059699510355671993&expiration=1672104964
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8059699510355671993&expiration=1672104964
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1DB9
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=5B1C36C64D1F4B9683777DBDC544E630

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=5B1C36C64D1F4B9683777DBDC544E630
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=5B1C36C64D1F4B9683777DBDC544E630
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 12 Dec 2022 01:36:03 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 1DB9
Redirect Chain

https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=3b227e51-1ff8-4589-a9d6-65a457c0b188

43 B
766 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=3b227e51-1ff8-4589-a9d6-65a457c0b188
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=3b227e51-1ff8-4589-a9d6-65a457c0b188
date: Tue, 13 Dec 2022 01:36:04 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
content-type: text/html; charset=utf-8

GET
H2 200 Y5fXA4Ycaq61IQ4SLlsT7QAABI0AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1DB9 43 B
601 B 34ms
32ms Image
image/gif 2a05:d018:d29:3602:bab2:eed8:8214:ca90

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Y5fXA4Ycaq61IQ4SLlsT7QAABI0AAAAB?gdpr_consent=&us_privacy=&gdpr=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:bab2:eed8:8214:ca90 Dublin, Ireland, ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 1DB9 43 B
353 B 74ms
19ms Image
image/gif 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y5fXA4Ycaq61IQ4SLlsT7QAA%261165
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:03 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 11024
etag: "902a3d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 778af778dae99195-FRA
content-length: 43
expires: Wed, 14 Dec 2022 01:36:03 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 0430 88 KB
29 KB 16ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:03 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 4212 88 KB
29 KB 19ms
19ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:03 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame ADE7 88 KB
29 KB 16ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:03 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 9478 88 KB
29 KB 16ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:03 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame C84F 88 KB
29 KB 19ms
17ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5168 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGzPRANeXY6KiNOO4x_APyfmmsA8AAAAAOAHgBAI&bg=!LC-lL2vNAAYgquz3AKo7ACkAdvg8WkhV302j1uE1WAm_BSdfHIxgv-CU60lIzX_JZGwejPFvl0xSeQIAAAXZUgAAAAVoAQeZA0OFzbyew30W2bH4_OleAX2jf1qSrUh9BAU0C3rPw4P_ftQUzHFYJwPLOkbKQpbCiIkHLPXOUn8wgO2uNElAGrSP_XstI3psI-VZLFOQoE5VQ5ImlGpDfFLrsiCFr-ZGdpaB3VKUXzOaAkNNo4Yd9oJiQgc87qfrrCT-KaOtWVjkfJbMDvfT-GV6073YI13QskeN5UDgAWn5xsspjJDXAKo_lVguFmssyN1vw2zY-Tibv33EiZCBwu1YsoEszRnIpk_zZmBOoEde15LrssMtixB_WKAgzOB97HIqQacmbp_UrQEZ1FEKE_vNFWn3Y1GS27ZWcVHEQegcy3uV9KuPTxE2r15rHRw1VZSFKKYpYSEI8wq7wkiHmMrvo1tGGEKDpfm4o6LGQRCJet2i9uuNM-tneZA3HqELf8GzKL2skoCwK2gZXk2NgKbn81cFqRkX_1aPEWyf5emz4pjpQFkZeqqeu7ix4XAjQejKuwyQcYusQCCaqlKnlAgFqGIoBypbrRHUulrcQ14YuDFQ7B5JWNvbBJlO3GTfvkvYX62T1vzsyLcGJgfpalvKuEw0Q1_O0z4PV7rZMH1j6TCDOf3NqUoFFUdP8cHlhm2HdixU9woH1JIY3B-obqUs_GX06QDw02n08KCNOSx9jTDxEUfHhRRav6SEYNzAP7J9nRIBccnIoR4JlNnjm60_OQ4u2fqUISVn6Dppi0n2JzmUZH25ZYPjbTWKKi9X4fiOhwvNGbPSsjKYjGjyqk8dtNklXxRNPnDccmcyzJagfCMmpMLtnYUSVH48RZ6DoaR7Ljv37gAs1vsK9qkYmSgynm-3VO8775SG-kt82A8BiCM_wU0T7YCXQc4BgDrbLNYz6Lt8wU1J2PbVFeW1SP_IXuMefIRBHijBQHnqIjTK0K0IAsI_WNPTdcn5nViCJ5h1rIx7k9oEIfQBtznDM0pZ0U1GOs6gRb9orx4Ujy2KUqSQLdmz_2gpt9bvqPIpFVH4eXYBIrPv5YovVkqWcd-IdF9TEytz09XCCvOihGf5HJyXklQLUpKRYD3Z6l1gl2ow0Db4fxdD-ddfogdQUuCByxtbw1tgOWDKLkvL-IVYpgmbtXOL2D5JzZ9I

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 71A2 88 KB
29 KB 16ms
16ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:03 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 95B9 88 KB
29 KB 18ms
18ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:03 GMT

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame B8D1 88 KB
29 KB 20ms
20ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:03 GMT

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 29ms
29ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895363710&oz_l=287&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:36:03 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 publishertag.prebid.130.js Show response
static.criteo.net/js/ld/ Frame 0B8D 88 KB
29 KB 18ms
18ms Script
text/javascript 2a02:2638::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.130.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid7.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 14 Dec 2022 01:36:03 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 973F 0
20 B 75ms
73ms Image
image/gif 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9HrtANeXY7WhMa-yx_APgpu60A0AAAAAOAHgBAI&bg=!9Pel97PNAAYgquz3AKo7ACkAdvg8WjfKrLOZbQjMUM1NA7ie4ZTfPMbAsYBFg00lREIBoeZL8nIzwAIAAAakUgAAAAloAQeZA3CnYc9XzSpCM6htsuS9nLkgn-HrGTNe1KLZ_fpVIR1pkaN8HXLtYBdCtDnhX0FBP1HjUnra_UA7uN8kbkQ71Qt7dItRlG-EDhUcaU5c-6Fp8WBIQWqF5PpgUvz-WYOLvuLOkW7B3t3hJdokNp0Im61UBSJbrfey6NPK4IEwsYJMd2wcB5f71vGsmfCqH-2eTV4qmDqRjf7sROJ-Xva5gg1zSr3fdjX2M4Jwxv2r1vE3HYjgip7Lm9nUdeHX-1D7AkgqM1050uoTrzOsXVCOU47BWxzoC_kyhNb4SCqEPXls8vMET41GWQpLiZVWx2nqBJW5vRkeYbh25REoW2ouBnGOK_Brk8foBkrqcX8b9f7lE3RoOfM0HoJFWb_a-mmzvphB14oN0VycH-S1Do9tKvl42CUPj2o6alo5Al02GIeK46gj7a8xXMK2fh9qjHWXKIJjK54KEwN5AXMjKI2Nc5oSIxkX5L-2OI6p0Niq_lqJQcSynekarWmKuhSghBRXprmRBVF6mgkqHTVG5IUJeXhuVpJQyEsd2oOd-Z1XKtDhfWE2n8NPCGtmFNI7LI8VgctyMwe_uLj4NNIx5XS1ogTdgMAsWA7ZS2BKZxvnJ4nTNMWYBuRUwdYNb0mTbJKtRVnh8IN-w4UvYeHiT-7v9xQtnDCUNiV472KVjpzwC0WGC9X3YoRZ0XrA1elUCtpNOOb95ySL91Brzm9mFnOGrehh_12q_BWagRrWkQSgxEiuRRMp_Co9Q-l_BDTy4L_dhhT4lUGW--1lsF-IVsITFdAcvwyEqDL3_uYyy05Aho2nsmYOHwABKhQAl1tHTr1ShzGM7sobUgSJ5yNzg4dpXwkg5oknchu6Ti7X-uBTQSlYb-J-mlQSWA8IMK7gEpfN-BhFTsmeKeKdpJ7SbDK_HKGuZpWOg3yZWWdZyRkEG_M4N9o0uTbDtR2rsA65LhS0AsR9hi6dXSymo1igv9c9PRzujFMK6KlnglNvA1RM8xSntAGWnkVA3ymZsf_wiU80TTogS-zfqDacKL3vZyp-tE1Qnp10y-BNVvGST8zGXPeuamJ4kbJPr3yDNMKBrIWKVdECUk_B9uElGOOfyj5hMYM5ETu4L999VuVs3yWfZdOtWRX8oE8Y5sTRUz0nQYchJDnCDOd_Oo8AtFG5aZuJNkY7

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7B16 15 KB
6 KB 18ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 821058
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A19F 15 KB
6 KB 18ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 804547
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 31FF 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 1289429
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C361 15 KB
6 KB 19ms
18ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 1201831
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1

200
OK

setuid
ib.adnxs.com/prebid/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D?gdpr=&gdpr_consent=&us_privacy=
https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=214d1d33-2082-45c3-a55b-0a34460818d7

43 B
1 KB

32ms
31ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=214d1d33-2082-45c3-a55b-0a34460818d7

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:04 GMT
AN-X-Request-Uuid: 028c07f2-6d87-4c5c-8749-8bec562cd2e1
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/prebid/setuid?bidder=grid&gdpr=&gdpr_consent=&f=i&uid=214d1d33-2082-45c3-a55b-0a34460818d7
date: Tue, 13 Dec 2022 01:36:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A4AE 15 KB
6 KB 18ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 1597827
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 96CA 15 KB
6 KB 18ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 1291725
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 371C 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 1334230
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EFB7 15 KB
6 KB 18ms
18ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 1417213
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 629E 15 KB
6 KB 19ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 1273262
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9CDE 15 KB
6 KB 18ms
16ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 1205802
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EB77 15 KB
6 KB 18ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 1718915
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7B16
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=VVm7m19mQ0FEYk1GJTJCV21qRlpMdHBUZFRPa1M5NXYlMkJCcW1Ha2dkOGxtS0huYVhJQlpTa...
https://mug.criteo.com/sid?cpp=_QeKXnxOZEJkRml1dHNBRS9Iai9iQmx4NWoxYUZVcE1aR2FqL01wUVM0a0RpU2xBU0krZmczZ0Q2ZU0yNDlDWkZGaUt6ekUxanJPNUFuZHBGbmc0MGxmVlJ1QjQzeTNyM0w4SEIwYTc0QmI4WUZsQ0k4VVF1NzhsQ3NUcE...

430 B
653 B

16ms
16ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_QeKXnxOZEJkRml1dHNBRS9Iai9iQmx4NWoxYUZVcE1aR2FqL01wUVM0a0RpU2xBU0krZmczZ0Q2ZU0yNDlDWkZGaUt6ekUxanJPNUFuZHBGbmc0MGxmVlJ1QjQzeTNyM0w4SEIwYTc0QmI4WUZsQ0k4VVF1NzhsQ3NUcE4zdW1GWkwxdngvKzZlR1pDZ2EzRmpDUjJnbFIrb0doWTZxNmRxTS9IZ2YvYWc3TWhINDFLVFdReElpZW0zeXN0dGRvTzU5ZUFSNFdxWFlOV1VKSVZWMko0V0lFMjNFM2VjS3JqdXpycEdpMjlZcDc3Z3R4NWRxU2xKUFZtSzVEeFhKakRKRUFnVno1Q1g4S2dYQW4vamp4Q09KZVlLaENlK3VNMis4RmdEZ1lYRFBxVDhNbz18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1091deb884e52c0c1c2a843d156516f64e6e04c182c5d6c657c70edf26914b3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1237027
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=_QeKXnxOZEJkRml1dHNBRS9Iai9iQmx4NWoxYUZVcE1aR2FqL01wUVM0a0RpU2xBU0krZmczZ0Q2ZU0yNDlDWkZGaUt6ekUxanJPNUFuZHBGbmc0MGxmVlJ1QjQzeTNyM0w4SEIwYTc0QmI4WUZsQ0k4VVF1NzhsQ3NUcE4zdW1GWkwxdngvKzZlR1pDZ2EzRmpDUjJnbFIrb0doWTZxNmRxTS9IZ2YvYWc3TWhINDFLVFdReElpZW0zeXN0dGRvTzU5ZUFSNFdxWFlOV1VKSVZWMko0V0lFMjNFM2VjS3JqdXpycEdpMjlZcDc3Z3R4NWRxU2xKUFZtSzVEeFhKakRKRUFnVno1Q1g4S2dYQW4vamp4Q09KZVlLaENlK3VNMis4RmdEZ1lYRFBxVDhNbz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 661757
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 70C7 15 KB
6 KB 17ms
16ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 1111260
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C120 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 1322660
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A68B 15 KB
6 KB 20ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 681897
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame A19F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=VVm7m19mQ0FEYk1GJTJCV21qRlpMdHBUZFRPa1M5NXYlMkJCcW1Ha2dkOGxtS0huYVhJQlpTa...
https://mug.criteo.com/sid?cpp=EbkfJXxJbStaaG1ZYk45OFJNTkUvdTRIYlh2WUlUWVduYUFJSXJwQTRtSVpoQVdvZ3lNUThDbm5kRTUxYU5WRnRIZS92UUtCUXJYa3VvSzNzaWJ0cVMrYTRQOG5LZ2VyaVlVaHdIbXdWT1ZmTEJrWm85ZlVSR3FnUG0xaH...

428 B
654 B

20ms
20ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=EbkfJXxJbStaaG1ZYk45OFJNTkUvdTRIYlh2WUlUWVduYUFJSXJwQTRtSVpoQVdvZ3lNUThDbm5kRTUxYU5WRnRIZS92UUtCUXJYa3VvSzNzaWJ0cVMrYTRQOG5LZ2VyaVlVaHdIbXdWT1ZmTEJrWm85ZlVSR3FnUG0xaHRseDNYZjFZNER5SWEzelEzQjJvQ0gveEpGVjVoTW9Cb0VwVGViV3pOOUlHVEkyZkxGeW94LzY1THZkR0tIU2lmVGR4Mm1PM2szSlhVOURNRDhhcGZsejRpQlBjazZrSkJSdWViSThuM1hFZmRNMnd6cWY3c0ZxeXQ2b0VTQ2E4K1pWT0ZrQ2JkVGl1a0ZhelNoN2lHdUd1VzN0Qjd0end1c3gwZjEvV1lxMFNNbjFIQnJJQT18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7b5a6603ffbaa3e824e4bd9733b36162dd6d6da12399390f2fdd9604aad930f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1409478
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=EbkfJXxJbStaaG1ZYk45OFJNTkUvdTRIYlh2WUlUWVduYUFJSXJwQTRtSVpoQVdvZ3lNUThDbm5kRTUxYU5WRnRIZS92UUtCUXJYa3VvSzNzaWJ0cVMrYTRQOG5LZ2VyaVlVaHdIbXdWT1ZmTEJrWm85ZlVSR3FnUG0xaHRseDNYZjFZNER5SWEzelEzQjJvQ0gveEpGVjVoTW9Cb0VwVGViV3pOOUlHVEkyZkxGeW94LzY1THZkR0tIU2lmVGR4Mm1PM2szSlhVOURNRDhhcGZsejRpQlBjazZrSkJSdWViSThuM1hFZmRNMnd6cWY3c0ZxeXQ2b0VTQ2E4K1pWT0ZrQ2JkVGl1a0ZhelNoN2lHdUd1VzN0Qjd0end1c3gwZjEvV1lxMFNNbjFIQnJJQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 526084
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 31FF
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=-YMyn19mQ0FEYk1GJTJCV21qRlpMdHBUZFRPa1YxYjhkOWh4bUhmSFUyZkpkQ3kzZGFmYzdXT...
https://mug.criteo.com/sid?cpp=o_hBF3xMdVRlbE5LakUxdWlqTzVHcGl6bnBzZUZOM2xnUDloa09TMkJKeFlDQ2llVWtJZlY5VWpFRXUrSUZMTnVwYis1Q1hFdE9paHJ5d0dyOXZvbWNBb1h0R0NYRkdvSEhaWGxpT3lERFI4R01mbkFuUU11V2FsMW9TRm...

436 B
675 B

17ms
16ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=o_hBF3xMdVRlbE5LakUxdWlqTzVHcGl6bnBzZUZOM2xnUDloa09TMkJKeFlDQ2llVWtJZlY5VWpFRXUrSUZMTnVwYis1Q1hFdE9paHJ5d0dyOXZvbWNBb1h0R0NYRkdvSEhaWGxpT3lERFI4R01mbkFuUU11V2FsMW9TRmlXdTNCRWY0dHQzc0lVMFROUGhMd3ptd25uOFJXNHd2T1hTY3ZPZENVdy92ejh6QW9VZXUydUV6VUprSjN2TW5qTmtXayttbVA2V1JUSkFXTU5TUzhuekx5MU1UZHgrVm9aVmRaaTNaOFNuQzVHckJwMVNjaUkxQ2ZmTGdnZEk5MFRKcUdUR2ZWNDNIMEFJcE5GOWdEVXJ6Y3dUSkxub1VBN2xiN2w0NDRCQ3RzN1NPMmUwbz18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e0a6bde61a097053c49791ec3469f36cdb9cc52b371794b165c7d0156ca446d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1796708
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=o_hBF3xMdVRlbE5LakUxdWlqTzVHcGl6bnBzZUZOM2xnUDloa09TMkJKeFlDQ2llVWtJZlY5VWpFRXUrSUZMTnVwYis1Q1hFdE9paHJ5d0dyOXZvbWNBb1h0R0NYRkdvSEhaWGxpT3lERFI4R01mbkFuUU11V2FsMW9TRmlXdTNCRWY0dHQzc0lVMFROUGhMd3ptd25uOFJXNHd2T1hTY3ZPZENVdy92ejh6QW9VZXUydUV6VUprSjN2TW5qTmtXayttbVA2V1JUSkFXTU5TUzhuekx5MU1UZHgrVm9aVmRaaTNaOFNuQzVHckJwMVNjaUkxQ2ZmTGdnZEk5MFRKcUdUR2ZWNDNIMEFJcE5GOWdEVXJ6Y3dUSkxub1VBN2xiN2w0NDRCQ3RzN1NPMmUwbz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 709948
content-length: 0
expires: 0

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 29ms
29ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895364073&oz_l=55&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:36:03 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame C361
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=-YMyn19mQ0FEYk1GJTJCV21qRlpMdHBUZFRPa1YxYjhkOWh4bUhmSFUyZkpkQ3kzZGFmYzdXT...
https://mug.criteo.com/sid?cpp=FGwauXw1eURZNkg3NEJJRkpzdTcwWSttQTRmSXNYOXMyYjBxSzc3UWpCOU9rUkcxeEpjTEdlVWs2bjUrOVFqcjBTbXBMRFl5Ly9SYmtFWE84c3hmd0I2UkpDYmttR1RUMGxZTFpSdS94emdFV2ZrWEptV25VbGh6YlJUNm...

446 B
676 B

17ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=FGwauXw1eURZNkg3NEJJRkpzdTcwWSttQTRmSXNYOXMyYjBxSzc3UWpCOU9rUkcxeEpjTEdlVWs2bjUrOVFqcjBTbXBMRFl5Ly9SYmtFWE84c3hmd0I2UkpDYmttR1RUMGxZTFpSdS94emdFV2ZrWEptV25VbGh6YlJUNm55clAyN2tnYXZXaGlVS1QxNi9VOENyaUJLZzYvTjNnL204aENEbnphanVKeVhZMkpFV05ZdFRwY1pVSnlhYm1IVGZ2MVQyeUZiUUQwSHRJNFp4c3VVSlV1SVd4VE1YMy9lUFY3RTZRdTZYVE1XTHdRZzRMYm1nci9wYVpnazBudW1PdWovOUdBb1lPc2tPWFY3bEdBTjZSMG5HQmUxTjMyOWptQ1p3bG1raEtjZWs5RVpXYz18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0130bd6e32a454ade15a6657b94bc4eeca806083037da9435db956705907e77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1706620
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=FGwauXw1eURZNkg3NEJJRkpzdTcwWSttQTRmSXNYOXMyYjBxSzc3UWpCOU9rUkcxeEpjTEdlVWs2bjUrOVFqcjBTbXBMRFl5Ly9SYmtFWE84c3hmd0I2UkpDYmttR1RUMGxZTFpSdS94emdFV2ZrWEptV25VbGh6YlJUNm55clAyN2tnYXZXaGlVS1QxNi9VOENyaUJLZzYvTjNnL204aENEbnphanVKeVhZMkpFV05ZdFRwY1pVSnlhYm1IVGZ2MVQyeUZiUUQwSHRJNFp4c3VVSlV1SVd4VE1YMy9lUFY3RTZRdTZYVE1XTHdRZzRMYm1nci9wYVpnazBudW1PdWovOUdBb1lPc2tPWFY3bEdBTjZSMG5HQmUxTjMyOWptQ1p3bG1raEtjZWs5RVpXYz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 707919
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame A4AE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=39PUOF9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV05kdUxuaXFTREU4emNNUTNjM3FzMDl6WE5qT...
https://mug.criteo.com/sid?cpp=mcsbGnxDS1pqTTZIRzZHWUNPN2t0bERWeVVaN3N1c0VJVDUycDBFNVVpWDc2QW1OMlJyWmJSRGN1eXcrdVJ5WmJva2prQUxlVk44eGtpKzc5K1BrdHd6eTJiQzd3aDFSYnZRamtUcFRlMWZOUllmRGdCelllZ2FNQ2oxMm...

433 B
670 B

22ms
22ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=mcsbGnxDS1pqTTZIRzZHWUNPN2t0bERWeVVaN3N1c0VJVDUycDBFNVVpWDc2QW1OMlJyWmJSRGN1eXcrdVJ5WmJva2prQUxlVk44eGtpKzc5K1BrdHd6eTJiQzd3aDFSYnZRamtUcFRlMWZOUllmRGdCelllZ2FNQ2oxMmdheXhaU2FUb3F6OUp4Qk5sMy9KTmNFU1B2RzNIZmtuL0RYVFpJMi9oQjlEOWJmeis3a1I2UkMyVisxZmduTW80RDVxQTRTMlRmdG52ZExVWm0vMlVMN1hKbmF6dFpuVlBrQ1luVGJqNFNxWlc4eGJFU0JzVlZ3R0FEYW5GL1BzZkZnQm8rU2Fid2ZwM0piYnBTVDhNUHBnbmFlV1czNjBRbjUwOFNUZDB5NE1YTjJQOTNKVT18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c2b957dec9b4140f0e30a3da534686fd2f611bbe2e56b13df5a06704dc68e387

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 7151255
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=mcsbGnxDS1pqTTZIRzZHWUNPN2t0bERWeVVaN3N1c0VJVDUycDBFNVVpWDc2QW1OMlJyWmJSRGN1eXcrdVJ5WmJva2prQUxlVk44eGtpKzc5K1BrdHd6eTJiQzd3aDFSYnZRamtUcFRlMWZOUllmRGdCelllZ2FNQ2oxMmdheXhaU2FUb3F6OUp4Qk5sMy9KTmNFU1B2RzNIZmtuL0RYVFpJMi9oQjlEOWJmeis3a1I2UkMyVisxZmduTW80RDVxQTRTMlRmdG52ZExVWm0vMlVMN1hKbmF6dFpuVlBrQ1luVGJqNFNxWlc4eGJFU0JzVlZ3R0FEYW5GL1BzZkZnQm8rU2Fid2ZwM0piYnBTVDhNUHBnbmFlV1czNjBRbjUwOFNUZDB5NE1YTjJQOTNKVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 494423
content-length: 0
expires: 0

POST
H2 200 /
track.adform.net/serving/unload/ Frame 3455 35 B
468 B 21ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@59973788,3932380047901735253,100|4480|0|0|0|0|0|0|0||175|1|||||1|0|0|Ebsdc2yzq66oMC9hkrxj6WYZlJRRj5rL2kBJRYARrKsmtWhzIniYJJ3PsErbyimS2kBJRYARrKto4kOyoBiwbg2|d1Lp7PzCglF42u1ywTJ-2lrE5z_TqIuLhMXjfvPR-5DT_Xu5LeVuf7EkOMSwEW3PscLnfLql09UNU04UiohQU3Zr4kbBOP_qk6uZHsZLLLoxHA33UP0PH2mnAbalgP-j8j9zlpS2mQZuKM90GWTYi8Y_Zsa4g9hCnzYymPlhv7zTmUy7WOFjysfMEX5By_Xskui0bMBUl7Eykz4k76ChXwO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 7711 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@56680285,8706680886045050883,100|4755|0|0|0|0|0|0|0||186|1|||||1|0|0|nxE18LZgeuni5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2

200

sid Show response
mug.criteo.com/ Frame 96CA
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=o9yosV9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV1BiZzlXUGlaT0QlMkJxRDglMkIlMkJPa3hQJ...
https://mug.criteo.com/sid?cpp=fCHknXx1L09RT3FJd2xVK0tvOG0zblc1a3llRjBORzVkZUd2bGQzQ3VrSGxpaGxualBONHZaWDhJamszNzE2cG1kQytHSXpBOEJqR3hkTEVDeTU1Y3BEaGpKczVYQlBuYjdrS1lCajlKbU5wNmVlUVVSdzMrNjZZV01uVE...

422 B
650 B

19ms
16ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=fCHknXx1L09RT3FJd2xVK0tvOG0zblc1a3llRjBORzVkZUd2bGQzQ3VrSGxpaGxualBONHZaWDhJamszNzE2cG1kQytHSXpBOEJqR3hkTEVDeTU1Y3BEaGpKczVYQlBuYjdrS1lCajlKbU5wNmVlUVVSdzMrNjZZV01uVEliWWFrWERPb05YcVZSbmdFTy96bTF6ODVoMXdXOCtMZ1h0NEZSbTdFWFQ3bml2aDlBaVV4VjhBd1dINFFPWXNrTkh1NnpYcThjem9qQzVmY3oyZXRvRnFTYkllTEVWck1hV1Q0Y2VGOXhndWRMOHc0M2FNZXlMUTN5YmU5OTJqa3NoREd2QW56NGV5WTNHc3Nsd0psVHJ2azRraERnWnVTK0ZNU1ZxQldVUmxVTEYwNlN1cz18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4f57059f07cc21689e799a8999f9d49284610033578b3dc70f0ccde9502ec6fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1732965
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=fCHknXx1L09RT3FJd2xVK0tvOG0zblc1a3llRjBORzVkZUd2bGQzQ3VrSGxpaGxualBONHZaWDhJamszNzE2cG1kQytHSXpBOEJqR3hkTEVDeTU1Y3BEaGpKczVYQlBuYjdrS1lCajlKbU5wNmVlUVVSdzMrNjZZV01uVEliWWFrWERPb05YcVZSbmdFTy96bTF6ODVoMXdXOCtMZ1h0NEZSbTdFWFQ3bml2aDlBaVV4VjhBd1dINFFPWXNrTkh1NnpYcThjem9qQzVmY3oyZXRvRnFTYkllTEVWck1hV1Q0Y2VGOXhndWRMOHc0M2FNZXlMUTN5YmU5OTJqa3NoREd2QW56NGV5WTNHc3Nsd0psVHJ2azRraERnWnVTK0ZNU1ZxQldVUmxVTEYwNlN1cz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 531166
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 371C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=o9yosV9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV1BiZzlXUGlaT0QlMkJxRDglMkIlMkJPa3hQJ...
https://mug.criteo.com/sid?cpp=o5whbnx1OEhZVHBFcXhKSHBtUjM4SlZ3L1VUc29SYmhiWXJPQ1dMdlpnay8xUjdGdXhXb0FZelNNaTlUclpkOEtiWUZYbG1zRm9JUE9nUG9qZDhrOWt0M1NkY1ZhU0xZZUJ0UXF3UUJFdVdnMjRhNFBESlpEdnh6cVFDSm...

436 B
673 B

18ms
16ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=o5whbnx1OEhZVHBFcXhKSHBtUjM4SlZ3L1VUc29SYmhiWXJPQ1dMdlpnay8xUjdGdXhXb0FZelNNaTlUclpkOEtiWUZYbG1zRm9JUE9nUG9qZDhrOWt0M1NkY1ZhU0xZZUJ0UXF3UUJFdVdnMjRhNFBESlpEdnh6cVFDSmI2WWxUUGNKeVhXQmFJQ2lRSzNNUzNUajFsbEpkNk1qMTB3a1QrWStudzNYZzYybkJhVFJnanNHMzJyaEJaNXJOTlVySjZJSnRJYWpMamp6MjVqS0lCZ3R2NVE2R0xNcE96UG91US9QZ0s3djhNSDE5K1gwc1E5WkNEK1FHd3dITlVhZkhicUNXRGtxOUtYb2pZQkYxQndqNVRqcmo0UkJ6dkh0dlEvRVBIalNHT3NLYVlpcz18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8e5e9b52f8f5f05c60b4f167611af5c7a97b22c54bc3f78014fcf5174376047e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1716952
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=o5whbnx1OEhZVHBFcXhKSHBtUjM4SlZ3L1VUc29SYmhiWXJPQ1dMdlpnay8xUjdGdXhXb0FZelNNaTlUclpkOEtiWUZYbG1zRm9JUE9nUG9qZDhrOWt0M1NkY1ZhU0xZZUJ0UXF3UUJFdVdnMjRhNFBESlpEdnh6cVFDSmI2WWxUUGNKeVhXQmFJQ2lRSzNNUzNUajFsbEpkNk1qMTB3a1QrWStudzNYZzYybkJhVFJnanNHMzJyaEJaNXJOTlVySjZJSnRJYWpMamp6MjVqS0lCZ3R2NVE2R0xNcE96UG91US9QZ0s3djhNSDE5K1gwc1E5WkNEK1FHd3dITlVhZkhicUNXRGtxOUtYb2pZQkYxQndqNVRqcmo0UkJ6dkh0dlEvRVBIalNHT3NLYVlpcz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 504029
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame EFB7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=o9yosV9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV1BiZzlXUGlaT0QlMkJxRDglMkIlMkJPa3hQJ...
https://mug.criteo.com/sid?cpp=hkR1KnxqOU1pYTZ0NHRGN25KRlFtd1lXTjhpY2tZVmJKZEJNcEYrNWV2NVlJVTVpMk9DUkFKU09RWTB4SGpuMUZZMXJBM0dwSVBhQkhWeUZOMkVteHY3TFZNR1VLcWtIUVg4YkpGZUJRUkRVS0FDdk9BWDU3NklzTjNuaS...

452 B
660 B

18ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=hkR1KnxqOU1pYTZ0NHRGN25KRlFtd1lXTjhpY2tZVmJKZEJNcEYrNWV2NVlJVTVpMk9DUkFKU09RWTB4SGpuMUZZMXJBM0dwSVBhQkhWeUZOMkVteHY3TFZNR1VLcWtIUVg4YkpGZUJRUkRVS0FDdk9BWDU3NklzTjNuaS9RU0k4UnVSMWk4VDB6L0dXVFBFTDRYWHNURnBNZm5rRXJCcEpOOEx5TnVrRzZER0hvVm94aytDNGJ6Kysza3pxMWJIYXRqcktmTVNsZHNBdE9UYWRlQXlsVU5UcjAyS214V2dvYzRYYWlBaTI5cDEzbTZaa1IwSG5RZE1TaGJKaE1qSVN3aW9xRUhTN1l0cHBXSHloMUdrWjliWWNpY1NDaXoyY3VuTVBNeVpoclR6QmVPVT18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1d60bcfb7c8276a3ef7f7e782639651787dbde2a1f83184d87617af126d29582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1577244
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=hkR1KnxqOU1pYTZ0NHRGN25KRlFtd1lXTjhpY2tZVmJKZEJNcEYrNWV2NVlJVTVpMk9DUkFKU09RWTB4SGpuMUZZMXJBM0dwSVBhQkhWeUZOMkVteHY3TFZNR1VLcWtIUVg4YkpGZUJRUkRVS0FDdk9BWDU3NklzTjNuaS9RU0k4UnVSMWk4VDB6L0dXVFBFTDRYWHNURnBNZm5rRXJCcEpOOEx5TnVrRzZER0hvVm94aytDNGJ6Kysza3pxMWJIYXRqcktmTVNsZHNBdE9UYWRlQXlsVU5UcjAyS214V2dvYzRYYWlBaTI5cDEzbTZaa1IwSG5RZE1TaGJKaE1qSVN3aW9xRUhTN1l0cHBXSHloMUdrWjliWWNpY1NDaXoyY3VuTVBNeVpoclR6QmVPVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 574705
content-length: 0
expires: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/prebid/
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3...
https://ib.adnxs.com/prebid/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=0000EEA

43 B
2 KB

15ms
14ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=0000EEA

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:04 GMT
AN-X-Request-Uuid: bbc375dc-afe7-46c5-a46f-d27b3dc0abb5
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Tue, 13 Dec 2022 01:36:04 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://ib.adnxs.com/prebid/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Tue, 13 Dec 2022 01:36:04 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 629E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=o9yosV9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV1BiZzlXUGlaT0QlMkJxRDglMkIlMkJPa3hQJ...
https://mug.criteo.com/sid?cpp=6JKnPHwxMUlBK2Q2a0NocmV6bkpCcnh2VmR2M0NaRitWTTFMa3Y5WnUrdkJDa3JlOGtydXZnaHBTcGwxZ3QrNWJhRHdqOVlPWXljZnZGQXF4QnltWVc4elRMNHZlSHdQL05ZVWxiWmVoaDdvOFBnRHJ1MjdmNHBJa3NiMW...

441 B
673 B

17ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=6JKnPHwxMUlBK2Q2a0NocmV6bkpCcnh2VmR2M0NaRitWTTFMa3Y5WnUrdkJDa3JlOGtydXZnaHBTcGwxZ3QrNWJhRHdqOVlPWXljZnZGQXF4QnltWVc4elRMNHZlSHdQL05ZVWxiWmVoaDdvOFBnRHJ1MjdmNHBJa3NiMWxCcmNsTDdvZkMzMEFQTmxvcmJZTkJpYlRUUlAzMWNVa0FYUTJ0QXgwYmx0Z2lpa1JBdm1vV3A2bmtMa3AvQUkzcTM3cG8rUEJ5N2JVaGRXdzJQU3greXd6QXJpdThteG1lVDNWQWYvMzd3QVIyMjBiRDRTUWhIUmkwYUdaNS9Sd0NhRXc3aHltQlR1T3prUlN1bmV4elBKNWV4ZTQ3VDBibEhVaFFTNG9xVlFkOHhBYTdMND18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8407f63c485fe81d5c71804991b116ec78e119290333d3c9e13ecbfc2ac1a13f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1947954
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=6JKnPHwxMUlBK2Q2a0NocmV6bkpCcnh2VmR2M0NaRitWTTFMa3Y5WnUrdkJDa3JlOGtydXZnaHBTcGwxZ3QrNWJhRHdqOVlPWXljZnZGQXF4QnltWVc4elRMNHZlSHdQL05ZVWxiWmVoaDdvOFBnRHJ1MjdmNHBJa3NiMWxCcmNsTDdvZkMzMEFQTmxvcmJZTkJpYlRUUlAzMWNVa0FYUTJ0QXgwYmx0Z2lpa1JBdm1vV3A2bmtMa3AvQUkzcTM3cG8rUEJ5N2JVaGRXdzJQU3greXd6QXJpdThteG1lVDNWQWYvMzd3QVIyMjBiRDRTUWhIUmkwYUdaNS9Sd0NhRXc3aHltQlR1T3prUlN1bmV4elBKNWV4ZTQ3VDBibEhVaFFTNG9xVlFkOHhBYTdMND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 602455
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9CDE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=o9yosV9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV1BiZzlXUGlaT0QlMkJxRDglMkIlMkJPa3hQJ...
https://mug.criteo.com/sid?cpp=hD8ydnxDRFRYVFo0RS82TU5ibGV4cEpTMnM4eERUU20wMlhwalgycXJuMnVmanEvZEpGdEtJNDFmV3lKempieTRYQU9XcGdxZFlGYkhGRVJXVDdTdXY0YkRLek5ySUdHUmdvaXBqcm43U3d2SXRXbjZBaTFLbVlJMmdlWG...

430 B
668 B

19ms
16ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=hD8ydnxDRFRYVFo0RS82TU5ibGV4cEpTMnM4eERUU20wMlhwalgycXJuMnVmanEvZEpGdEtJNDFmV3lKempieTRYQU9XcGdxZFlGYkhGRVJXVDdTdXY0YkRLek5ySUdHUmdvaXBqcm43U3d2SXRXbjZBaTFLbVlJMmdlWGVDYlhGdnp4TkNjdnZqUlJpenJJRTd0aVdtcUpYanVKQmQ0UTdFTVFZa2lISUZSRGV3ZTU4YVlMaG8xYWJtSUd3WXhFL2tTNFI2UjAyZ2phcXY1UXpFdWVxSUtyRlJSS2s0T2JzZktuWklsZFVER3YrOVdtT3VJQy9vWjZidURSWEpEZkJxQXAwZHhXVUVEeGU2RldvL0VhbXBJUXZhb0FsYVdKNXJWYlhoL0l6bGp0dWxaVT18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a91c9e1d1e59f6e25f425c7c64f49a218865cd81816476caace0d7935ea2fc23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1542197
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=hD8ydnxDRFRYVFo0RS82TU5ibGV4cEpTMnM4eERUU20wMlhwalgycXJuMnVmanEvZEpGdEtJNDFmV3lKempieTRYQU9XcGdxZFlGYkhGRVJXVDdTdXY0YkRLek5ySUdHUmdvaXBqcm43U3d2SXRXbjZBaTFLbVlJMmdlWGVDYlhGdnp4TkNjdnZqUlJpenJJRTd0aVdtcUpYanVKQmQ0UTdFTVFZa2lISUZSRGV3ZTU4YVlMaG8xYWJtSUd3WXhFL2tTNFI2UjAyZ2phcXY1UXpFdWVxSUtyRlJSS2s0T2JzZktuWklsZFVER3YrOVdtT3VJQy9vWjZidURSWEpEZkJxQXAwZHhXVUVEeGU2RldvL0VhbXBJUXZhb0FsYVdKNXJWYlhoL0l6bGp0dWxaVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 599148
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame EB77
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=o9yosV9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV1BiZzlXUGlaT0QlMkJxRDglMkIlMkJPa3hQJ...
https://mug.criteo.com/sid?cpp=qDQkjHxucXhQV2J0ZGFuMmM4UStWUG00a1BRSjR3eEZPRC9BUER1TXg5V1pIbkRHOFI0UXJrdnNFeFV2VDFUM21UcitCK3JyM1ZZY0E3eFFnRFFrODI0TGYyN0kzVVhwZ2FhaEIyNTU2NUovNldsTTg2d3IzVktFQ3B0Ty...

433 B
667 B

19ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=qDQkjHxucXhQV2J0ZGFuMmM4UStWUG00a1BRSjR3eEZPRC9BUER1TXg5V1pIbkRHOFI0UXJrdnNFeFV2VDFUM21UcitCK3JyM1ZZY0E3eFFnRFFrODI0TGYyN0kzVVhwZ2FhaEIyNTU2NUovNldsTTg2d3IzVktFQ3B0Ty9pT3hCMlBIRnBSRFlwMzhoaW1QcUhwbzk1eE5OMC9zUVZ6eWpWSGNlelV6cElUSDlnemQ3aUtrRzdqaGlsS1NYSG9heWgxcmNkeG9JTitUcnZQeGV2SXFwcFJ2dWpnQ2ZTT2EyaEtZWXpTOG5OUlBzZTFZY1E4R1VqY2RKMFY1a1FaNlI0MkNFTExKcTkrdzJGSUttbWFsQ09IdldFZGY3bEJ2UXFCMnZxcnVEb1ZYa0pDbz18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d43e33aaceec56e77702be0c3cd61dba367633c79f5d4c63bebb72e44a5bdec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1867067
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=qDQkjHxucXhQV2J0ZGFuMmM4UStWUG00a1BRSjR3eEZPRC9BUER1TXg5V1pIbkRHOFI0UXJrdnNFeFV2VDFUM21UcitCK3JyM1ZZY0E3eFFnRFFrODI0TGYyN0kzVVhwZ2FhaEIyNTU2NUovNldsTTg2d3IzVktFQ3B0Ty9pT3hCMlBIRnBSRFlwMzhoaW1QcUhwbzk1eE5OMC9zUVZ6eWpWSGNlelV6cElUSDlnemQ3aUtrRzdqaGlsS1NYSG9heWgxcmNkeG9JTitUcnZQeGV2SXFwcFJ2dWpnQ2ZTT2EyaEtZWXpTOG5OUlBzZTFZY1E4R1VqY2RKMFY1a1FaNlI0MkNFTExKcTkrdzJGSUttbWFsQ09IdldFZGY3bEJ2UXFCMnZxcnVEb1ZYa0pDbz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 624562
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 70C7
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=o9yosV9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV1BiZzlXUGlaT0QlMkJxRDglMkIlMkJPa3hQJ...
https://mug.criteo.com/sid?cpp=eM7xgXwxSzhlVEtBNXVMSTFGbVVldHVtOXFieHdyMGVmWklRdVd1ZkVhaTFUd1JpN3dwTzgwVGRtZzh3QXpVVXBvZnZjaHREQUduOWJ2N25RRVFIR09rdi9XV1pmMXNUQWFDSVJwWUhPUnkxYll4akNVQ0hWR0tqNys4VH...

428 B
671 B

19ms
16ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=eM7xgXwxSzhlVEtBNXVMSTFGbVVldHVtOXFieHdyMGVmWklRdVd1ZkVhaTFUd1JpN3dwTzgwVGRtZzh3QXpVVXBvZnZjaHREQUduOWJ2N25RRVFIR09rdi9XV1pmMXNUQWFDSVJwWUhPUnkxYll4akNVQ0hWR0tqNys4VHB4YjRMU0NCN2hTZnZMRDBKMGxQcTJmemZsMWZhNyt4cHEwYjZDTTMybUpWT25QaTNabVBjMEtYendxUU5BeCtJQXQ1bHp3bXlHOUFoQjdBMFAvSXNtUnFkVjlUT3JRdmw2ZTlXM3ZSb015SWFVRkloNXd2YWRTaDBMUVF3Z2hETGdVd2xtZ1kwelRHTWhZMVRNSHpnSmdnQmVweEJqUWJ6dkk1RCs3UnRrTHFZd25xUGJDVT18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

69bd1ded42f3d6a4d4041a60587219e7e84d9a7ece233a320ec03d499c1dd889

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1538497
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=eM7xgXwxSzhlVEtBNXVMSTFGbVVldHVtOXFieHdyMGVmWklRdVd1ZkVhaTFUd1JpN3dwTzgwVGRtZzh3QXpVVXBvZnZjaHREQUduOWJ2N25RRVFIR09rdi9XV1pmMXNUQWFDSVJwWUhPUnkxYll4akNVQ0hWR0tqNys4VHB4YjRMU0NCN2hTZnZMRDBKMGxQcTJmemZsMWZhNyt4cHEwYjZDTTMybUpWT25QaTNabVBjMEtYendxUU5BeCtJQXQ1bHp3bXlHOUFoQjdBMFAvSXNtUnFkVjlUT3JRdmw2ZTlXM3ZSb015SWFVRkloNXd2YWRTaDBMUVF3Z2hETGdVd2xtZ1kwelRHTWhZMVRNSHpnSmdnQmVweEJqUWJ6dkk1RCs3UnRrTHFZd25xUGJDVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 649881
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame C120
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=o9yosV9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV1BiZzlXUGlaT0QlMkJxRDglMkIlMkJPa3hQJ...
https://mug.criteo.com/sid?cpp=w4Zw_3x3Nm40YnhhR3BGMDh5NkFjWXEzQXVQbEVUZys4WCtYd3ZJZEc1b041Q3pZVU8vbEorRWFrS0tCSEFqUzNtK0V0VWRxSXdLeERWWUc5akwzNDhPSVB3SEk0VkxUUmR6UzM2bmk4ZnczM1BBRktaT0pWS0w3RkJmT3...

430 B
651 B

19ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=w4Zw_3x3Nm40YnhhR3BGMDh5NkFjWXEzQXVQbEVUZys4WCtYd3ZJZEc1b041Q3pZVU8vbEorRWFrS0tCSEFqUzNtK0V0VWRxSXdLeERWWUc5akwzNDhPSVB3SEk0VkxUUmR6UzM2bmk4ZnczM1BBRktaT0pWS0w3RkJmT3ZCT2w0NXdsZmR6QWZDVndwR0ZzTzhZNnRMa1hiOW95TDFEOERhNUdkc2ZmNmJIcVgrT1V5aVdSTmZhNExiNFRQdTc3amtCUXBVMzNjYVNrVHdmeVpCc1FOSXFxa2hDbUVtNk5GdWcwbGh5MlVqQ0ZIaGgxSkZ0YmZaMnFUZ2g5ajBFOWtySVVHaXV5UTdkYVQ0SXEzQWtvd05NT2V4bkRqVXJGaWszUk9ETjB0ZS8zWVY3TT18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b7fc1da8a773effec02394edccec3724e9947c861ba0b8c96a71a2b9091b7fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1605473
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=w4Zw_3x3Nm40YnhhR3BGMDh5NkFjWXEzQXVQbEVUZys4WCtYd3ZJZEc1b041Q3pZVU8vbEorRWFrS0tCSEFqUzNtK0V0VWRxSXdLeERWWUc5akwzNDhPSVB3SEk0VkxUUmR6UzM2bmk4ZnczM1BBRktaT0pWS0w3RkJmT3ZCT2w0NXdsZmR6QWZDVndwR0ZzTzhZNnRMa1hiOW95TDFEOERhNUdkc2ZmNmJIcVgrT1V5aVdSTmZhNExiNFRQdTc3amtCUXBVMzNjYVNrVHdmeVpCc1FOSXFxa2hDbUVtNk5GdWcwbGh5MlVqQ0ZIaGgxSkZ0YmZaMnFUZ2g5ajBFOWtySVVHaXV5UTdkYVQ0SXEzQWtvd05NT2V4bkRqVXJGaWszUk9ETjB0ZS8zWVY3TT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 707862
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame A68B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=o9yosV9KZHdOMFJRcjhUdndEb2hFJTJGYVNLV1BiZzlXUGlaT0QlMkJxRDglMkIlMkJPa3hQJ...
https://mug.criteo.com/sid?cpp=5Z1phXx4OGk0Ni9XQ1hXSmRkMVpsWExsZVZIRWltWHFqMkRaOW9NQWJnZW5OZ1l2U1l2TDBvRmxJZjBvSW16VFlBVjBTNTlid3pRRGljb0EwUmZheFlWSGsrMWdoT3BlYlFnS0RONU5nV0NuaXdTMnhFZEZZQlFOeHBoVU...

443 B
668 B

20ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=5Z1phXx4OGk0Ni9XQ1hXSmRkMVpsWExsZVZIRWltWHFqMkRaOW9NQWJnZW5OZ1l2U1l2TDBvRmxJZjBvSW16VFlBVjBTNTlid3pRRGljb0EwUmZheFlWSGsrMWdoT3BlYlFnS0RONU5nV0NuaXdTMnhFZEZZQlFOeHBoVUtDYnRQTWNHTzJPdXlUOFFyUityV0dxcFBybEF0VElDVlZJKzdBdDdQMmlTODJJTEZvWGwzNVFxajM3NE9Ka3JySTU1WiswNlRkSThFakN5L3o0bjd3MithaGdiTHdjek9SS0VrU1JCWDFTb0dBWUczc1ZLeCtPUnhidnk3UG1DcjIwTDlQRXI5dGJWbUwrQjN0cjhnTnFXc3RyVEFWYTNDTDdIcDNNMlFBQXNBckszMm9IRT18&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7325177961c847c026060ce69ab67518ce9c487a3907937b28034c1005df9ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1831667
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=5Z1phXx4OGk0Ni9XQ1hXSmRkMVpsWExsZVZIRWltWHFqMkRaOW9NQWJnZW5OZ1l2U1l2TDBvRmxJZjBvSW16VFlBVjBTNTlid3pRRGljb0EwUmZheFlWSGsrMWdoT3BlYlFnS0RONU5nV0NuaXdTMnhFZEZZQlFOeHBoVUtDYnRQTWNHTzJPdXlUOFFyUityV0dxcFBybEF0VElDVlZJKzdBdDdQMmlTODJJTEZvWGwzNVFxajM3NE9Ka3JySTU1WiswNlRkSThFakN5L3o0bjd3MithaGdiTHdjek9SS0VrU1JCWDFTb0dBWUczc1ZLeCtPUnhidnk3UG1DcjIwTDlQRXI5dGJWbUwrQjN0cjhnTnFXc3RyVEFWYTNDTDdIcDNNMlFBQXNBckszMm9IRT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 539035
content-length: 0
expires: 0

POST
H2 200 /
track.adform.net/serving/unload/ Frame 69D1 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,8078172746382293596,100|4695|0|0|0|0|0|0|0||183|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvvriiJ5WWfThhpnBRkvb3lA7z_uuw_WOM1|X8t-36h9nYR42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-QqHFCVDKYQGwdS1gx69IWBPnaSym6moQzLK1bfyl92rNIMheK2qV1G8ZXE8_p-CgxcqC6ZP3_v8UgO4kbKKRHjiVaigPj8CtC487kQPD7qPMfMEX5By_Xskui0bMBUl7GT4sDDTmQgWQO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame E89B 35 B
459 B 24ms
24ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,2609445497044964833,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsg_ghcApjkDxhpnBRkvb3lA7z_uuw_WOM1|Dmeys1PED1l42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-RIOqTe9eBjKWHdsY6M5eKU_h8Dz-v8sHEJj7v1c9EkUxVlpk7jyXHcPGLpIY9-897TiTRhr_v3p2RvwN4xUKSL5ufGupi-kGC487kQPD7qPMfMEX5By_Xskui0bMBUl7EHSfKiolvV7AO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 4439 35 B
468 B 19ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,6704022539701620899,65|4696|0|0|0|0|0|0|0||120|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvVPW2o-FsZzBhpnBRkvb3lA7z_uuw_WOM1|u0V96RrWX6h42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-SmLsoGx7NKPFojyZHjkG7c8tjiCYe453KNRb8TcQu-OG6ZerffyPdz3MpirWevacmVKBsZMbsSOnpPbsBybqHO7pcn6Y5yVtS487kQPD7qPMfMEX5By_Xskui0bMBUl7GPSLnBsB6GAQO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame A886 35 B
459 B 21ms
21ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,5839416867485526797,28|0|0|0|0|0|0|0|0||0|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKtI2NNo4HtqQxhpnBRkvb3lA7z_uuw_WOM1|PIEuGyvXXXh42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-R748V44QkG42at0E0NF5uYd_mQ5ZOjeBjJe-BeaBGXU7Cz3WbHU3lGTmN4lJGFn7vL-NmpDJUJzoaBwP4h80iECQvqLRQMmiO487kQPD7qPMfMEX5By_Xskui0bMBUl7ELsPf8meMzvwO8_7rsP1jj0||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 3F00 35 B
468 B 25ms
25ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,7383330283981946954,100|4508|0|0|0|0|0|0|0||176|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKsdtOAN0sf5ghhpnBRkvb3lA7z_uuw_WOM1|qSa5lKNbOYR42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-T-U_4_PkKvOAEn0u8UCDXJcaV2rIZ-uYMHSIOSGTPhw-_4r12wTmMaTvNa4PdpnBAhk3WoatXs9tf_t1_4lF9gBIAz7fY1yPq487kQPD7qPMfMEX5By_Xskui0bMBUl7FFlxhuOX0aOAO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame BFE3 35 B
468 B 23ms
23ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8059699510355671993@@60048282,4803009998661704403,100|4508|0|0|0|0|0|0|0||176|1|||||1|0|0|12F7ch6UUBG48M5tcwHHbWYZlJRRj5rL2kBJRYARrKvap09BQMYH4hhpnBRkvb3lA7z_uuw_WOM1|C2p2hd2b5HV42u1ywTJ-2k2XHOi1q8-ZHa72VH1UaNAS5D2HdBYrApG4dWAZeGGw3U8fA8oxS-TVgJBnfLkelLdyFlH6jrbbuNkQ1OEvk30OKK-aMiMtio8D7f9ddppjZUl_FOyH8hGPxu22c7tBtoypF-O_Ox7iCFZ7L1zmW1y487kQPD7qPMfMEX5By_Xskui0bMBUl7FkqXhNhponOQO8_7rsP1jj0||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8C27 0
747 B 14ms
13ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:04 GMT
AN-X-Request-Uuid: d8e61ad5-07c5-45e9-84cf-26f4bf079264
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame D7ED 35 B
459 B 20ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@54901439,8712314320817827995,100|4543|0|0|0|0|0|0|0||177|1|||||1|0|0|SDG9sRpU6Kni5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 15E8 35 B
468 B 22ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@57914107,2515952391550305473,100|4691|0|0|0|0|0|0|0||183|1|||||1|0|0|Buf_lGENLMHi5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame FEDE 35 B
468 B 21ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@57914107,8156070636948934992,28|0|0|0|0|0|0|0|0||0|1|||||1|0|0|Buf_lGENLMHi5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 76B2 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@57914107,5362805310867462538,100|4692|0|0|0|0|0|0|0||183|1|||||1|0|0|Buf_lGENLMHi5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame C6F8 35 B
468 B 22ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@56129379,9067970625162598916,100|4700|0|0|0|0|0|0|0||184|1|||||1|0|0|dl9lejCdnnLi5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame E46C 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@57892097,2745373533687863285,65|4701|0|0|0|0|0|0|0||120|1|||||1|0|0|BaNsvgXTho_i5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 8BC7 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@57914107,4715473188288900858,100|4701|0|0|0|0|0|0|0||184|1|||||1|0|0|Buf_lGENLMHi5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 0550 35 B
468 B 20ms
19ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@57892097,6724232126677883338,100|4701|0|0|0|0|0|0|0||184|1|||||1|0|0|BaNsvgXTho_i5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 2A6C 35 B
468 B 20ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@56680285,6731843366334315055,100|4703|0|0|0|0|0|0|0||184|1|||||1|0|0|nxE18LZgeuni5nP9TebYOumn3tQYot-A0|||01||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 91ms
91ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895364676&oz_l=43523&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:36:04 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H2 200 /
track.adform.net/serving/unload/ Frame 4D6F 35 B
468 B 21ms
20ms Ping
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@57891877,5171303953020162322,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|OSLOPukGMKji5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
content-type: image/gif
access-control-allow-origin: https://flashnetic.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1

200
OK

setuid
ib.adnxs.com/prebid/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58626/occ?gdpr=&gdpr_consent=
https://ib.adnxs.com/prebid/setuid?bidder=yahoossp&uid=y-GcUC7CVE2uEAH4k4D2TRozpVwsIIGxftCqIcdjc-~A

43 B
2 KB

14ms
14ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=yahoossp&uid=y-GcUC7CVE2uEAH4k4D2TRozpVwsIIGxftCqIcdjc-~A

Requested by

Host: earnme.club
URL: https://earnme.club/nord-n1-from-oneplus/

Protocol

HTTP/1.1

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 01:36:04 GMT
AN-X-Request-Uuid: d9c96f88-adfa-4e8a-b9ae-d6a3183ba2ab
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/prebid/setuid?bidder=yahoossp&uid=y-GcUC7CVE2uEAH4k4D2TRozpVwsIIGxftCqIcdjc-~A
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

setuid Show response
ib.adnxs.com/prebid/ Frame 6785
Redirect Chain

https://onetag-sys.com/usync/?redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
https://ib.adnxs.com/prebid/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=

43 B
776 B

14ms
13ms

Document
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid: 978fd541-c3bd-4e95-8f39-188845eebf15
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Tue, 13 Dec 2022 01:36:04 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 185.213.155.176; 185.213.155.176; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

Redirect headers

cache-control: no-store
content-length: 0
location: https://ib.adnxs.com/prebid/setuid?bidder=onetag&gdpr=&gdpr_consent=&f=b&uid=
strict-transport-security: max-age=15552000

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 40ms
40ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895364884&oz_l=383&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:36:04 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 57ms
57ms XHR
application/json 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

cafe /

Resource Hash

03ed99c92ca141e2f17623b13d3ff4fec24edd112fb9720495950680d0138b89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11233
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B368 15 KB
6 KB 18ms
18ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:04 GMT
server: Kestrel
server-processing-duration-in-ticks: 1421460
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3E64 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:04 GMT
server: Kestrel
server-processing-duration-in-ticks: 1336262
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8E66 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:04 GMT
server: Kestrel
server-processing-duration-in-ticks: 1262917
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C9B6 15 KB
6 KB 20ms
19ms Document
text/html 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:04 GMT
server: Kestrel
server-processing-duration-in-ticks: 1451063
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame B368
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=Ac_zfV93NCUyRm01Q1duRFJwNzJuald0WDk5RXVHY3dnNUxYZm1leVQwdklON0JkaWFGd0JTeW56...
https://mug.criteo.com/sid?cpp=pCbSp3xXbE1RWUFPbHVNaGZDWTV0SVN6ZWVFbU9kNmNPaHY4NUtFblF1K0lMY1YydEk0UmV1M0o1VTZVWEloWlNQQkRIOG9qVUNzdUp2K2VqYnV6ZTh1aW1RRFBNOW8yNHRxQURzWUVjMXRMZHBzcThFazJmd3dsV1c1TE...

428 B
655 B

17ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=pCbSp3xXbE1RWUFPbHVNaGZDWTV0SVN6ZWVFbU9kNmNPaHY4NUtFblF1K0lMY1YydEk0UmV1M0o1VTZVWEloWlNQQkRIOG9qVUNzdUp2K2VqYnV6ZTh1aW1RRFBNOW8yNHRxQURzWUVjMXRMZHBzcThFazJmd3dsV1c1TEkwVHp2K2FBcHh3VzZKdkpOMm11cWlDaXZWU0tjOXlyaitZRjdCYVgwVkNVc3E1a1Z5RHZzeWxXMWZYZXVoYSs0emFuMks5d25GV3F3anRxZm9jbnhudjlyeE0wSittMFBLSHlKaXA0WmxIR2JweHJnTDJKb2VpNEJ6aWlqQnpROHVuYlhMOUxORzBpRW53dmdZZFI0YUZWSk1TYWdLRXp6WGJRc1YyUWZNT2kyaGtPMll4dz18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f75c697e773659050ac7b4ce1215db4c1c236bf0b5ba0261e43ad7b2cb860be3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1414668
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=pCbSp3xXbE1RWUFPbHVNaGZDWTV0SVN6ZWVFbU9kNmNPaHY4NUtFblF1K0lMY1YydEk0UmV1M0o1VTZVWEloWlNQQkRIOG9qVUNzdUp2K2VqYnV6ZTh1aW1RRFBNOW8yNHRxQURzWUVjMXRMZHBzcThFazJmd3dsV1c1TEkwVHp2K2FBcHh3VzZKdkpOMm11cWlDaXZWU0tjOXlyaitZRjdCYVgwVkNVc3E1a1Z5RHZzeWxXMWZYZXVoYSs0emFuMks5d25GV3F3anRxZm9jbnhudjlyeE0wSittMFBLSHlKaXA0WmxIR2JweHJnTDJKb2VpNEJ6aWlqQnpROHVuYlhMOUxORzBpRW53dmdZZFI0YUZWSk1TYWdLRXp6WGJRc1YyUWZNT2kyaGtPMll4dz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 632234
content-length: 0
expires: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120701.js?cb=31071294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 01:36:05 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3E64
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=Ac_zfV93NCUyRm01Q1duRFJwNzJuald0WDk5RXVHY3dnNUxYZm1leVQwdklON0JkaWFGd0JTeW56...
https://mug.criteo.com/sid?cpp=PeZ9T3wwUWpNMm5wdEowa3UrSEI0VjcrZ0I4cE1zWWdMbkp0NFU2Z3U3SEduSWVjem9leUE3M2JkbGRmNGF2bTkrN1ZXeUc1K0k3enFhcnpiZE5WL1N4eE94QnVlT2hzU2hnTWNFWk50YmMyZmdNRFFFbUxWNDIweVdVUH...

428 B
672 B

17ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=PeZ9T3wwUWpNMm5wdEowa3UrSEI0VjcrZ0I4cE1zWWdMbkp0NFU2Z3U3SEduSWVjem9leUE3M2JkbGRmNGF2bTkrN1ZXeUc1K0k3enFhcnpiZE5WL1N4eE94QnVlT2hzU2hnTWNFWk50YmMyZmdNRFFFbUxWNDIweVdVUHZPNzdSd3VxVHlKZk94cWJ1ekxWTkNQYStPQ1RLanZDdHpXbmVzbXZPSE9XN1VpWDUrZTNVTUxMUnMzSVNsbkk3bFY5T3hjbzlVS2hEcmJYUG5qaE1jRkdhOTFhZ3JZdjVKY3NMZ3ZRMndNUnRZc2I5dU8rQmNpeVdldU1pbEp3V0hEdkYvK2trandEVVJoSDRkc2VqN2VkdXM1bXU1Z0NDbi9MVEhLK2lNZWUwajgxMFlUdz18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a869d885594e53c8ecc385f68b066345f01efbbc149a02d15545b1de4b929beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1629557
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=PeZ9T3wwUWpNMm5wdEowa3UrSEI0VjcrZ0I4cE1zWWdMbkp0NFU2Z3U3SEduSWVjem9leUE3M2JkbGRmNGF2bTkrN1ZXeUc1K0k3enFhcnpiZE5WL1N4eE94QnVlT2hzU2hnTWNFWk50YmMyZmdNRFFFbUxWNDIweVdVUHZPNzdSd3VxVHlKZk94cWJ1ekxWTkNQYStPQ1RLanZDdHpXbmVzbXZPSE9XN1VpWDUrZTNVTUxMUnMzSVNsbkk3bFY5T3hjbzlVS2hEcmJYUG5qaE1jRkdhOTFhZ3JZdjVKY3NMZ3ZRMndNUnRZc2I5dU8rQmNpeVdldU1pbEp3V0hEdkYvK2trandEVVJoSDRkc2VqN2VkdXM1bXU1Z0NDbi9MVEhLK2lNZWUwajgxMFlUdz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 587277
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8E66
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=Ac_zfV93NCUyRm01Q1duRFJwNzJuald0WDk5RXVHY3dnNUxYZm1leVQwdklON0JkaWFGd0JTeW56...
https://mug.criteo.com/sid?cpp=K9ExX3xqYnE3RGg1R0NETVJ0cklESUQyV2hsV1lsRmhHYXZYeGh0Mmg2alJjeW80ckFnS3E5ZGU3VEZ2VVUrWFllWjJUUzFHaFEwNk5XQlVCU2VEMUhObHhNdXlJakdJOVN3Zm01ek8ydUZ2UnVsODZhK29kTlNPN3RGLy...

425 B
669 B

17ms
16ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=K9ExX3xqYnE3RGg1R0NETVJ0cklESUQyV2hsV1lsRmhHYXZYeGh0Mmg2alJjeW80ckFnS3E5ZGU3VEZ2VVUrWFllWjJUUzFHaFEwNk5XQlVCU2VEMUhObHhNdXlJakdJOVN3Zm01ek8ydUZ2UnVsODZhK29kTlNPN3RGLysyUnBnTlVFUmVRYis4SHlYL1Qrci9PYnd2alpWYUo0bG0wYTUyR0JDaXpPczdPZkkyR3Jvam9xdDhZUjZheVRwOFFCdlM2eXUyM0o0SmoxT2pkODlsRXR3RElJM3A0YmtCOUVWb3A0N041OUZzTkQvZTBZcVZRaXpEczFkT2tFZTZOSGtqRUh0MS9yazhqbjIxV3ZOa01HczVHdzBEL3A2ckRMYXdvRElZcUlMbDdWRkVidz18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e5a170a742d15bfc589c719799bf911ba5c6fdc78bd480efd431090053b22ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1689041
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=K9ExX3xqYnE3RGg1R0NETVJ0cklESUQyV2hsV1lsRmhHYXZYeGh0Mmg2alJjeW80ckFnS3E5ZGU3VEZ2VVUrWFllWjJUUzFHaFEwNk5XQlVCU2VEMUhObHhNdXlJakdJOVN3Zm01ek8ydUZ2UnVsODZhK29kTlNPN3RGLysyUnBnTlVFUmVRYis4SHlYL1Qrci9PYnd2alpWYUo0bG0wYTUyR0JDaXpPczdPZkkyR3Jvam9xdDhZUjZheVRwOFFCdlM2eXUyM0o0SmoxT2pkODlsRXR3RElJM3A0YmtCOUVWb3A0N041OUZzTkQvZTBZcVZRaXpEczFkT2tFZTZOSGtqRUh0MS9yazhqbjIxV3ZOa01HczVHdzBEL3A2ckRMYXdvRElZcUlMbDdWRkVidz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 611653
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame C9B6
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=Ac_zfV93NCUyRm01Q1duRFJwNzJuald0WDk5RXVHY3dnNUxYZm1leVQwdklON0JkaWFGd0JTeW56...
https://mug.criteo.com/sid?cpp=A7fAAHxGTEd5N2ZZWEFlcWJRMTZ5Rm9oTWk5WVd3eHgvVVpJQ1U4NnpQdEkvNStub3llOU5qV0hnd3VxTTZZdkFBVXBCM21PZ1FNamtYSG5idlRrZ3hGVWNPdm1vN1hadm8yM0RqRXdGYWNKTjlLOEMvYlpVdXpIZ3NGQU...

430 B
669 B

17ms
17ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=A7fAAHxGTEd5N2ZZWEFlcWJRMTZ5Rm9oTWk5WVd3eHgvVVpJQ1U4NnpQdEkvNStub3llOU5qV0hnd3VxTTZZdkFBVXBCM21PZ1FNamtYSG5idlRrZ3hGVWNPdm1vN1hadm8yM0RqRXdGYWNKTjlLOEMvYlpVdXpIZ3NGQUpNQ20wc21kUlJuMWNmdVE3UHEvelQ0RjhvYVV2enNTbVc2bFZwNkcvbE5HT3AvbW5xNnJIb0h6OXhyajNmSW1mUmtWM0c3THpHOWd0Sk1sVi9hR2ZFVGFIMVhKS1h4NkZyczJ1bFVJOXlRa1F0K20rUUptWHVIUGFuenU1Ukl1Y0hTR0hlWkdSTGprdlJIR2UyVzQxTWdKRGVoS0RkbFdRc0hCbFJRM05vdnExNUNIaitmaz18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2e41b99d1236a5fc2b1ba9263b6d2632bbf771f405e9e57f917194cd3943deea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2043536
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 01:36:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=A7fAAHxGTEd5N2ZZWEFlcWJRMTZ5Rm9oTWk5WVd3eHgvVVpJQ1U4NnpQdEkvNStub3llOU5qV0hnd3VxTTZZdkFBVXBCM21PZ1FNamtYSG5idlRrZ3hGVWNPdm1vN1hadm8yM0RqRXdGYWNKTjlLOEMvYlpVdXpIZ3NGQUpNQ20wc21kUlJuMWNmdVE3UHEvelQ0RjhvYVV2enNTbVc2bFZwNkcvbE5HT3AvbW5xNnJIb0h6OXhyajNmSW1mUmtWM0c3THpHOWd0Sk1sVi9hR2ZFVGFIMVhKS1h4NkZyczJ1bFVJOXlRa1F0K20rUUptWHVIUGFuenU1Ukl1Y0hTR0hlWkdSTGprdlJIR2UyVzQxTWdKRGVoS0RkbFdRc0hCbFJRM05vdnExNUNIaitmaz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 589371
content-length: 0
expires: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 88F2 13 KB
5 KB 38ms
36ms Document
text/html 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 23:35:23 GMT
expires: Tue, 12 Dec 2023 23:35:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C0CB 783 B
534 B 50ms
49ms Document
text/html 2a00:1450:4001:811::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

GSE /

Resource Hash

b98a9e0eec89bed195ca1f229a356d638a0c2886966ad8d2b4426a4b48688036

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k7x3hr1js2bm2zuSadK3tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-k7x3hr1js2bm2zuSadK3tg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 01:36:05 GMT
expires: Tue, 13 Dec 2022 01:36:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 30ms
29ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895365183&oz_l=13&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:36:04 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C0CB 0
0 70ms
69ms Image
text/html 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120701&jk=2105137673470681&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 88F2 36 KB
16 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 17:53:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 200531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 17:53:54 GMT

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 30ms
29ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895365341&oz_l=122&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:36:05 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 30ms
29ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895365520&oz_l=177&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:36:05 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 29ms
29ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895365870&oz_l=269&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:36:05 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 88F2 0
12 B 35ms
35ms Image
text/plain 2a00:1450:4001:801::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gBmKsQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 74ms
73ms Image
text/html 2a00:1450:4001:80f::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120701&jk=2105137673470681&bg=!UlGlURXNAAYgquz3AKo7ACkAdvg8Wg1gjHXWgKZob7nqmO7V9oMeYv-3i8iUEX7ex4hn93YQSbaKcwIAAAJKUgAAAANoAQeZAsIIORHveo4Xw4aHT7yFB2i7PkSpJpI8r2GGiQKlkLckOn9M_OfybgCAY-44eEUEM2-BAN-gbXkplbZ-AzzYlyw0vMLi-aUzjDV4KJSTceZ6Zk1HcVQ0XgFOIhvsXrA9ounX1K-sb1dvnPnl0OctGbLVJw0andac4CIVNAgJFkV9SZC0A6Y3WFyURQwMWzvXTRbgU-tXYAwWqAwtX29Ngif_pIKnBZqfWVCE2b_tJWpHVW4LzK6Lcdu7WIObq6JYd0oJZ1-C4Tti7a4W4N8v1wbP-TtX0-qMWl8tgNGMeMCfUSK3cfHLq5v6d0vYLZCaBCHqa7HM8YRSAxxovnWGGHkATQlqFWHkRjipKwN6DSefrtR6clQ0JQPp-tSMmYFARaBBmCHVi6Y2cdStJoPW547jUspCCwk9YmPqJIn0qePOX3Fbq47SEtxF7fioSNHtMOhip0G18qYQq3n8kqGdiYJeLvyo6RA3AT6fEXRQVJ2ThTcNmyUrc61PRefkZqzN6sZcrYR0Zu_FLjTszrxuodi2BPYJb6sA-6t6N0U5E_LItvGdl2mzw0B_QUDvqMsJ9G7hPchfA2GqSbhGEdW7ko5spVV7-zSVrQShwszydYCMoP4IMAIej6ouqCooATMKdEb1pTfW_ugAdPRj3djXrmXFIB5jBcxruvUWwTe4OUB8hMXc_uK6MshrrdZ6WcdFCbAPRZZuzB1dRUfx0dXnXClv2UUuahkbviQhJHdS-uU1zJuJYF-tSi3vmISTSiP-g7iBxJM07l0yts7owufvO6W_nEC6jIX27bJlNAOWu_7SnEGtaKzCSGspd00vu8hzBwWhlq4RKATu53tRzR3r0eJwMEKCVlmZjvTiHSF-cKlxrAqPikcQN2q1COCx8Cq3SmFiFgNL4WNA7w6Yp2HMF7hWt4MQLFQC5yAib9qO8D1cVVU0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H2 200 ctrack
track1.avplayer.com/ 0
70 B 108ms
107ms Image
text/plain 34.239.216.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=9&e=ctpl&cppt=10.134594&cb=1670895369460
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.216.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-216-139.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:36:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 index_0_250_00002.ts Show response
streaming.playstream.media/storage/videos/3f6d200d-1300-419d-83cc-3bee8e741c83/ 589 KB
590 KB 7ms
7ms XHR
video/mp2t 2400:52e0:1e00::723:1

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.playstream.media/storage/videos/3f6d200d-1300-419d-83cc-3bee8e741c83/index_0_250_00002.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Slovenia, ASN (),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 1a396594a9d585531f77e869b920bb9b6ad19cfbad00c6091d418a1c5dad7af4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Tue, 13 Dec 2022 01:36:10 GMT
cdn-edgestorageid: 722
cdn-cachedat: 11/15/2022 10:25:59
cdn-pullzone: 1024237
content-length: 602916
last-modified: Tue, 29 Mar 2022 11:25:34 GMT
server: BunnyCDN-DE1-723
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "6242ecae-93324"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cache-control: max-age=315360000
cdn-requestid: 99bac27db72d554ebce76aeb7ed5e862
accept-ranges: bytes
cdn-requestcountrycode: DE
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status: 200
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H/1.1 200
OK postback Show response
s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/ Frame E500 0
145 B 30ms
29ms XHR
text/plain 34.251.154.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ads.smartadserver.com/2/2.86.0/884833/AbEizdIREAHnXF6p/postback?ui=2051167177128181596&md=1&ti=69c1967cd2cd4f8da88d2bfbc5949087&de=2&to=3&pv=c64780ba-f399-4958-841d-2fab6fe0ab46&ci=884833&di=https%3A%2F%2Fearnme.club&ap=&sr=smartadserver.com&pp=1999&dt=8848331610101564891000&sid=AbEizdIREAHnXF6p&oz_sc=1dfefb9adf028e72c2aff569&oz_df=1670895371799&oz_l=325&cv=3
Requested by: Host: s.ads.smartadserver.com
URL: https://s.ads.smartadserver.com/2/2.86.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.251.154.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-154-165.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 13 Dec 2022 01:36:11 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1323

Verdicts & Comments Add Verdict or Comment

350 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

57 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
earnme.club/	1970-01-20 16:53:51	Name: _uc_referrer Value: direct
earnme.club/	1970-01-20 08:51:27	Name: _pbjs_userid_consent_data Value: 3524755945110770
.earnme.club/	1970-01-20 17:44:15	Name: _ga Value: GA1.1.921010836.1670895347
.earnme.club/	1970-01-20 17:44:15	Name: _ga_LY1N2M6E7Y Value: GS1.1.1670895346.1.1.1670895346.0.0.0
.adnxs.com/	1970-01-20 10:17:51	Name: uuid2 Value: 7413222715571309918
.rubiconproject.com/	1970-01-20 16:53:51	Name: khaos Value: LBLJY5AH-20-1P9G
.rubiconproject.com/	1970-01-20 16:53:51	Name: audit Value: 1\|naVuGyos1qocZ/kzZ5mWMj5APvdogVCbaTd6KyMQnaub55ZO9yeic6diblgVTNpGT0XZRSL7Xhq7N1XQbIqEyNp8FH0KG6PuUN+/nvRkaHE=
earnme.club/	1970-01-20 08:08:18	Name: _lr_retry_request Value: true
earnme.club/	1970-01-20 08:51:27	Name: _lr_env_src_ats Value: false
.earnme.club/	1970-01-20 17:29:51	Name: __gads Value: ID=393e6bf26a0879b2:T=1670895347:S=ALNI_MZo-reMYhKLetGy7x4I5mqKkJgUUw
.earnme.club/	1970-01-20 17:29:51	Name: __gpi Value: UID=00000b919e78a167:T=1670895347:RT=1670895347:S=ALNI_Mb6OGdTS9JOKkg3mMopq3Cqhb1PmA
.liadm.com/	1970-01-20 17:44:15	Name: lidid Value: 8359b306-225e-47e4-9c56-1d5cbceb2076
.doubleclick.net/	1970-01-20 17:29:51	Name: IDE Value: AHWqTUnY5eWk1gMpcrpNGTenYNHDOofqw9J_MjTBW2B8c7u8afs5M4QxPO8jR7gTfrk
earnme.club/	1970-01-20 08:09:41	Name: pbjs_li_nonid Value: %5Bobject%20Object%5D
.earnme.club/	1970-01-20 17:29:51	Name: cto_bidid Value: wfUx8F9CMEk5Nlh5ZWppVDdEd20lMkZOUWd5dU0yWFVvJTJCJTJCZUdtbXJxMDVlek9TREoyMnNYYmE2VGJzVzZtZkE2em0yQkZ1ZFdRN0Z2d3hPVEtSS0dLSyUyRjlnVGpBJTNEJTNE
.aniview.com/	1970-01-20 08:37:03	Name: aniC Value:
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.doubleclick.net/	1970-01-20 08:08:18	Name: DSID Value: NO_DATA
.criteo.com/	1970-01-20 17:29:51	Name: uid Value: dcd4a128-b3e8-45c6-b337-d7f321aad942
.adform.net/	1970-01-20 08:52:53	Name: C Value: 1
.adform.net/	1970-01-20 09:34:39	Name: uid Value: 8059699510355671993
.adnxs.com/	1970-01-20 10:17:51	Name: icu Value: ChgI3uM8EAoYASABKAEw863fnAY4AUABSAEKGAihmG4QChgBIAEoATD2rd-cBjgBQAFIAQoZCL-OhQEQChgLIAsoCzD5rd-cBjgLQAtICxD5rd-cBhgM
.adform.net/	1970-01-20 08:18:20	Name: TPC Value: 1670895354479
.adsby.bidtheatre.com/	1970-01-20 08:18:20	Name: __kuid Value: 83dc95dd-0663-4c62-9c29-50b2e51c8f96.440109354
.bidswitch.net/	1970-01-20 16:53:51	Name: tuuid Value: 214d1d33-2082-45c3-a55b-0a34460818d7
.bidswitch.net/	1970-01-20 16:53:51	Name: c Value: 1670895355
.bidswitch.net/	1970-01-20 16:53:51	Name: tuuid_lu Value: 1670895355
.adfarm1.adition.com/	1970-01-20 10:17:51	Name: UserID1 Value: 7176440904765408485
.ad-srv.net/	1970-01-20 10:17:51	Name: u8x7eovwf3h6_uid Value: 87791a1adcc36415
.yahoo.com/	1970-01-20 16:54:12	Name: A3 Value: d=AQABBPvWl2MCELNfFaiDQ4FYpZbuEcqa29AFEgEBAQEomWOhYwAAAAAA_eMAAA&S=AQAAAoe_i7GBhyS-R7uYwE_Z4vA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:53:51	Name: bcookie Value: "v=2&384f07cd-fd19-4860-8259-41e44dda5d67"
.linkedin.com/	1970-01-20 12:27:27	Name: li_gc Value: MTswOzE2NzA4OTUzNTU7MjswMjGjne4PM4PqSuBPLls65ZE/PKuMSJgk/MRUJuEi1ELkjw==
.linkedin.com/	1970-01-20 08:09:41	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2449:u=1:x=1:i=1670895355:t=1670981755:v=2:sig=AQEgHMghaNeC80ZSGqbAkmJKvbQiOI9K"
.amazon-adsystem.com/	1970-01-20 12:56:15	Name: ad-id Value: A8G-_nZvy0wFvUHWovy3URA
.amazon-adsystem.com/	1970-01-20 17:44:15	Name: ad-privacy Value: 0
.mathtag.com/	1970-01-20 17:34:10	Name: uuid Value: 1eab6397-d6fc-4c00-b8ed-d02392677828
.ad-srv.net/	1970-01-20 10:17:51	Name: v0rur7gqspb3_uid Value: a2f63f89f289063b
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379079:2519519
.awin1.com/	1970-01-20 08:18:20	Name: awpv14098 Value: 559379\|1670895356\|7d6f0eb0-7a86-11ed-adce-2234a4c513ba
.redintelligence.net/	1970-01-20 10:17:51	Name: 8lcfmzhxc8d6_uid Value: 7dee8611e8774aea
.adfarm1.adition.com/	1970-01-20 08:08:17	Name: lv_4971351 Value: w=4713001\|t=1670895357
.o2online.de/	1970-01-20 08:18:20	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 08:18:20	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTA2MDAwMDAwMDA2MTY3MDg5NTM2MHZsZWExZGUyMDIyMTIxMzAyMzYwMDc5NDUyMTExMDQzWDExNzY3OVYxMjI2MTMyNzAyTVNvbmVpZEFEWEhZZnFmN1J3c0FId3RrdWt0TU1FVVJTNFQ4OENlVlhvbmVpZF9fYWRmUHJvc19NYXhWaWV3MTE3Njc5
.o2online.de/	1970-01-20 08:18:20	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117679_-HTLP&utm_term=AFF_la_117679_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022121302360079452111043X117679V1226132702MSoneidADXHYfqf7RwsAHwtkuktMMEURS4T88CeVXoneid__adfPros_MaxView&wfid=117679&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTA2MDAwMDAwMDA2MTY3MDg5NTM2MHZsZWExZGUyMDIyMTIxMzAyMzYwMDc5NDUyMTExMDQzWDExNzY3OVYxMjI2MTMyNzAyT
.casalemedia.com/	1970-01-20 16:53:51	Name: CMID Value: Y5fXA4Ycaq61IQ4SLlsT7QAA
.casalemedia.com/	1970-01-20 10:17:51	Name: CMPS Value: 1165
.casalemedia.com/	1970-01-20 10:17:51	Name: CMPRO Value: 1165
.bidr.io/	1970-01-20 17:36:45	Name: bito Value: AAB6YE7HL64AACCkCfh0iA
.bidr.io/	1970-01-20 17:36:45	Name: bitoIsSecure Value: ok
.simpli.fi/	1970-01-20 16:55:17	Name: suid Value: 5B1C36C64D1F4B9683777DBDC544E630
.casalemedia.com/	1970-01-20 10:17:51	Name: CMTS Value: 1162
.media.net/	1970-01-20 16:53:51	Name: data-pbs Value: setstatuscode~~1
.analytics.yahoo.com/	1970-01-20 16:53:51	Name: IDSYNC Value: 198i~28td
.adnxs.com/	1970-01-20 10:17:51	Name: anj Value: dTM7k!M40Lf5$P.ghqdmU(5=yhK$n6!]tac.CK$wNl(:)o!>Gb-ldgLAb5StT/^1]Fqb+k^+0VwQNhAi?5ZRIa^9#0DFwfkFo0woj'8IykLd?xR([$yL76QK%we.IJhCjaR0'hkTHxaz=mlls'5.]u=`!sw%s^F%#c:VJe(NQj$rp][+_^Kn]!>r+VY`m5S?]F`Z982h[6f%YV(f+e]1yKE`^btB<8Sg<9!2I?Zq.q4B+D@tF9%YJ_BP`kIyPgG!x'087agy[
.adnxs.com/	1970-01-20 10:17:51	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiMjZiYzhiNTEtNWNkNC00MWFkLWJhMmQtNjcxNTMxYzJkNWZmIiwiZXhwaXJlcyI6IjIwMjMtMDMtMTNUMDE6MzY6MDJaIn0sImdyaWQiOnsidWlkIjoiMjE0ZDFkMzMtMjA4Mi00NWMzLWE1NWItMGEzNDQ2MDgxOGQ3IiwiZXhwaXJlcyI6IjIwMjMtMDMtMTNUMDE6MzY6MDRaIn0sIm1lZGlhbmV0Ijp7InVpZCI6IjAwMDBFRUEiLCJleHBpcmVzIjoiMjAyMy0wMy0xM1QwMTozNjowNFoifSwieWFob29zc3AiOnsidWlkIjoieS1HY1VDN0NWRTJ1RUFINGs0RDJUUm96cFZ3c0lJR3hmdENxSWNkamMtfkEiLCJleHBpcmVzIjoiMjAyMy0wMy0xM1QwMTozNjowNFoifX0sImJpcnRoZGF5IjoiMjAyMi0xMi0xM1QwMTozNjowMloifQ==
.earnme.club/	1970-01-20 17:29:51	Name: cto_bundle Value: Ek2wMl93NCUyRm01Q1duRFJwNzJuald0WDk5RXRLNWwwZ1dzJTJGbEpjNHB2dWpHR3JaTUlUV2YwazVOZUV0T3NyMFNjdW1QUG4zeCUyRm5qM1pMMEZVRzZLMnNjdHZhR1gzWnJ6NndERWNCcFpZQlhscjRnZDUlMkZrQTBWQnhteTl5aVVSZ0pEZzZMYkxGY2lKbUgzS2QlMkJwc0NyeDlxSG13JTNEJTNE

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://earnme.club/nord-n1-from-oneplus/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://earnme.club' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1323 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://ads.pubmatic.com/AdServer/js/pwt/157742/7600/ Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
worker	error	URL: blob:https://flashnetic.com/d3c449a4-2405-42a8-8e84-85aea7bc3512 Message: Mixed Content: The page at 'blob:https://flashnetic.com/d3c449a4-2405-42a8-8e84-85aea7bc3512' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://flashnetic.com/d3c449a4-2405-42a8-8e84-85aea7bc3512 Message: Mixed Content: The page at 'blob:https://flashnetic.com/d3c449a4-2405-42a8-8e84-85aea7bc3512' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v92.js(Line 99) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1557d38e134e919dcdb456161c3a6c3a.safeframe.googlesyndication.com
1b1a9ab450f332ce332f45369c19eb55.safeframe.googlesyndication.com
391d620f82268578b351d7b47254caab.safeframe.googlesyndication.com
584faa18ddb5883f96246171892806b0.safeframe.googlesyndication.com
a.ad.gt
a.teads.tv
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.ad-srv.net
ad.doubleclick.net
ad.yieldlab.net
ad13.adfarm1.adition.com
ad18.ad-srv.net
ad4m.at
ads.eu.criteo.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
ams3-ib.adnxs.com
api.rlcdn.com
apps.sascdn.com
as.ad4m.at
at.teads.tv
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
beacon.sojern.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
cat.hbwrapper.com
cat.nl.eu.criteo.com
cdn.adapex.io
cdn.adnxs.com
cdn.ampproject.org
cdn.besafe.global
cdn.contentspread.net
cdn.doubleverify.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.playstream.media
cdn.prod.uidapi.com
ced-ns.sascdn.com
choices.trustarc.com
choices.truste.com
cloudflare.com
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
csm.eu.criteo.net
digikulture-d.openx.net
dsum-sec.casalemedia.com
earnme.club
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
excellence-prebid.sfo2.cdn.digitaloceanspaces.com
fastlane.rubiconproject.com
flashnetic.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal900028.redintelligence.net
hb.adpone.com
hbx.media.net
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idx.liadm.com
imagesrv.adition.com
itx5.smartadserver.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
lexicon.33across.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
media.kaspersky.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.o2online.de
pbjs.e-planning.net
pix.eu.criteo.net
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
player.aniview.com
player.avplayer.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.adnxs.com
prebid.media.net
prg.smartadserver.com
px.ads.linkedin.com
region1.google-analytics.com
rtb.fr.eu.criteo.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s.ads.smartadserver.com
s.amazon-adsystem.com
s0.2mdn.net
s1.adform.net
secure-assets.rubiconproject.com
secure-gl.imrworldwide.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
shb.richaudience.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.criteo.net
streaming.playstream.media
sync.mathtag.com
sync.richaudience.com
tags.crwdcntrl.net
tg1.playstream.media
tm.ad-srv.net
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
track1.aniview.com
track1.avplayer.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
widget.nl.eu.criteo.com
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
www8.smartadserver.com
x.bidswitch.net
api.rlcdn.com
104.109.78.125
104.18.33.19
104.18.36.94
104.75.89.75
107.178.244.119
13.224.189.85
13.224.189.94
13.224.191.98
13.225.78.128
13.32.121.5
138.201.220.30
141.95.98.64
142.250.184.198
142.250.185.226
142.250.186.34
144.76.91.199
147.75.85.234
15.197.193.217
151.101.193.108
157.90.71.190
159.65.197.210
162.19.138.82
162.55.236.224
167.235.32.26
172.64.151.162
172.64.154.237
178.250.0.157
178.250.2.148
178.250.2.151
18.156.195.47
18.185.180.243
184.24.4.64
184.30.20.22
185.172.90.252
185.184.8.90
185.29.132.241
185.80.39.216
185.85.15.23
185.86.137.113
185.86.138.124
185.86.138.16
185.89.208.11
185.89.210.90
185.89.211.132
192.241.157.60
2.18.232.130
2.18.235.93
2.19.35.65
2.19.44.144
2001:41d0:701:1000::2fb3
2001:4860:4802:32::36
205.185.216.10
217.79.188.11
217.79.188.54
23.67.134.223
23.88.17.186
2400:52e0:1e00::723:1
2400:52e0:1e00::864:1
2600:1901:0:8344::
2600:9000:2057:d000:8:455e:4a00:93a1
2600:9000:21f3:5600:a:e047:752:5701
2600:9000:21f3:d000:1e:a43d:b640:93a1
2602:803:c003:200::51
2602:803:c003:200::57
2606:4700:10::ac43:266a
2606:4700:20::681a:b19
2606:4700:20::ac43:4a81
2606:4700::6810:5514
2606:4700::6810:84e5
2620:1ec:21::14
2a00:1450:4001:801::2001
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2006
2a02:2638:1::1a
2a02:2638:1::4
2a02:2638::1c
2a02:2638::2
2a02:2638::21
2a02:2638::3
2a02:2638::c
2a02:26f0:3500:12::1730:17ba
2a02:26f0:3500:12::1730:17c2
2a02:26f0:480:590::2c79
2a02:26f0:480:b::210:f1cc
2a02:26f0:480:b::210:f1d7
2a02:26f0:6c00::210:ba29
2a05:d018:d29:3602:bab2:eed8:8214:ca90
2a06:98c1:3121::3
3.126.56.137
3.248.128.187
34.107.148.139
34.149.12.213
34.149.20.76
34.198.17.16
34.239.216.139
34.251.154.165
34.95.81.168
34.98.64.218
35.172.123.180
35.204.74.118
37.157.3.20
37.157.6.233
37.157.6.235
44.240.137.201
46.4.41.145
51.89.9.253
52.213.183.212
52.222.178.36
52.27.31.176
52.29.128.124
52.46.155.104
52.58.171.208
54.156.207.182
54.239.38.253
67.202.105.24
69.173.144.138
69.173.144.139
84.200.5.215
85.114.131.235
88.221.168.201
88.221.169.49
88.99.165.19
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0130bd6e32a454ade15a6657b94bc4eeca806083037da9435db956705907e77d
013ee79644c4daa55612e3164b1a05ce5240a318474b3bea15f6639ec02722c7
01ea084e6331eeab698bce5e786b1407c2daf1541a439630bd98f209d92f6ed4
0227225b4e8b87d21a49783e52caf545ef47516b85b14087be79eb8fbff09d77
025a588614b2117f9d11396f5de8d98a7353db8ca671327199e1caf10505813b
02e19c55b63a4b4ecce58d3a8cf2e222953674ce0458e4bb0d578e3153ca1973
0359b74bdc8a9ce5cf1f38a364b781b7169fe7892d7247cb4dbb2acc3cb07463
036527084dcb7a704af7b3716dad5d1e8f0b483cd6daa26df4ffe3d361441f27
03d52af912a75d0d0749e14d81ab610321aee7f0b5e9b6e0ea9af62021ee1c10
03ed99c92ca141e2f17623b13d3ff4fec24edd112fb9720495950680d0138b89
0405181233ac0bd724082616cb86ca3b34290e654f2cd11af07f85d2bec7c28e
041298ffccadd179e80870bba7fea59c267475e7012787eb589cf924d1b98c49
04fbd20b04ad6a98e605ce6014aaef976cc9a47a939e621c19d801fc59650c91
052af1a41dec19820fe18415bca24c73db87f2f0da00e9ba27e7d101d2fe410f
053dd208d4eed71dbc02a4cd5d32809128cac7bcfa529f93ad744e0210bef039
055feda340d23bc33d9e7c0c2ddb60f967a5c98d35c84922a17691c2781f558e
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
06396185ce1293b36f36751d26de2a8f359088358a7205ef58bf7d1a3564b715
067a579ed5e2da39bf8a62b2f2eecd602422862fae65286e2d50bcb79f614646
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d9487d0d05b38994c2a06ab9639cfa33afe0c98f89cbb0f3bcefb4cfb0aa84
06e1d67613f303112217486e262d3561eaa8a8b192798d189b23cc8017555043
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
079160c7e06b98f02a89b863805f2dcc672037489605074c997718517575616f
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
0814a413c55d0467ecd1e1a875312d1b4acb9f0b5d69d6a029e297b0228512a6
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08b694831dfbd59c5e7e5333b84216074e358d0dcefc9f9a4b837c78889e9171
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
093da471f5256cc2c4143fef0a012c247888761f0d398659582dc56da5769a16
093ebac89b45cf7ceb6d9e336e7f447c2261d7f6c05705651bdba0cc2cd3899b
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ac6411a80570d620d55cd221394c73644260df8057d38b9811a382946ac33ee
0b47b5941bf0f51a9087ed804c7a83cfb2485f0ffb5e029aeaa7d2b9dc3f5ccb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d1a0bb4e7a4f6026da5844bc9ddc05981a97f623d73586f9e6a33499cba8f54
0d28e7bc6f38e33cae5d340dd59bd31110177335adc3f5753cb570c98763df79
0d9de23537baae1ab595344eeef2c5cdb1798b8c06d389608618a6a5c2024e8e
0e0d5aaebcb9185499dabbc6f1e6979b963ba0a9e683603e0662e96302be9983
0e7f0938158c8a030cea7c8dc197a966db14f94c7bdab177859280a51203d4cf
0e9d25fbd4a392c6b7fba678ea0a2a16e0f7da2b3281fc136c03bac6d996cfd0
0f0e8fe3b67f56133a2f96f8b220217cba739e9fb579611acc6b150cb981bd59
0f79f8fcbe99c7b5f8d0672cc775f07a06fc47c7288fb23e846b99a1353bccd4
0fa60e612d125a6275f8d95f57d6981b3aca99dcec15a5a7f96617f270cb610c
1091deb884e52c0c1c2a843d156516f64e6e04c182c5d6c657c70edf26914b3d
110316df935c0ed2f6011b55711a0e91afb255ff5d09e3cd261f58d7cbc71b9c
113d029bd5571ec50fce53ff96876e784f8766ee1efd5e30e4c20bf6ce00c304
11d54e2fb35e301b64b550f134f61e908db95537bf374a5352ba25a049562547
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130338d6dc3585cb3918b6de2cf38f0796732885ee155b1854a76b194d613f0e
1398fb1fa4f71d8028f72aa3753da33390c456f06a6d9289a5cee8834b5dcf81
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
145db5755ddc73d03136d4427354a0ca27aa7ecd697980bb9217bfb2f037e866
1477c4f46f72830f8573e7dd254424b4c8a3b090814ff971c3ea9642e77624e5
149a0e7165635abd17efa1f0d6fc8c6b3f1295da172b4615a4d8d24bb11b72b2
14bf033ddf7a5de2b94669fc787bb75e46e0a363062b1fa116fa396fe0beebe6
152cb24b4baa79408ab153e3f337e679af78ec38d58ba96988cb957e04e40080
15fdf63fb35bbfa6be90ce64844bbd6cce82fe63e5442ae9ca92e0d1c2878013
1652836ee134e561d233e74f929e74c55b2f452190992efe0a27dbd22fedb80c
167369ec15dcc5e66ccd88afdc00a07199bad191367aac7945eec160f0d0bf77
175798a2d48407b1b4cb0e19d29866ea13da05c0af2495b7aa246f6f8415f1a5
177d734369ce45900b28418a9e0cdfccf3c606da148bf55e625e0a59b7fdc98f
178b5ebf9e476bdf2dfd23742785c9863dd7029c2fc110d37a5731ab14a2494c
17fcd25847268e0a7d49cef10130051e43fd382f4eb41011c960786f6a73d12f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
182557f9ddf7626e09671fb69899b474b991cdd0e69f1595b883e4c3d95efeed
184189149a146fdaadf3a0d6138bdbfe53acfbe4312e1ed512d61c236e12ca7b
1966576d5d002cc523469a1dc9e5f9dc6955391d6cf06d6a8c79b73920f2189e
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1a2d0387b75529a3507a988542d0287739722af77e1d3cb715c02a41b357eed6
1a396594a9d585531f77e869b920bb9b6ad19cfbad00c6091d418a1c5dad7af4
1aae0e661b0c204d795f489b319e5c8a2e4a31b40f9251d02192385757e8dbd1
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1b345f3e04b56ea7847f1359c4cb0713c1def1377bc7347a7ff9c06f3ad94655
1b951b019597abfe48ba12156151bad7af288b9ed834f0ade5d34af17a22fe68
1c2beff1fc4983a33350a08469a05f96fc95e039d3a25f315b7e52db54c41df3
1caa3afc3562bb0ce11f85b7ec50c8e544d6014d872555f7617c82548a76c3f7
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1ce08d6b57f8d244f2095b56c5fd51852d633eecb72323149be49670ff0a567e
1d60bcfb7c8276a3ef7f7e782639651787dbde2a1f83184d87617af126d29582
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1db3c30e1d353e5942bf4e71d259b3f15f2f765133ce2a0d35f2f9405db4b6b3
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1e3458103b802372557563ecdb493698b4f9118e6a4c36faca092d30223aa704
1e9efa894bf4322b57bbe6f10980fa5c065fd2805d917c55ecc1cd17e6c6f11c
1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a
1f2900b68b2752feb4c87bf48446debd5ffdb3ff28aab2cf3e51f17e1d70c68d
2013ff2bb41e427a307fa8be67dc498ca7a2e91f1b207594adc9eeda5b65d0d1
2055368b8e64b233718a245a08c57cf7b82e840e1ff43d080409c8653976b3ca
207020ee62bca527b1fb22c32b5ee59f11e1b9213d0c7901f95e3334530e311d
20f16774788b5878620fcecf2c5cfa520474b325fd945eff7ddc4bd76f619ca2
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
22b26a0ac382f15f32a0f456a772ac42da81471c10de0f60e3922dc0fba1074b
246188678425017ab2b7898345187ce672cc2faf44ec310bf3846431de649561
246798397d7848fc28a7f4e76bdacb45f9f35957dc894a6229cdd9bbc0cb827e
24901414315cfb67c0ce29287f0010c8171db87bfc557712bcbd6713e31ad1aa
24b22be35003424b00f5b18f034fd784a2919c4195bfb4137d6ab845c4a91323
24b518df7ee9114f41b2394027ed7a983b1b8e27811bb1b00d37d610d09e6915
250d21d91d473567e6f5b3fe9fef3ffb04a1b985ef045fdc2f328378d1f25624
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
254b30d850212f356d819c2864c13b8b19a6f7f270ab50a0bbb0cba7e4ed01dd
2762809cfa254110ac667f86d0adf3308877b7cfd9e0d31a8afe3e0957173f71
2778d45e1654ad19d4f64a28831b9927ac4b80fd976a73618cc087bc01038a21
27fb80cd79de05902f2efd1216c91b611226f98725085423f24e75034a2c24f1
292f7115965ad95abeb234e702a8ce0b437917f481a61bdf2d6f314516b58a64
296630726fa5ed4eabfb5906d35114b7e68936ff77213ea816aa1383d6b9677e
29a5258e01e9159d08b26f2a12e2574e4469b94b5f4928498ad8089bb24cb14d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2baacf0c7a3ae98372a353f958c1966571adefaa6375dc8e4c45c23cf99498d2
2bbf509419ada0a2c41e6c9f4bdc9e0498a0f151633e319298e3da9a5817e336
2be7cadf45782024bf8bb47b533d558c1e43db5dd53ac54685846552160b7d75
2c3cfd8a408c34c3dc4ece476973a1c3373af579e652180e5374ff33386af128
2cafcd865ad1a8308d6dc7cb663f5428c88b4a33a799e0f0bf253faf3ee3dff1
2d789fa8321bfbec00515ca6fcaf0baf56b3a021a79adf4631a4f39fe100c0f6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e41b99d1236a5fc2b1ba9263b6d2632bbf771f405e9e57f917194cd3943deea
2e5656c424c1d3bda33799fb13b6d84ede357a4492c26e2ccacd6100264cc3f0
2e62b0b483c3dbcd06d15c832e2068f1db595e0e2f8ed02584ef936128c900a2
2ebdb46c1a1c3e2a902c237497df6cde96ff73bda3edcea13b566d79aad12cbf
2edd5050f07515cf31cf4dd9004fa258e026e7e87fcb77f96c66e97fbcd99b6a
2f57ab2681074b951fea61a975cc27a7591702a938148273440304b2309e12af
2f6ae09f162a58db11ce25f964fb7a8d545d59c6b4e2dbad902ed299968872f0
2f7bf6e4e67fa007bf77670ceead344df6541db34e7bebb11962d96b2f3e99f2
2f7c8ac4c7fb817bd2c51ffed611fc8eb045bd5d994d81260ff904ced1b327de
2fee2e2a5fb595474f80a2e48946b18bcf5fe9f48ea8cf1142adcc4aac9b63d1
30050b92a87c12fd666baea481c7ed40b8e6ad5b3604227cb201456c7bf0b298
304a6904490b02393897d40b31968620426451a6a54a19848a29819901323dc9
3064e6459bb2077a733ea430f9f707a2df8c43c849a30d73c0ac55e37ee400ad
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3207df76aea4eb245d70183ca1acf081652b44577e7d6828294e1ba2551988cd
320f2673af16f902e510de4d578bbb6b7789c39c78460f0514be2fa25986ce55
324c1fe815c43b5b513a2c882e726afa04e73dff1b85a35ce9c8badb1b489a09
3506fab7770f698c57c034b0b2cb7fc53d440fb7d1e15c345d6aee22dfb42fa7
359e4583761dfe7e4ded51e2f912667b81145c3e0ef4bb73e2d2a444aa15b316
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3628bd985f73b8559736eaa725a1a85f9a552cab08ec720491191b7df1a930c3
36819ca2340b20813e1d2eecff934810e65167f054d1f62cdbaf774f0136bfb4
37a4efac21ac905865e9d4e6cbc4dc4b34ed664b34f2d37b5eaf0c58c0fc6ae4
394068f5e218e5f287595a35bc41708b3ab1134ba2c421a8001d274d3f955d09
399183ee75af1ea0eaa8300c67cfddc21ddbdf7ef78613002f14ad3c788bc150
39d4181147e2c79ad6a07b8b4ba5cc5fc6ecc277c1dbefaaf2d723c605dffde7
39e5c8e01894f41680b3e294f1cee5dae96290deaf8976be55e515a7f96b236a
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3a2e735723d59b4492e4ce991d8359fd71777fa1549ca1d666ac9d3cf7742375
3b52e84ce3c3e029893c4b0f6cfd6bb17d6fe2fc466fcd065f8ce9c28cdc0a11
3cb8168a272fceace35a430276ab6b4f2579240eab133bdc8cbd66742981ece9
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
3d006db284c8b91f1ea9644ea357b2b19b1daefee8ac248807e39ecd08bada18
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dcbca4979844eab52263a3de457abe88e4a9db342ef757fcd8cfffca28a4d7f
3e1a8d623180e7115cd5c0f93ff66675fc06bcfb4379421c37c938a72fe71d75
3e23d9feebcd3c59dcc4d426b6df049bf4f8765bbfec90b2f185d0c8c9841c2f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ebbfeefa7fccc2ebfca81222f0020c8f21911fda3f515aefc938b5f0d9b09e1
3fdb0d99754931380dcc52574fe283d357270fe25cb1afbdcb6c537ca6512418
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
406996031d7bd461fe40214954d123418cbe3985dff9cad0d644fae4a836b812
41452b2139640ecd9af6b57092cfa4c8564df9ca2f64c952667c1b8f0eea9b8e
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
41e37a7abda352b5296c013fe604176208b98b6577c9ef9922e1d698f4555fe0
41f326f4fff488a231249089a394cdbd135829bc440114597fc8c48ce8172467
41f5e8113e651e2091124c4f675f62c523ee8db4f03f0f560e8c0f84490dc398
420daeef03f4893c391ac50c1a4524900c5c8a7c299550b3101d341c7fb6006a
4347e083fcc7406a94363480146e1cf9c2f88198921ef74fed3eddf6d969725b
43559f00343c7e012dae0fb5f393c41b0e64a9370bd2918769d155dedcd630d6
435899a427374f4173894cf5e81e32ed61a3d77bb53b5465fd983619d3d28560
437f7cf9d84876da2ca088752c7c7db91a64dfad256348f5d336fbb7378bc341
442218dc805a5f3724196d4543380b91ae96882c1e69b0acb3c452c10a9e81f8
44527fb78cdcdee0f4df2857f20a08b5613cf2373fbf3b1e920c1a31e434f1e4
445ea1447fcbeb9657fd42642d7ba8d6a4d4aa263f15291d8c780edb70e90c93
448a88c3b6e1d96d99615dee9ea6df46707d0a29e3cfec07a6ca2ae15fbf5074
44be8675cf7905593eb9315a6d130b3df10918e84449ad903f4cfdbe8551dcf2
462fcc52ef8e307cfd803931192a5e698894d38c6090ce2b030364c1137f1655
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469c619367d6ee598cd43ce6569599da2c09135582ae5211abfc510f31080336
46b12afb08dc52a9f50161094e95fc99f08cbb726b869573c640365e1e6b6fd2
470a2429c3042f378756072ec008c3e0988434499cfd8c211f59ffb9ccdbef6b
47472f155c87df109e96dd05ee2be42dee2fe3ad198ba64373085ca73f9da9aa
47cd52aa6620392ba8639105b8c0c892401c40dc01f3f7a6011f43acb718419a
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48d7e58e0ee0c92a7177c519be3c1a6b1a2aef311322ed9fb4b66a7c15f52bfe
49603d59e651b164d2d10b0cf1d58e1d0630fc7ff88c53ffed7febc3840627a1
49a9614e020d85f891cf0b0208a077ad1c806c27e73ead4e01543c27b2f325f8
49a9ea2982764490df8e684accdc64f01a294565609f1d20ec72fa21ec0b1bea
4ab60f52db3b2036f42bca2d25d936b3942640dcf8e3b0c9862bf4942989a94b
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4b157837db317d87bc5ef16c476f9106141978d6ac8552c185ad00c06b01ec16
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b62bb23adeec37ac3ddfa65c13db5e3b197964b1760913e03a890f1299121b8
4c45b9784362a1e8cefdbf2ac784a3e4b721f05fa59ef9b4402fd6410039bc14
4c9bb31944fd92a2e8f70383ec2587c7b4090244e8b761ae6f9a6383ee840fef
4cf6e48c3371836bb55b74d75479d65ea0c25698c9e1a8a01c8fe8c32dfb211d
4cf8b51ee99974fc1dcbb68bf4cf750c294a98ff687ca27a391151974145f4cb
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d928b5f740afe75a9c1ecb0861b8288e4bc248ea985a5224ab6bc3a73420886
4dd28666285ef3d637d7343bd3daa700899220c94449087bf50b3047d5dbe11c
4df5f8e5879dd3099af09f9de22bce62c9592b91228994989bf09f96c45e0831
4dfb6311f1957e1e105e976bdd215e563d021b8bc3101a03000379b5775ff6b3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6e564601867fb764e833b6bbcacff941f556484ca60186edf2457623d379ac
4f1cc7a1a11566ea8cea1e1180b2dd7b8532c436e4b9ea00ba6c4cb8882ee050
4f57059f07cc21689e799a8999f9d49284610033578b3dc70f0ccde9502ec6fd
4f6a490cb6ac7685fd31b8f41f2d7d9a5ecb2d768455daa85b5938df0fffc62f
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51424787f51e54d80bdcb1a292c4ce73fccf77a1a187646bc6319a07c30e85e3
514a909a7d2b587116059dc6a5d3d0f4feec01db0e9ea4a1a80ad7cca60145cd
51c25575e1d90a3232a74c5acc9055b18c109af7ac7355d4606b5cfe6aa1540e
5212e1c53c0953ae2d179ed965750fd5d2bceae1b1814a13f7f8d595206d65af
528336c7a6b36697e4b59d887f37fd1f06d6b1c1d69e0385db9093a9023421cf
52bf9563629b34c6b4ebae67b1354ee65292b1eef0b209266c53dfeade20f950
53ecae11403d5d51c1362b9e137450b585e8257f1d5a3b040320c9c2acfcd2a2
54673873b4cdd4e6da9d13577fb5315ff7dc8ee9be6787cb412394e995751f32
5472fceaf6f99c5298d6ca0a5b05701588d68f870fd410355c6f1e1133c726f6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e51249021fabff65b4ca7eb728f0a56cff080a37d9b0b13d1c401d5b9e6184
55979ef1802ca28d2fea8958c16c44fe2c04b11508a07445912c0527a45a9aca
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b4f9e5ccc481cdf045fe30b5de21e22aa08b5db572e22f2dea475aca50620c
5748300a1a20162862baa6ec1803ccf95863004a87346638cc32e7d49a63e6f0
57b4d86691225b6a873b885313f0aacd68d08f168ef3465ea074ba5c81726814
58caccd23b2b2fc0e00e6667dc73b1487cc4a5249994176fd4012a9ffcba4fda
58e64f19299f4a90072e03a27e9d0aa3d17f9ed010e8c20a65b61301cf39dad6
595a994c260bc388dd81231b53822c3d6d92463ddfae78b10a934cfc840bf89b
59ab73e2bb150fbfdac912834d39f6773aacd20ef22f6d40200b99a0b57e6102
5a2a265312f0e801d736b4413a5318227627d29ff1b28771803d198cb120dcc3
5a3525ab27fbc0838cea91f8537ea3aacdd57276a3974d7273dfc817916bf2c9
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5b8230a755298ac32eade3d026e4bd42ac12f1e29712eb9b9d03bc9f5c838196
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c77c820b85441cd56655e624ca6d3777bdfb34a201fe232438806fc44f37333
5c8ef38f9e830b60f0f54852971f510ffda117ba98f775a2e666d38012df5e52
5d20eb026b8bb497a6588b444a4c71fda05c0f4c39d5d679d8e0b3527d87af31
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d92075a333fd130ab14a88cb118502add35524a313b882bd83aa362c7436d28
5e0cbfb81dde23ac0014af52ccae6c7ecd0ccd892c526f76ae3cd4c90ef05d9c
5e1d1fd991134d14507adc22afc194142d3e4001d0da7e0851305b100e359566
5e23f0b764bb60ee929c3874b754a9d5e81e82b60d604663c5dc6e0cab64b6b3
5e71d74a0677e21568f2e978323bd25fc0e5245b0f3c34ff73449137061ddf24
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f8a1ed9a4c250b4a57e8baa47462c95b9a15349bf81682092a440b7c4f2ab5e
6047100429f8a90629103c95ee29fd4ba8b187d0c67fbe28dd57183ed5e9bd90
60e404ceb4d84dc814c418fef1bc7909c1cc110c3d57aed19448f3174cd05d8a
60fc79186daf0beaa178656644e1f0f404635e60179cdd4d0953ded38832789e
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62218b396f5c31b199fcc4c3922f8f7eb293e208691d7c8f8dfd0adae52d433d
626ffdcc2575c9677dffeca4f410575e8ec91a71aab472d0bf9fef208099ff6a
63f27e23b80e8b821c171cabb41e06b31e84d62f85b10c44aefda6ff81d70f04
656b65a52b9f2dd39c8f627f593c78454b2b8241ebd2fe71028cab6851ba8906
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae
66fb70a86d6d88f2de317d3447b2e7420bef90a5ac2d8405233669e162dae0b8
6746d66aa779b4783173d6fbf4f83a8d7984de2de366b4ef491c943be24add84
678e42ab0faf94e02c69cbc5193be41c897c06dbd908e835daafcf421cf5aee7
6872e5fe31fd3abbd905267318ec657866186a4b9ca51f57c3e399db81a97331
69bd1ded42f3d6a4d4041a60587219e7e84d9a7ece233a320ec03d499c1dd889
6a653526473582b345d0bd7609cf1f7d26d2a4d1aa8b370547660042e13a380c
6a7e3c0d86bfb8637676908385291d0d0186912ff3dc524f9f01f8c9f4843d44
6b022da1659d8edf1a7a35600f66c8de7dc83e6131ee83aab1a9298aaeda244c
6b1fa95a8ff9ad6a7560602756837daeedd22091fd9d0f85ae7e9168bd0fdd13
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6bb8b2246c82259885f3a015a59121fb3abce7642ffb43201c2d465cbad0cff4
6bc8d6bb67550b4abed09fc64c0c2bd771563de123a903b129f2edf2aa419f7a
6c6aa9826b852ac7410654486268a950ec8930067e7b68940554dcdf558a8b8a
6ce9130018b96dd3bc48428e0c510fe94687f7d4be1e1fd3a3c3c081d99bed88
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6dd2ff2d7139206ad291049a5b57a34be4fd67f8bd244d72756e3b892996f40a
6e10b9889e26af79e375d18be98ea02b1d24d6aa92dcd74be98490b6023ad4f5
6e8766436855251055afbe83d3ea0979c4e971c13f08206e82b2aa4886a7ee56
6f0e3b338536ca60d62e75995cf3c3143dee05fb978cc5f31dfa0a610c477707
6f2bffc75872cd4fe991f9387e44d3783a9c4d10a48ea6d528875532ae663632
6f851d4b1b5778b1ecb6fa635a4b69c163da328eb60611eb9a0e266cab88898c
6fa7db9a13ce8483641297e080b7384862294d202c7ff061d526363ab1f25079
70e0a3b2c82384039a2e4b31c305c9ef1f72a59b585acad421c54a6101a25237
712b9147ac0748ddedd6fd415dcce38bc8ed11f495e76fed7f4e4ace980c5d26
71b1e7cb6c62222c24c83feab0c97d3231f50e5ead960bcce48569bef4b141c3
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
728e8bc68a5df8ede38c1692c8851447d952f908d6f01dd6985ccd6921555058
7325177961c847c026060ce69ab67518ce9c487a3907937b28034c1005df9ee5
73a4a3f8f5d9c33f09f24a5a1091ac7baf7c6e8f3a2e85dc7838e37206593427
73d2dc93f1dc9fac58c416346a38bd6b4bf49b6feade091aa7ea0bd294ad5002
73d3d9d16fbe6bfdf943bede546789f7cf147f97dd7d158ab47b8b85bde5b056
74024ec471def17a6d2835f88223678a094f8c10ccda405a0543445c31945519
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
746f8b087bee3ce8aa3072983d867922150a2bd940f40694ea1f400b6b836def
75806cade29344f203ce389d3fd4f555a4af9d163d7494270d9f2386c557ad9a
75cb7ac240f4db34c15123825e934f494f212d5134efbeba40ceeb7bb3a32c9e
75d59506933dcfd4d156ddc502a7bf3e3ba86e0b2dd95a95e0bca2169771a516
76515014d87ebcb6c63e79132ef3c13ea16e4988e1b5be43146a600db338fb16
773e57076bc8fd1f70c8f9e3de695d173793010cad381547a38dc0118871e872
774070d68c5bc55e30a08e64a3ea70d17e656de05f1733a9997b89ea83289eea
77b042d3de6cf8263b878e8c7d779a03fae1cb936c1bf25311706cf590a220a8
784a257b9c4cdb53809213a090b43a7f9d33814b8b33090acfecc777505cba34
785ecaf31d65e70e637a053f8ae418b2e035f944847762fca8afb31f0de51ae5
78c14d21814273b4a2b6cfde05d11756e4e95066e80600ffc565422079430444
78dea314ddfeb101398709101d924c1559405c7b405d807ccb8110380a9513c5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7acf296eab55e647788d20fbe4493cfed32a66a524cb83471ccca96c90af54a6
7b5a6603ffbaa3e824e4bd9733b36162dd6d6da12399390f2fdd9604aad930f2
7b9efe087baebe03dcb22b04584570c9b193267cd6ce36324b612b5370b4583f
7bea649277aa329867d3356ca9ea8b3bbe8ed90ab08be4620bb104b146daf7b9
7c0d33094c325e3acb9dcdde9d35e6795b6ccc7996ebc87bdce966698e6e0de1
7c288bcf9c8fadfffec673676cf1731a9f30234683a0d4b382e3c84733f51076
7c589ed2f3f93b46a3aa942a666b81c5cb291ab4bc793cc960fca1269861a3e9
7c8580c16d9807817a6d7d90081748c9816ec6276c1f5ea2abcf97c4c7106c43
7e0c6bc1cb62ee838e01d576bcd3bbffc80546c98e3c3281b57a4f86b74b1062
7e373f0f629f005bd4c038b5947919a6ce1813b3fec2049b759b30c2f7debc55
7e801880e7312d9d1bbab1c39170bbcb145b96159f34787e6b90355ca66898e6
7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974
7eb2dab10af30894984ed84a6b71ac3bece74c946ac88ed4991f6a3fbd22fe29
7f7963e5d7a286cbcb0445d70900ba9e04140daff28828b6bf63c28522f79e41
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8013c528ac4b5769b0b92d558d0e4e8fc5ce3db53e16d59b84bd249b29faa294
80cc35f01e7cb11e973b41830cc9b06c1d155af7ebe70a9379154803bfd68815
818399528677b7805188c3a37e8cc537b86b7372382ae8ebc7c2ef12ed54d199
8201825fcb83c30fdfbeb3600b33eafb352e0d68d79fdd5f36ad7be56268249f
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
82d1176156ad955c865eb051b169296fe5399ff60f109de769b7f308bb53a571
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82d75307e9fa171df8e5cedf85570ff1d4249385dc609d9a9624128e87c2b5c9
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8366e996510e23da4ac398f4604c93585dfa2736ba63005b2611f174219e5661
8407f63c485fe81d5c71804991b116ec78e119290333d3c9e13ecbfc2ac1a13f
8429278595204bef62476dfe69178533b460a60c5156cb5d43c941f4c0c3d0fa
8443b74baf93a2a805163c4cc592dbbabf96621670bd578d326d2f46fd04cfce
84e15aae0cb0f8d2f11c75e58ed922b42be87307df75a7109902d7887a66ecbd
85df9504e7dc142b5d46c8b9127ddab95a042cf508ab4a4a18468883307c87c3
862b93e6df00e8222907d9515c9f13312d9f0514018312f80cba086915f9c936
86491be5d3edc8605fa625c110f99fcdbcdefc7548db99c4ef4743b9c5230809
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
86f8b82974626dfa71e801856f321aa8e82f289dcbb390bfb7482b677ef3f7e4
875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b
87601871a1858439035900b46e057ab0cf954991bec88985f3cd6354843cebf5
876e08424399d6fbddf9f85c8b725c60c0bc04e833f7a9694170d1d54c2f7f2c
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
89013866b8ebfdf82160764b685d3348dbc619e7342d161756f8153252ac3ae8
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8acf96115cb55ad61bfdc24b7918a946d1b983ac14062a584dbbe8744021430a
8c2dc9465d71097b41d5f5873a3abd956c773e61a3d270ba4b1a19245ae004d0
8d3b4694f2e7d6dcf5af611841acb794ed26ec7efc51ad0fe332a89ab3953074
8d559f1235994035cbae55f1d9eadce94abd07f2a57488591fdc3f8e831c1dc2
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e5e9b52f8f5f05c60b4f167611af5c7a97b22c54bc3f78014fcf5174376047e
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
8eff2f9c821d2a0fb06cbea0d8158a0f1c52960d96abeabb569434decaa65b0d
8f8cf9772d485a041ed2b4b667ad9885ab47f8b74886835d2de7670e05cb1a2f
901683eba30b19497f2b5c48e86446eb1e7d93b1372d203e6482f38c5b15b0de
903653707837ed15026ef3831cd45fddb044406c391557450dab3d749da96fd5
90c40eb2c76dba53ac547e627ab4c6933594dc469316046fb7c2a10ac09417a9
91008b67a520c645f9d1d322af2ffcd638b5a79bc21a4c23a31128123cb2fa5f
912c1b61c42cd9259a3c6d7e5e0a397f3ced06c7b2f13a5df1ed75bfe7a7c483
91a634d88f8050879869dfa6d8c0591d1edd668a4548fc644f39907eaa3f0f27
91ed9706907dd25ff036539c5df3fdf6fc0190bba9eaaeceed57992110f4c3c4
933057457b7ec5138c5f951b7df7a124d63a91714d41d120e196ad315fcdb442
9355cba35d523ae53a25613b5cb53850951b2876a269b17fa39660f3da3c3c6a
9375b153f4117aeb9ffb848b9fb63277572d6fc4451f47ae3d3e9465c22c8609
9496bb7e683947e36266a700909cd8fbe4b537d9dd2b9bf3c94e6fb739a4f06c
961d69dd0e8a2f52ae99473f60e510978dd3c6cda2365e665977afc10c975492
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
971111b97774fdfc5e46ec8610f7fcfb0cd0710614b56f8237693647a9acdd8b
97355379763bf00b7b741c83dee408f258629738c7c8034e4771a0d82a36fe39
986969cc8d3e173e18654d278e5fa39f5fc5f50b0255fbbf0101948cbcc892bb
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98b82f06a8fdfd4b87ddcaaa6958ee49d2dda736e8cf6de28a90334725913493
98ea084a18ea93b8bd06c9e6a41c1f3b7eba9fbe10db708f90832f37724090c7
993b6cceb1e753233a116e559082c6a9c7015b17ca74e2caacd2f77034388995
99d4c64181e33f1174d221b7ea71cbe8cbc108bd5c031521c80a8f097469126c
9a0fda7bca53807a574a641ba6e1c70b4b335bb745d6bf73c239b3701f167cf8
9ae2d00f9a40a5ad26c5b209f79001ada20a1e8488f6565708a6b95c9e68f227
9be8ee3dc6d9d82567040f34226ad5bd3cfb10c686f25ae6ad47a73afb13f50d
9c23d606a3120d625ad2ab17ce2ef1dba1aa5e5dea9d4596ec317d531d3e7613
9cf426e21091948e5618d110f171b3f16702597639213550ec8a6fac0c3e04db
9cfda2f6f4edf87d89727ed1c8d1e89e4a9a40d506de371127b51173d7be261e
9d3e58662512680ff84d7210c7f667d625ae716c2dd3734b557125cb3a725fa2
a018287ded66de503d4d746e072acd83fbb24963816046326c4a00a41c03cda6
a01c5a221b74bedb7c8336278eb5669f1991d33333f8c552dbc2316abcfc37d1
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a0273bdcf46336e994148281c19a2c99f7ab08ccae22cf2b8d61671dc1cf4b21
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a13b8edf519611379569011dc81fd20613ad68500e67f98f74ee0df28527aea6
a1e4e7c5539b0f1f48e1e988b68393107a50b6941967cc1f3fd932fd8fc6f9b9
a2382480b9b3cfa5c467ec5a319d213b78b3f32dcf1b446b2671a240cbc868bf
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2f2a01d5b79812f5faee18c067756d29268e204b067e1842d704d3adbcb1e9d
a39a731a41585a79919040eb623dcd3822ba27450ef07a1f3db54c156b6a8569
a45a88d1df5620fc232bada94efa3dcdcc5c35b8a02750bc8f1ee093f858b3b4
a461c6ce91b8b3bd1c44053b0722a3c9ce947c52a724bec907fc60427783afac
a46228d57faaf3cd1ec77fbed362c13944f30d9e92a4e1e5d3603c3902555df7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6014f6b98eaeb6078b9e1c953c61f33af95d5f4866d89a416d01b74a0dd6c27
a693997ef1babd45821557265c16b727a47fe190de078a0cdeb8e806e47a6a48
a6a5d02c6beeaef42accc5f189832fd4ff4a9597e304a23159d590a7b273b972
a6ed3dc4563151e931c27165c45d2c83e21beef19225b217a46fdb7f974e8152
a71ee879cf80d36f1858f3b7a081ca1493bb3fe88014d8b435434f91b927269f
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a78367c902677b86885d403511ee59aa0b69f5cf5a83646bc4ec74b0b57ccf39
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a85c25f589d3ca51516ce958616bb54ed81c9594ed0626bbc6a0722f4a50e333
a869d885594e53c8ecc385f68b066345f01efbbc149a02d15545b1de4b929beb
a8dea35604d63b94605e5b63e2dd13baad210053271c13c750fc462fa3545ff1
a91c9e1d1e59f6e25f425c7c64f49a218865cd81816476caace0d7935ea2fc23
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
a9c3152b1f921defaf879a7f6514623aa21e0656a12f143b20cde6648ff5036c
aa00bdc74cdf124e45f545f927f91ed9c9c1af8db39769fa302d4dbdb195a546
aa0f747500f655ace4b0deeb78271c64261fea21cecc24a6c59d78b5c600e313
aa4f09011e442a9137174df2e452bc57d56ad7acaecb3118ca559833928e9144
aa864e69809808c72f587d26c1f4830b807a8e94b2333d149e630f9be380268b
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ac398155a8059324068a96cbfed173bdacc0a18b2b0d300e98a6ccd4193faf1b
ad032d1cf528ab452328c93f4e286e5034be1a9e5c74da91d2828d6a50caa6c9
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
addfedd8c972bb103bc66cee092b9cead9d661deeda3eba2b17cac7c74ad0fbb
ae48e1202874ebd04205306f97593913e40592e5996faeaca4d7f1cbde36e688
ae98a72acfe406ef41c690b0fba4c57d75b913d6ea5d648026f648920b25c60f
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
af74a479b4c2738eea3e9a1956f8370ae4687e145a81287cb1bbd0c35b93d0f9
afab909ea32e707967162be43107b7d53fd81e3e8feb2adf754be6b9ddc71a06
b063714d9e7e3c9a79c2f801af76a0a28d2bd296672da316d23ade01abfcace9
b0f3162b5a3b8ec1addc713f585fbbf034c50f4d31817d0173ad1ab1de2d8597
b11fb3390dd84779c390403beddf6e6876425bcce453aa98242ea7fd3edbfa69
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1754576c31e4dbcbeca7c7501814d2b615978dd6eff53d71a4c4ff55c4fe3ef
b1db596e8483345aee95896bb32f6a957fafcc91e080b312d5508c9ac9986a61
b1fcf104efc81908e79e8ddaac6cc139af80faf16598d18b836db81f1b2af063
b22f2fb9dbc3de746b484da49d3aca9d71785479a802bb5d736dce485d7319ba
b2543f88b5a81115129ab2a2a583e85719224d9f10d657b2d1a5f44533ceff55
b328fb713a14d3205e18ba66230f07f4eaf260fc0f6698acba68a0a9658467ad
b4505ee5e15ced444c23568cc80133247d48e2fecf8eae7218d90664e2dd1704
b4ecbab28b1e9be1a6dfe09a9132c06db398879f8da9d238d6e48f2981cf94b3
b5bb863c6910d0c861eeeaa51d06324486b9d280f11a11ccfd77c305283fa912
b67fe64923a586061ca8b4ee5086f981d05f483f4a1bd87f6ccecb8570f8dffd
b6b1451016133a184a0e3083de270e47bb4cc61aa2bbd7ae3cd6234cf5ee05db
b6b94a85edf7e723363fb949b69797ba5cb84d609118be92c64ca71012ac878d
b7fc1da8a773effec02394edccec3724e9947c861ba0b8c96a71a2b9091b7fee
b98a9e0eec89bed195ca1f229a356d638a0c2886966ad8d2b4426a4b48688036
ba485d29492141822454db9db19b51b2b173630ceb8626e0c0bf396d550c4636
ba8b067ed8efea447edda7a3e3fcb82befa18960d30342e900ef0bf30cb818d8
bba4600c34d7faa9eabf7e847754300bdf72001dc3fd719b440a604ea043fa89
bc1c5116372a096c20b3dc0f9ba5a213f58d7d51b02684fdab2d0205c155d406
bd202b660efa1045707e0cb18fa35400e47c8d212759bc9de7f94b9bf03be787
bdd1024a5742568510ac9b59a2998bb5d8237d1e9dcd006438c812e40a2d04f2
be501dea12060c49191862485cbc7e82aacd9fa4e365b94cd760a2b7c16fe201
beb098450970d48b2ee67eae9429763afcd359255f8f306fac588ec793511f85
bedcb6bdf5ba5c9509cc8d5ac8252780ffe9b45e6cdbc97b9ad30ff0afac0ffa
beeb0c539cccc92378ed6cede20b6ead265c3cfe28846b6d1c9df215133dfad0
bf6ef9f2ec28cdef4f1e3b49e7c0b2a6f05c027fed9f2d685dc7815a2a76c355
bfa0e896ced23d361435d2a446729aca52f205f405853b53f9f8cff0f8e448bd
c06b23b9341bde1c8f4e496140d30404cbba9a58e979451662b3db86ffb49231
c090272509ffc649655fa540aa7dfda0dfac422e567643d6cf3199af99f76e06
c0a7466f935bd45172a588eb763429df7bda9ab919c2fa241efa9b7bb1c5a805
c0ede55e07808086f5f53fa95aa32992335f4cf4288630c24b08b1e06504676f
c119710b71ee981ff6d18c6dac3d00f96c9453aa7c8e02db90edfbb11bfce9a3
c1262cb4f447befae822d191cf0e36b5b641a2d5dcfee59688c121f735965b24
c147a474274e2eb22b2f4a539e09605f36f7ba573518d6e75e518ca1c3ccdf6a
c1dbab658e4bc742cd35850ae59b7cdcaf7d46d5b9000c8f86cac14df44350f7
c21a9558d8e958bd4503900f96ea2791d4249bafff58ddcbc98ed17520589c02
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22c1f9479535ebb7e6de622e30f1b0728fbeace42092fe0ce6480dfe26e1566
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c277cb839bac2bf86d6508ff6cb9e1cb6541b71a4d89ba614a8d74d04a0ffc1c
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c2b957dec9b4140f0e30a3da534686fd2f611bbe2e56b13df5a06704dc68e387
c2da1bde386dc1e71e6f0cf3ddcce6650ba703109c5194f52c991f48755ad806
c30d8fad72da999ba035cf6f404830690175561fbcaf961a42ee0028097a1741
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c35c2f8c0a4c5930d155ff7e6869d4b46597e2b7ffb9da79845ee4b63597237a
c35d1d0168a16a19508270f39d08536d6063b40f3220856151bd17b84d3c6637
c38e076da21dc997a97ba46c2464b656b9ab308a34318c250fb42b77e0588172
c3bd136565d7bf3faf6ae314b3f1b8e49657d5646802941816d78ffefd3d3b9e
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c3fae2fb751cea18b5a06bc64fb9f3e5ec8c5742492e32741f127b6ace238b8b
c41b8b46fb065a0bd44b64f999e6a5330aaa3b37b841b50456de3a1cc891786e
c45a643b541fbb82fb7499bf5a3f2c6a907b2c1cf038ec8d302aaa2d2945c83f
c49e45c8091857aefb1439ad1925ccfb44a42379967aea637557a66e0abcf3d8
c4a6d78d55951081d4fca1d9c4058b3db7ee701ab7c4409f43825e0dc3dda334
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
c52321b8b0a3e79c3b3282745c7403b035e58542b50e14287e4769aff7dc3a01
c5a61134a6532a5623e5055442e4b88e247c0a5c8b0f8c1a9c6e2bfba6bf422c
c6755df647efea5cd2480e281523283cd765dc5e41764f9bc5b994f09681ba89
c7ad2fb033696f6b193dc1e4ef7d353c1d9a4d4a39772bdd0b44175704986ef8
c7ae5eed69990707fe63adc6cc0a041c38537171c65b12540fbd3b75488d272c
c7f4979d3521c0cd9a8dea55f7dacc41ca63af1a92a9d9831ddb0293b24b796e
c819b0f32cc30e575ab109d473047a1650045054249c058a4992e6855af9ef81
c8adf0cf748084ad7ca03aa6ab08debbd2ff04c3451e40cf06d84e81586eb223
c8d9f0f7d98a471bcd204d54ecc8ff64bbee76e1190df4147de27b4f3c461866
c8de146b9c8747aa6274679fc15b0214c5e57633ec3dea36dc7abb0fb4171df0
c9406a92f81fad251295cd64386a8bb62ee7503f589ae1b96893faae2f4fcb18
c9e866221faec009b99517d7f0cadbe0ea66320a6e188b09c0db5993994e2654
caeef50f5740693c63c199175995cd8f07c64483c3da22825745765eec1a53f6
cc701977877a09c9476c838dd55a05eb15b234eb32231f50dd25028a2e0f01bf
cc94c9bbc1994c3135ab5ef641898bcb19d0b95ecb70e295583c616b02384e2e
cca9e85045b1b3960a8c9424294b88ef5a8bad4a66f01f386bce88561a837518
ccfacc0f13640cfb3f4b2418a7ced4c21527c23a892ab991164ff0d37e796de9
cd0038772a98bda5ec58eba7ca6dc699314b866e14a3a5f45921847d033873f1
cf6190b05ceacaa8a1eed0e125108b85ca7683ed43a29d488ba5772acead4f81
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
cfd9c7292a9aa0f05910f94e4e30e7cd245d7c1c488b235d841055719cfcfbbc
d087a12e8544847a0f3a994b9ec757da314536e27096c57b1ff4973f7801d19d
d09abe119916e9ca866d8bae759927ebab3cd86959626758c8fcac93bcc492a1
d09b6d6f91345fdfec3092dd07a84ea24588d93d645ad0deff345b7569bd0edd
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d0ec919c36caa397f3efeaf0254f2d7438568779796b6163b8ccb04f0cc9782e
d18a0693047f427f7c002606a1ddd5d2960741ec7c7819a7c06abeb6cdbe799a
d1c13ee5e977bc86060cadf06a3d5e3c6c38ea824d10218f77aad956504ae7c6
d2cbd06b121b6f1a157e54eb8d86458b22ad7e560a319ec558ea39ab6d0ddede
d38406cb23368542e3f3541d4382c9d6b5020ffc61d6c2340ab7a03deddd193b
d39025ee51ca2000dfc79c34dfe83e838c67c8a0bc55ba7b0158ed74db3ce822
d43e33aaceec56e77702be0c3cd61dba367633c79f5d4c63bebb72e44a5bdec3
d4e5d51ba22f40e63ab5a24b3625938d6ded9884b78ae57c0441682f96f3c488
d4fc02281636eb949dd4bff91fbe07df0c55e6dc241fd49bac240074584d37fc
d537736cb25631ac87c7045323d2c6d628434800db7851a168f26ee0ec51ca88
d5b5f26ce8eaac0feb14e0709bca90e36f7e6d6769927a55680e8d44842d48bb
d622e135027aa34bbf8d5befd82be0716b7c36a6f2119930716b64e24027d9ac
d67847fb8e632014c2d9d6243703f1c84237b2e31f959532f8d011e86521f48d
d6a301c45c6cb9f27dab1cc04374a1826105245aee46eb32264419ba2179ea1b
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c
d7df8d307003b3d26b1ecec2eb898ca584bc25e762bd4b15654d498554b269d7
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d8bc530813505fc3e4d30358def81f78b2c8afbe77892d78c54749d9b1279ff9
d8d220548b8575be7cdd5b469e3d51d701874704a891cedf6f9471764fbf6999
d916ec556171da2363098a48450e2c1725097ee84e84663c2cde258e379f0b29
d96935771a56143abd91ec9d9b5198749141220353e92db61821909d363ef285
d96a2912050b24a4cab2521e8595877fc97afe5f55299cd205ea7d5652dc78d0
d99b2d34c343dd1405ee9476e4238bf2d1de6a7395954042f5bfefe3a98caeed
da9fea0590445e1013bfe4cb816e314baecbdc7724d8863fcd5766e0fb008c1e
dc1c2ffc79fc7d1b3cec58dc05b8afb808703df7e64249c64f15060771b7769c
dd3bf7a02e828eb1c9b59675152e1c3d47c1c75699d83e99a7d570ac5824c9b6
dda6e7f335f0c67a7bf0f8b1f98e36f82ce97eb1b6b9c42dff8409395c7448ee
dde67098f3b21db587a1a0fcbaa8d5c9bfcc71733de092723333ee5b18fc9b30
ddf880c9afccf1fdafbb6a6d610484db1a774194726f4fef9081e5f4512f675e
def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5
df375ce42a5b2ba54ca7de52194af53687014078957b4d6f03c3165bb377af28
e02f46e85f6770be2421ab66bd10b74fbc709975e876588ece1965fd533aec1c
e0a24317c4d3f3b0c9d1093ed5a6043e4a2d9379027367fb9706a4f1e765b7f6
e0a6bde61a097053c49791ec3469f36cdb9cc52b371794b165c7d0156ca446d2
e1462d71a40ceebf3bd8016ff75e134d9d4c561dcb1334aff77db3a34ea3d842
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e1df36063f73dd075d057b442df87556bd2253e2fc94bd6ea8f0f84da0b310dc
e1e8f8ad1620e720acffca7e8388ce92ed23dd3c844eb09390e990d2602f23c3
e20df1d628532bf9ce8fc5c14396dae31d0e8433179e8fae41627447ff5c40eb
e21250275f309ebc467c74db2e7e5a9fb23f5fbc1aada0b098387165921742be
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e35f27aae5bde0d96a30c05c0f467112db85155f5caeaae3f508b82f7b498d35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ca49ffede4c122326a45744dbb2e293b023cc9d6c85bba18c3924c60fd30d7
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e525bf9e7464b8bfbd8903ec04e5f75108a37d728718fe4cb6fe09f1022ae739
e5a098542163dc535e0e3c4ed1bca8fcc8a13f0b827027385af73b8d3db5fa38
e5a170a742d15bfc589c719799bf911ba5c6fdc78bd480efd431090053b22ccd
e67377a143d3795e2f213404a8e5ccf1b8573c189bf35fbc192f9a8cd4f678c0
e6b4c0d79f864a0d5e28178afb2e6318b2663a6258f9e5b52b19ba6b20f17475
e72021ebf668fe328d644491ccff40f65d70f80a8aa4b627d7d82a98fb3982e5
e7dd3e1255adb51c5e44d8129a793877d4d213a7f805a8a8d4e74785aca8d999
e7fb06057071103d252bdcb9337a5989f95473da72958f18acb58305e8849b31
e850199e8ff047212c59143b03b595f721521b892fc045f3dec8a86665be6e48
e8bc8685d26ddb09b64fef69e9b870e864f2a9a17f893a2f7a6408aac12cd7dd
e917ce1f760bff13ffca93970bfa8669dc84b66316654aa99d615ebacd409e1e
e997cb350e3843b0d194c453e2c2261c298ea526f88034929c871a054e0f8b2b
e9b8b03a84dc45a30ca886bf10f8d81b8fe7e30497956329defe23d65095aa9a
e9c3b455a15899e9e149fd6119d046b56bc5ce0b759770e6b211dfdb15488dec
e9e70f7c98a765266ac4aa357bf1303b2d8377753d4559a02e8ec6f08efb06c9
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eabda88ce2fa9f149b5ba7c62fa731f56c73d4985fb6cc6c6605f7a8efb4ba27
eaf3f04b75d3dba33f2ffe10fb1ebe6297f3239976f7aeec02954eb3d40f7130
eb5e8b5c5d79c826297ee243a45577ae97c5e193d33ca939c1c090a937a31546
ec64d76f3e4c5b89804f72cad83212ae95ee4ea6b9a44153541468be533bcd3c
ed64681c89dcc5485cc6b7640b4544a2ace9fa28f386b4ebc77445966d2ee723
ed9aa17d757c048868be6497330ebe3a3cb6210b5fb95de1eadf119a1ebb0b0a
ee715f0c64fb5bf26cfadd63faac10ae4db44ced8e20864b7de7c9ccc38256c1
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eee9944b2e10a522355af1caf30f610c148501899159eaa909c77162a16a144b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe6d73c1137914eecc3ffd17da0ca57a41a6cf41c84cf0978d483ab1de78fa9
f0176eaad150c838655ee5d8ad913f9ed20fe0ba5098034b6fab9fc4cd4a05f1
f02f628d2897fe82fca95a02934a82b987052a36ca735dd1004fe5ec9c8befc8
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f133a4f19c382654cc2aa3fe7e3fca4ba3863ab63ad501b88769477c319273a4
f139ca50b937598b422258a306b7229d1f08f72d553617c64751ed7746ac96ad
f162bdd9ad62b96e19bcb2c5ea7398d3e618bbc3fce45627f16dada9d3f0be7b
f253a7f880df1f56203514aa5070d0d92fd18b0f27e5af07761c09681ace70d8
f278dc0f221d61b8bd847997b6a94ec18b5d17b646333bd0683820b67fe9e6c3
f2974b7a5c066f032ac90de6d4e13445db326eb30f94d7b87dc9e6d7cc076ba5
f2da60aa703edb402a849c136f501329e5a5b5c8d80398a79f30e67f9d43fe56
f2e84baa09b6522065865ae1e76e94ffa1e5469ec53c31579405f2f2c7316238
f2ef1bf727e6b2559080a67c54ef5591268d984661dce94e3ac15b3585519796
f2f8c7997f52d388163a69b8832524663fd4b607f83cdb13ed9c6e928ad71fac
f33f8daf4b3e2e2d5b3f249104e1c05cc91fdce04e2bcf14198fcb1b1ced9e77
f37d002f325209a73881cd665d33e9f70726ab2f17c544d1f2cd5154e8b441ee
f39baa60b8fa82d9f4b019795085e44ed3d5a416b7761a4025b105eeff63e4c3
f49668faaa3548ff08a52db4f0177aa5176c52b7a7279cdbe5492ef67ba9285e
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f51fe01f2785b88e280d05804e5117bff086d8f889a5363c63d98cef56a39377
f59fa0e1e7cb3999c1da5cf36974ea32b7b5b1181f6caaac83b67df9f7187b8b
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f60e45bb98ff03273f6a41479c468f94a92f1f6672b094c7fc5ad0be8bc4a598
f6d9d95a0594ee4d71d14f131cf8345e091091bf66be36d912aec92771b0c52e
f75166655748244b5ceb65b34ea7ae26f32655ecf1fa43da042ca3cfaa58c23d
f75c697e773659050ac7b4ce1215db4c1c236bf0b5ba0261e43ad7b2cb860be3
f9082457fd75f628feec9ea4849fc2ba95eac699f39c54fc8615a30d7f8c92a0
f926209935ca9f8bafca9b4a40545b04af2fbe2f1a256036e4d6bbe2d048b8a7
f961b4fc6fee4825bf1acf6308789d27c178b1acbc44abe593e0660eefec623e
f9c71569e3fa8264df6d385249718329b1bb103e8e22d8a0d91dd350d8868970
f9dc48876e984d8129bfb01a1571b3db418b1d5e180560fcb2b4388c2565ce08
faa40322caecfbe89091971ce1ee304c3e01782efc2e1039f159cd0fb39f6ed8
fad56e8cd64f74ce29cf47f57a1d525c3776d928119549bfa7c530d389baabff
fb1eab644c1e5f56be6b72f8627552cb4042a79c5dad066f4929f06eb13ac6f9
fb64750d41658ebca9a30dbd0605bf86c0c77e3fbd67a6582b5d7cada9bac685
fbd4a9afd2c212b933766c0376e928fd3a3964b819540bf825a703b7574d8e33
fbe63de32afd856a3b56af22f7b8e8b079a57150aa9b7e8ab80561e1a7c8bfff
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fbff32993cb6e6137115c4faf797b618accc19a0bf5c5ab47757714e93c24b15
fcf8637a53f0aac6a99c49046b5c03f398854c4b371f4324b559d39c8f42e9e2
fd70dfbad797b505e044300451184e5984d83a48b48aae6103dd0b55556d2674
fd93ebe422d682c0e568986cd2e9328bb2e03b70b66026b5f0e19a8d6c6d896c
fda790b31bc2377fe9e3f381f60666c48027cf8d812f4a2b6bdbc5e6f66fe808
fe41aaa1ed6e7df7cfbf435e232aa8f6b75acaa3442754c001c382c5f9709619
feecf2a93cb109094da5c3f65141e46b2955524b87fdff49711bf0e3ec71d06e
ff362dabffed44391ad2790d7d2a290321bdb9fb9d7bcc107f04981dd3411fb8
ffc919cf686a508d9144e89fab34ce122aabbc8c2f4376e98f4d66b047f16c92
fffc1c7f462ed0f36a36a415c9b76563b464e4033f5e968ab1cca34b018cc8b0

earnme.club Open in urlscan Pro 157.90.71.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

1837 Requests

95 %HTTPS

34 %IPv6

78 Domains

148 Subdomains

126 IPs

10 Countries

21098 kBTransfer

54832 kBSize

57 Cookies

5 Outgoing links

Redirected requests

1837 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 23 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

earnme.club Open in urlscan Pro
157.90.71.190 Public Scan

Screenshot
Live screenshot

Full Image

1837
Requests

95 %
HTTPS

34 %
IPv6

78
Domains

148
Subdomains

126
IPs

10
Countries

21098 kB
Transfer

54832 kB
Size

57
Cookies

1837 HTTP transactions
23 data transactions