Submitted URL: https://bit.ly/35nGHMN
Effective URL: https://earnme.club/zero-8i-from-infinix/
Submission: On March 31 via manual from IN — Scanned from DE

Summary

This website contacted 65 IPs in 8 countries across 52 domains to perform 347 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is earnme.club.
TLS certificate: Issued by E1 on March 8th 2022. Valid for: 3 months.
This is the only time earnme.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-CL...)
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 12 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 8 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
18 142.250.181.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a04:fa87:fff... 2635 (AUTOMATTIC)
1 192.241.157.60 14061 (DIGITALOC...)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
5 100.25.93.71 14618 (AMAZON-AES)
1 37.252.161.190 29990 (ASN-APPNEX)
5 34.98.64.218 15169 (GOOGLE)
2 147.75.38.124 54825 (PACKET)
3 51.75.86.98 16276 (OVH)
1 6 37.252.172.123 29990 (ASN-APPNEX)
2 184.31.84.150 16625 (AKAMAI-AS)
8 52.28.203.152 16509 (AMAZON-02)
4 2602:803:c003... 26667 (RUBICONPR...)
1 34.107.148.139 15169 (GOOGLE)
3 34.149.20.76 15169 (GOOGLE)
1 54.145.157.73 14618 (AMAZON-AES)
30 2a00:1450:400... 15169 (GOOGLE)
60 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 141.95.3.40 16276 (OVH)
1 18.204.184.124 14618 (AMAZON-AES)
1 3.248.131.63 16509 (AMAZON-02)
8 100.25.50.170 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 142.250.185.194 15169 (GOOGLE)
1 18.185.154.236 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 19 142.250.186.34 15169 (GOOGLE)
2 9 23.35.236.247 16625 (AKAMAI-AS)
2 104.111.242.245 16625 (AKAMAI-AS)
4 68.67.179.154 29990 (ASN-APPNEX)
1 23.35.236.188 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 15.197.193.217 16509 (AMAZON-02)
2 2 213.19.147.44 26120 (RHYTHMONE)
4 4 13.248.245.213 16509 (AMAZON-02)
2 2 3.120.46.173 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
3 3 3.65.16.69 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 151.101.194.49 54113 (FASTLY)
2 4 69.173.144.138 26667 (RUBICONPR...)
1 104.254.151.60 29990 (ASN-APPNEX)
3 18.198.167.236 16509 (AMAZON-02)
1 151.101.193.108 54113 (FASTLY)
3 5 52.46.154.242 16509 (AMAZON-02)
1 37.252.172.45 29990 (ASN-APPNEX)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 37.157.4.23 198622 (ADFORM)
1 44.196.175.192 14618 (AMAZON-AES)
4 4 69.173.144.139 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 35.244.174.68 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
347 65
Apex Domain
Subdomains
Transfer
100 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 125
712 KB
51 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274
cm.g.doubleclick.net — Cisco Umbrella Rank: 206
pubads.g.doubleclick.net — Cisco Umbrella Rank: 478
386 KB
30 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 344
664 KB
15 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 450
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1070
eus.rubiconproject.com — Cisco Umbrella Rank: 551
pixel.rubiconproject.com — Cisco Umbrella Rank: 348
token.rubiconproject.com — Cisco Umbrella Rank: 669
18 KB
14 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1149
1x1.a-mo.net — Cisco Umbrella Rank: 3669
assets.a-mo.net — Cisco Umbrella Rank: 6745
fav.a-mo.net — Cisco Umbrella Rank: 31223
fav-cdn.a-mo.net — Cisco Umbrella Rank: 30918
324 KB
12 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 795
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1133
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
ads.yahoo.com — Cisco Umbrella Rank: 1030
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 370
8 KB
12 aniview.com
tg1.aniview.com — Cisco Umbrella Rank: 9074
player.aniview.com — Cisco Umbrella Rank: 1841
track1.aniview.com — Cisco Umbrella Rank: 1778
go1.aniview.com — Cisco Umbrella Rank: 4780
260 KB
12 earnme.club
earnme.club
169 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 7
adservice.google.com — Cisco Umbrella Rank: 76
2 KB
9 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 470
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 568
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 536
19 KB
9 adnxs.com
prebid.adnxs.com — Cisco Umbrella Rank: 1566
ib.adnxs.com — Cisco Umbrella Rank: 245
acdn.adnxs.com — Cisco Umbrella Rank: 560
secure.adnxs.com — Cisco Umbrella Rank: 436
23 KB
9 gstatic.com
fonts.gstatic.com
220 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
imasdk.googleapis.com — Cisco Umbrella Rank: 405
324 KB
6 adnxs-simple.com
nym1-ib.adnxs-simple.com — Cisco Umbrella Rank: 21643
ib.adnxs-simple.com — Cisco Umbrella Rank: 9289
crcdn09.adnxs-simple.com — Cisco Umbrella Rank: 11618
1 MB
5 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 278
4 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 169
181 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 257
78 KB
5 openx.net
digikulture-d.openx.net — Cisco Umbrella Rank: 22620
us-u.openx.net — Cisco Umbrella Rank: 399
u.openx.net — Cisco Umbrella Rank: 730
838 B
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 325
2 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 389
mug.criteo.com — Cisco Umbrella Rank: 2685
1 KB
3 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1151
649 B
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 873
2 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 326
793 B
3 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1486
697 B
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 841
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 800
s.tribalfusion.com — Cisco Umbrella Rank: 2468
1 KB
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 350
937 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 534
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 709
2 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1005
344 B
2 google.lu
adservice.google.lu — Cisco Umbrella Rank: 149928
914 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
361 B
2 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 1651
3 KB
2 tnlink.in
tnlink.in
link.tnlink.in
970 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 385
708 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1094
47 B
1 adform.net
c1.adform.net — Cisco Umbrella Rank: 571
331 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 418
506 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 575
538 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2899
104 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 431
9 KB
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1694
334 B
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 5351
485 B
1 rlcdn.com
api.rlcdn.com Failed
id.rlcdn.com — Cisco Umbrella Rank: 599
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 607
529 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1198
906 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 782
416 B
1 hbwrapper.com
cat.hbwrapper.com — Cisco Umbrella Rank: 18594
256 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
65 KB
1 adapex.io
cdn.adapex.io — Cisco Umbrella Rank: 20752
131 KB
1 bit.ly
bit.ly — Cisco Umbrella Rank: 2814
280 B
0 netmng.com Failed
google2waycm.netmng.com Failed
347 52
Domain Requested by
60 tpc.googlesyndication.com earnme.club
securepubads.g.doubleclick.net
cdn.ampproject.org
3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
tpc.googlesyndication.com
34 pagead2.googlesyndication.com earnme.club
pagead2.googlesyndication.com
3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
tpc.googlesyndication.com
srcdoc
www.googletagservices.com
securepubads.g.doubleclick.net
30 cdn.ampproject.org securepubads.g.doubleclick.net
19 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
earnme.club
3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
16 securepubads.g.doubleclick.net earnme.club
securepubads.g.doubleclick.net
12 earnme.club 1 redirects www.google.com
earnme.club
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
earnme.club
9 fonts.gstatic.com fonts.googleapis.com
8 1x1.a-mo.net earnme.club
8 www.google.com 2 redirects earnme.club
3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
tpc.googlesyndication.com
7 fonts.googleapis.com earnme.club
securepubads.g.doubleclick.net
3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
6 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
6 googleads4.g.doubleclick.net earnme.club
6 c2shb.ssp.yahoo.com cdn.adapex.io
6 ib.adnxs.com 1 redirects cdn.adapex.io
player.aniview.com
googleads.g.doubleclick.net
acdn.adnxs.com
6 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
5 www.googletagservices.com 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
5 s0.2mdn.net earnme.club
imasdk.googleapis.com
5 track1.aniview.com earnme.club
player.aniview.com
5 player.aniview.com tg1.aniview.com
player.aniview.com
4 token.rubiconproject.com 4 redirects
4 pixel.rubiconproject.com 2 redirects earnme.club
4 eb2.3lift.com 4 redirects
4 nym1-ib.adnxs-simple.com assets.a-mo.net
earnme.club
4 fastlane.rubiconproject.com cdn.adapex.io
3 bs.serving-sys.com earnme.club
3 pm.w55c.net 3 redirects
3 match.adsrvr.org 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
earnme.club
3 ssc.33across.com cdn.adapex.io
3 onetag-sys.com cdn.adapex.io
player.aniview.com
3 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
2 ups.analytics.yahoo.com 2 redirects
2 pixel.advertising.com 2 redirects
2 sync.1rx.io 2 redirects
2 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
2 js-sec.indexww.com player.aniview.com
ssum-sec.casalemedia.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 assets.a-mo.net cdn.adapex.io
earnme.club
2 imasdk.googleapis.com player.aniview.com
imasdk.googleapis.com
2 c2shb.pubgw.yahoo.com player.aniview.com
2 mug.criteo.com earnme.club
2 gum.criteo.com 1 redirects
2 htlb.casalemedia.com cdn.adapex.io
player.aniview.com
2 prebid.a-mo.net cdn.adapex.io
player.aniview.com
2 digikulture-d.openx.net cdn.adapex.io
player.aniview.com
2 adservice.google.lu securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
2 secure.gravatar.com earnme.club
1 fav-cdn.a-mo.net earnme.club
1 fav.a-mo.net 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 id.rlcdn.com earnme.club
1 ads.yahoo.com earnme.club
1 px.ads.linkedin.com earnme.club
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 c1.adform.net ssum-sec.casalemedia.com
1 pixel.quantserve.com 1 redirects
1 secure.adnxs.com ssum-sec.casalemedia.com
1 crcdn09.adnxs-simple.com earnme.club
1 ib.adnxs-simple.com earnme.club
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 ssum-sec.casalemedia.com js-sec.indexww.com
1 sync-tm.everesttech.net 1 redirects
1 s.tribalfusion.com earnme.club
1 a.tribalfusion.com 1 redirects
1 dclk-match.dotomi.com 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
1 u.openx.net player.aniview.com
1 acdn.adnxs.com player.aniview.com
1 cdn.jsdelivr.net cdn.adapex.io
1 prebid-server.rubiconproject.com player.aniview.com
1 id.crwdcntrl.net cdn.adapex.io
1 idx.liadm.com cdn.adapex.io
1 id5-sync.com cdn.adapex.io
1 go1.aniview.com player.aniview.com
1 prebid.media.net cdn.adapex.io
1 prebid.adnxs.com cdn.adapex.io
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cat.hbwrapper.com cdn.adapex.io
1 www.googletagmanager.com earnme.club
1 tg1.aniview.com earnme.club
1 cdn.adapex.io earnme.club
1 link.tnlink.in 1 redirects
1 tnlink.in 1 redirects
1 bit.ly 1 redirects
0 google2waycm.netmng.com Failed 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
0 api.rlcdn.com Failed cdn.adapex.io
347 88

This site contains links to these domains. Also see Links.

Domain
earn
i
rasik
wordpress.org
usanewstoday.club
mhthemes.com
Subject Issuer Validity Valid
*.earnme.club
E1
2022-03-08 -
2022-06-06
3 months crt.sh
www.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-04 -
2022-07-03
a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA
2021-12-30 -
2023-01-03
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA
2020-08-14 -
2022-11-16
2 years crt.sh
cat.hbwrapper.com
R3
2022-02-05 -
2022-05-06
3 months crt.sh
*.google.lu
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1
2022-02-28 -
2023-03-31
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.a-mo.net
R3
2022-03-08 -
2022-06-06
3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-12-12 -
2022-12-13
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-03-08 -
2022-08-31
6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA
2021-04-12 -
2022-05-05
a year crt.sh
ssc.33across.com
GTS CA 1D4
2022-03-22 -
2022-06-20
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-04 -
2022-05-03
3 months crt.sh
*.id5-sync.com
R3
2022-03-08 -
2022-06-06
3 months crt.sh
*.liadm.com
Amazon
2021-10-31 -
2022-11-28
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2021-04-29 -
2022-05-31
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
teads.tv
R3
2022-03-23 -
2022-06-21
3 months crt.sh
*.adnxs-simple.com
GeoTrust ECC CA 2018
2022-02-25 -
2023-03-28
a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2021-12-10 -
2022-12-09
a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2021-08-10 -
2022-09-11
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
bs.serving-sys.com
Amazon
2021-05-10 -
2022-06-08
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
adentifi.com
Amazon
2021-09-04 -
2022-10-03
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh

This page contains 40 frames:

Primary Page: https://earnme.club/zero-8i-from-infinix/
Frame ID: D7623A44641439FB3FF1A5AC0DC81729
Requests: 91 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220329/r20190131/zrt_lookup.html
Frame ID: E6AAC79A190BE76CD75024284AEF3458
Requests: 1 HTTP requests in this frame

Frame: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 718613A480EC08EB283FDD0C53D3E21A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8166901308023325&output=html&adk=3826760629&adf=1341073466&lmt=1648708164&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648708163892&bpp=2&bdt=263&idt=134&shv=r20220329&mjsv=m202203240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3263859720684&frm=20&pv=2&ga_vid=1040166477.1648708164&ga_sid=1648708164&ga_hid=1800107939&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065921%2C31062930&oid=2&pvsid=81520691052323&pem=267&tmod=1684429973&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=151
Frame ID: CBD8AE6962C664CF98A7F8BD003D4E62
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61236c658d8f39735560c155
Frame ID: 0900200856C85EFE2A041D7D193A37D8
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 0F5A1CF7416A0962AFF386DF2EAC3BB8
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 22F67E937135A8A5592E2536CF2AF882
Requests: 18 HTTP requests in this frame

Frame: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 85939B150A91EA8EB9A1F441FBB32FA5
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 8C990F40248396025B80F6259E64D01F
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: AFA4A79E3BE208A6D059760158AD2207
Requests: 14 HTTP requests in this frame

Frame: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 251DA36E8317FC711DFEA0FD2A944F0E
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiY8ZG_ATAB&v=APEucNUtKycfrMQq_cQXRqpVA6wlsn5djL8CwdGjmgGr_deY4tOreZug0zd10TzCRimCBZsnF-MpfLpooMUPHPq17w6LBCj_2w
Frame ID: 7C5674D844B141DBB32C4F5A983C8200
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/abg_lite_fy2019.js
Frame ID: 93F3EB9EBCC31F81DA4FE8D766D050E1
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiKrqDAATAB&v=APEucNVptvNw0JIOAKYHNTbpUikPe7JeA1CRuEaiTq_3RVXwZ7L_QMDCUUexEJMqfW48DKCs4zPct_S8VLaFyuJf0lzRzfMgjA
Frame ID: F3B402ADE4F72692A2B000FCA6E2010B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: CF2D670026FE3B350EA5570275EA5A7A
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1418AAF5D650EF205E4C0AAB948B1B45
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 67CC27999D1DFB0F96F7144D8379CDB6
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 3DA9B5FA8C4AEE962837BB08AB4C89BA
Requests: 14 HTTP requests in this frame

Frame: https://cdn.jsdelivr.net/gh/bozghiyy/native-renderer@latest/universal.creative.js
Frame ID: 8D42BE942940CF90E84DDD36329C5C90
Requests: 19 HTTP requests in this frame

Frame: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0C9CC04E64CA023EE7B8A2051894C0CE
Requests: 13 HTTP requests in this frame

Frame: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 75BFB0D6F5CE65299F9AD647C1F6C411
Requests: 14 HTTP requests in this frame

Frame: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3BA26FCEAEFDEDAF038474035E5A7D24
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiA5pK_ATAB&v=APEucNV8kTYAGRAP0VPk0eHOySC1_9ZUI0ASDvCZD2raaz6XAlt13Bkkg-Hb_x7b3zQUZkFAvQ5S43bgvHsiAaYfV7PhiR5_m9O-8rMNaNCYNChgR4QxOrXYERuETEsKWX3e5JaEjdq2l-EBKae20N8f9AGRCjxYv3mWqDLtajhiAY98QiiQU4M
Frame ID: 7F6FE982AFE0FA4D94C55406936253ED
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiY8ZG_ATAB&v=APEucNW04g9ZRkt_6KSHIrDBFbBhDckzc0ZOuvasB4AyboAzZJsfYCcjtZZOAwZ1hzp2SOfuwQwYghVTSJt7gK0vt2qmaC5XAX_OLmggtLcmJpTUVnfwfnHio9r0MJ8ONtuw-2gWNqgarO6D89x_7TyL9EMSnfgXDM42N_GW-hZvTJDYDKLRuuE
Frame ID: 678344FDEF58F27F8FFF6EF7F2DCAC72
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/index.html
Frame ID: 6DF63189A7583E9D863863CE64629151
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3E7940D0DBB0B7E2AC0AC61FD167D87D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2BF582DA1E1BB698667C29575AE02410
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DDF7E9807ECB641B87F15EFA5B774447
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A804326F19D3D4A1164FE875B42594C7
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.508.0_en.html
Frame ID: EBFA12A0C2D74F9F1F5F2B84A723D4AF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E47E17A57E4331F1C53C05B7EFF5E509
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2764C2C0C4F18C454788BB8F69CDE88B
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D2C4F37E1669FFC2CA15BA13414C081E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 771AC72A3F2482F4AE0E4E035A2A0F0E
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1648708165143
Frame ID: 747471D9830695D33E0D8AB9CF6D1E21
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5BF28B44B0A1040A63A4A88F69E21EAC
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: E4C2B38FC8F11D4C2C3A71C67E5A6881
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5C9FDDAF05F08068B246BF239FB2CB04
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 72EF166E67EAF7D1899B8B31C27F800E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DF50361F78581D3D1801679D06FAAD35
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Zero 8i from Infinix – Tech One

Page URL History Show full URLs

  1. https://bit.ly/35nGHMN HTTP 301
    https://tnlink.in/108Gb HTTP 301
    https://link.tnlink.in/108Gb HTTP 302
    http://earnme.club/safe2.php?link=108Gb HTTP 301
    https://earnme.club/safe2.php?link=108Gb Page URL
  2. https://www.google.com/url?sa=t&source=web&rct=j&url=https://earnme.club/zero-8i-from-infinix/&ved=... Page URL
  3. https://earnme.club/zero-8i-from-infinix/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • serving-sys\.com/

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

347
Requests

88 %
HTTPS

42 %
IPv6

52
Domains

88
Subdomains

65
IPs

8
Countries

4979 kB
Transfer

10878 kB
Size

46
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/35nGHMN HTTP 301
    https://tnlink.in/108Gb HTTP 301
    https://link.tnlink.in/108Gb HTTP 302
    http://earnme.club/safe2.php?link=108Gb HTTP 301
    https://earnme.club/safe2.php?link=108Gb Page URL
  2. https://www.google.com/url?sa=t&source=web&rct=j&url=https://earnme.club/zero-8i-from-infinix/&ved=2ahUKEwinyYX0v5X2AhW2yYsBHcAmD-I4MhAWegQIGRAB&usg=AOvVaw1N9mUF8GZmkp3HhOJmlhDy Page URL
  3. https://earnme.club/zero-8i-from-infinix/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/35nGHMN HTTP 301
  • https://tnlink.in/108Gb HTTP 301
  • https://link.tnlink.in/108Gb HTTP 302
  • http://earnme.club/safe2.php?link=108Gb HTTP 301
  • https://earnme.club/safe2.php?link=108Gb
Request Chain 129
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=nuVARnw3eUlxNTZzRmxFcjlTRDJ1ZWp4YXhCUUlVUG9pZ0w5TlhlM0s0Z2U0akptNHpiSGp5NEZzYmRUWGlXMTZGYnJVWlJvYlhxNWFPdkltWVY4NGR5bmY4eGNnWXIvRUV4b0s0TW9ubEF0dmlNYlV2d29aS3JpZFU1L2FLdnkyMTIzQUxMZXl2UlpURFJRWHRNM3NvejNiWXh1c2VQVXJrempZSHBoTjY3MXRiT3g4QURubWI0YkoyNHJmbzNoV2paNm5zU21GeFpiR2Nya2t6TCt0WFZVaXNCc00wcVM5b00xaGZuYkVISWhJV3NRPXw&cppv=2
Request Chain 174
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 250
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0jX3_AJCh2cGMZ0RwDCj4&google_cver=1
Request Chain 251
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkVKRQwlvWE.CejJfgNxpwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0jX3_AJCh2cGMZ0RwDCj4&google_cver=1&google_hm=2
Request Chain 252
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEJpyquqliPX8z5f0hS_ilA&google_cver=1
Request Chain 253
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg5NDgxMTA4NjcyMzIxMDMxNA%3D%3D
Request Chain 254
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDPd0kjJT1bnTBUFzxR61gs&google_cver=1
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEJnhbBqCnG-dI2aZRvtZEEI&google_cver=1
Request Chain 289
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEOuD1-umrv1JdKGLuV9WW7A&google_cver=1&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
Request Chain 290
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESENbOXo1L2sASfldgNrmXn2o&google_cver=1&google_push=AYg5qPI8eV4mU3DEG74YLZPiPSYs-l8H2iqQS2Oa6AKCGO3ZHgZb60X8yoNhcHiT32FwOTf_NLuM6pux15YKjtdmgt-W9NcNv9vZ HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPI8eV4mU3DEG74YLZPiPSYs-l8H2iqQS2Oa6AKCGO3ZHgZb60X8yoNhcHiT32FwOTf_NLuM6pux15YKjtdmgt-W9NcNv9vZ&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1648708165814 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI8eV4mU3DEG74YLZPiPSYs-l8H2iqQS2Oa6AKCGO3ZHgZb60X8yoNhcHiT32FwOTf_NLuM6pux15YKjtdmgt-W9NcNv9vZ&google_hm=
Request Chain 291
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBrFrPkaaDBrcKFf4xuC7gs&google_cver=1&google_push=AYg5qPLfHN8DfHPV0Fa5joOgQJick0soZb-RfWJ2Pj1TqJjE08KfYgdMwkuKUKNXCrCEEO6ac7f4_M8tbDMIrEcDTibNou8wdDaz HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLfHN8DfHPV0Fa5joOgQJick0soZb-RfWJ2Pj1TqJjE08KfYgdMwkuKUKNXCrCEEO6ac7f4_M8tbDMIrEcDTibNou8wdDaz&google_gid=CAESEBrFrPkaaDBrcKFf4xuC7gs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTg3NTgyMzg1MjI5NDEyNDE5NzYw&google_push=AYg5qPLfHN8DfHPV0Fa5joOgQJick0soZb-RfWJ2Pj1TqJjE08KfYgdMwkuKUKNXCrCEEO6ac7f4_M8tbDMIrEcDTibNou8wdDaz
Request Chain 292
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEN3kRwuHin5jPfEueJnln5c&google_cver=1&google_push=AYg5qPItHkRf4Q4o1sy9mZ2c2uKu5Wk2D32ESmA_hN0wagrkDA0TfvQ4qjT4SOiySJAxQlPPbuPb0qRGXbsucaFLb8FQ4LeQj_9qUA HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEN3kRwuHin5jPfEueJnln5c&google_cver=1&google_push=AYg5qPItHkRf4Q4o1sy9mZ2c2uKu5Wk2D32ESmA_hN0wagrkDA0TfvQ4qjT4SOiySJAxQlPPbuPb0qRGXbsucaFLb8FQ4LeQj_9qUA&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEN3kRwuHin5jPfEueJnln5c&google_cver=1&google_push=AYg5qPItHkRf4Q4o1sy9mZ2c2uKu5Wk2D32ESmA_hN0wagrkDA0TfvQ4qjT4SOiySJAxQlPPbuPb0qRGXbsucaFLb8FQ4LeQj_9qUA&apid=UPe91b34d8-b0bb-11ec-92e6-06898ec754f0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlOTFiMzRkOC1iMGJiLTExZWMtOTJlNi0wNjg5OGVjNzU0ZjA%3D&google_push=AYg5qPItHkRf4Q4o1sy9mZ2c2uKu5Wk2D32ESmA_hN0wagrkDA0TfvQ4qjT4SOiySJAxQlPPbuPb0qRGXbsucaFLb8FQ4LeQj_9qUA
Request Chain 295
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKRLgnwmXdk8AfI_5U2O4_k&google_cver=1&google_push=AYg5qPLLhMNdFRA4bSoWVVSqQeGc21amO5LLxdoSqkWTXksy81XjSohMB9mffq5ktObLRvgS0FVqf4X7HUo-urOgoXCCdklNHTYMbg HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKRLgnwmXdk8AfI_5U2O4_k&google_cver=1&google_push=AYg5qPLLhMNdFRA4bSoWVVSqQeGc21amO5LLxdoSqkWTXksy81XjSohMB9mffq5ktObLRvgS0FVqf4X7HUo-urOgoXCCdklNHTYMbg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UkpmcHMzVG4xTnpPamI1&google_gid=CAESEKRLgnwmXdk8AfI_5U2O4_k&google_cver=1&google_push=AYg5qPLLhMNdFRA4bSoWVVSqQeGc21amO5LLxdoSqkWTXksy81XjSohMB9mffq5ktObLRvgS0FVqf4X7HUo-urOgoXCCdklNHTYMbg
Request Chain 296
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEMsnZvYRndQveqiEJ0-4RNk&google_cver=1&google_push=AYg5qPKzoH32jOnW8zk20MYQg22ZTbQgyWpmssq8lKGk2ri6CnRDzF5RvwyJX7wsW2v1fs2ftRribm46A6H4YF_sUL1Gh83-E6gk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKzoH32jOnW8zk20MYQg22ZTbQgyWpmssq8lKGk2ri6CnRDzF5RvwyJX7wsW2v1fs2ftRribm46A6H4YF_sUL1Gh83-E6gk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMsnZvYRndQveqiEJ0-4RNk&google_cver=1&google_push=AYg5qPKzoH32jOnW8zk20MYQg22ZTbQgyWpmssq8lKGk2ri6CnRDzF5RvwyJX7wsW2v1fs2ftRribm46A6H4YF_sUL1Gh83-E6gk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKzoH32jOnW8zk20MYQg22ZTbQgyWpmssq8lKGk2ri6CnRDzF5RvwyJX7wsW2v1fs2ftRribm46A6H4YF_sUL1Gh83-E6gk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 297
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKVNdqmsWgmm-W7V_W49Mqs&google_cver=1&google_push=AYg5qPLNfScmctmsfHrk2bfWAN9cJVOO2BqbN5TiK-AlI_AgCelSbwyUfWdhc4zwYneJ8Fe3V7m2G45NyX4q5PgArk5_h2133HqHjQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKVNdqmsWgmm-W7V_W49Mqs&google_push=AYg5qPLNfScmctmsfHrk2bfWAN9cJVOO2BqbN5TiK-AlI_AgCelSbwyUfWdhc4zwYneJ8Fe3V7m2G45NyX4q5PgArk5_h2133HqHjQ
Request Chain 298
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIPOndSS7RuLA1qOoHt4KMk&google_cver=1&google_push=AYg5qPKDb9nFWNllMBLDWchLb3uXDcTFJJqgZsHe2cP1yO8mJbx8K_w6yp2y-Jb5odkeDWurhbkfNjt7JqjLBXCR8ATVc6VtSOnWqg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFFTTlUQjEtOC01OUc5&google_push=AYg5qPKDb9nFWNllMBLDWchLb3uXDcTFJJqgZsHe2cP1yO8mJbx8K_w6yp2y-Jb5odkeDWurhbkfNjt7JqjLBXCR8ATVc6VtSOnWqg
Request Chain 299
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBrFrPkaaDBrcKFf4xuC7gs&google_cver=1&google_push=AYg5qPIVbEtvpH4mUO7RFtnQBNNRbp2yQamlWfEr-eHenWjHewJCx4G-PihT92XlEF_paydVXAdBzWC2F2fIVUXqIUbOuunHU6Xv HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIVbEtvpH4mUO7RFtnQBNNRbp2yQamlWfEr-eHenWjHewJCx4G-PihT92XlEF_paydVXAdBzWC2F2fIVUXqIUbOuunHU6Xv&google_gid=CAESEBrFrPkaaDBrcKFf4xuC7gs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTg3NTgyMzg1MjI5NDEyNDE5NzYw&google_push=AYg5qPIVbEtvpH4mUO7RFtnQBNNRbp2yQamlWfEr-eHenWjHewJCx4G-PihT92XlEF_paydVXAdBzWC2F2fIVUXqIUbOuunHU6Xv
Request Chain 300
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENv4AT2_qlQP3XwNTZ-gUKI&google_cver=1&google_push=AYg5qPLKTD_15OYRXrGJ_EUcr5_gzGaJf_QDzZWNvP-Ovy6ymzqyHe3uN9FbwpKGoqWWVqYDVt7MkeQoFPR1YPCtxaX088WTH83zP-k HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1oS0E3ZXVoRTJ1Ri44eEpKNWtHOFk5THAzdG9tR3J5Vn5B&google_push=AYg5qPLKTD_15OYRXrGJ_EUcr5_gzGaJf_QDzZWNvP-Ovy6ymzqyHe3uN9FbwpKGoqWWVqYDVt7MkeQoFPR1YPCtxaX088WTH83zP-k
Request Chain 304
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 326
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkVKRQwlvWE-CejJfgNxpwAABHAAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkVKRQwlvWE-CejJfgNxpwAABHAAAAIB&dcc=t
Request Chain 330
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=RJfps3Tn1NzOjb5&gdpr=1
Request Chain 331
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=5aa4Auf1uAH-p7oC462hA-bwuQT-re5S5vJwYloI
Request Chain 335
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=cEX4JGs6SWWEDechuBrXjA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=cEX4JGs6SWWEDechuBrXjA
Request Chain 336
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1EM9TB1-8-59G9
Request Chain 337
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1EM9TB1-8-59G9&sigv=1&esig=2~501d022883222f4efba16e84249268ee1e71e371
Request Chain 338
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTA0ZTVkODhkZDA2MDZhMGY5N2E1ZGE4ZTc3NjYzNjFkZmZlYTUyMA
Request Chain 340
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Sv0KSiAzMizFbHzJJSinxQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5726900045340237696
Request Chain 342
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHUveGStaoWe1j5w5tH4N9o&google_cver=1
Request Chain 344
  • https://fav.a-mo.net/f/aHR0cHMlM0ElMkYlMkZjcmNkbjA5LmFkbnhzLXNpbXBsZS5jb20lMkZjcmVhdGl2ZSUyRnAlMkYxMzE3MyUyRjIwMjIlMkYzJTJGMTQlMkYzMjQ2MjQzMCUyRmU5OGE4OTRmLTc5MDAtNDMyMy05NTk3LWYzZjQ4M2I4YWNlNl83NjhfNDMyXzUwMGsubXA0/0?u=https%3A%2F%2Fcrcdn09.adnxs-simple.com%2Fcreative%2Fp%2F13173%2F2022%2F3%2F14%2F32462430%2Fe98a894f-7900-4323-9597-f3f483b8ace6_768_432_500k.mp4 HTTP 308
  • https://fav-cdn.a-mo.net/vf/0.1/aHR0cHMlM0ElMkYlMkZjcmNkbjA5LmFkbnhzLXNpbXBsZS5jb20lMkZjcmVhdGl2ZSUyRnAlMkYxMzE3MyUyRjIwMjIlMkYzJTJGMTQlMkYzMjQ2MjQzMCUyRmU5OGE4OTRmLTc5MDAtNDMyMy05NTk3LWYzZjQ4M2I4YWNlNl83NjhfNDMyXzUwMGsubXA0/1_0.png

347 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
safe2.php
earnme.club/
Redirect Chain
  • https://bit.ly/35nGHMN
  • https://tnlink.in/108Gb
  • https://link.tnlink.in/108Gb
  • http://earnme.club/safe2.php?link=108Gb
  • https://earnme.club/safe2.php?link=108Gb
624 B
954 B
Document
General
Full URL
https://earnme.club/safe2.php?link=108Gb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.28
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6f4707befdb1903d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 31 Mar 2022 06:29:23 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywsN8ioYjp2Cr5TYOlnj%2FQYEJ3DiGjSCT8LbQ4cx%2F4Mf%2BQRrK2%2Fqt3fe7CRGy4IvIGCtesF%2FhP1jIecY4iKZKnSINIXCpk2Oa3e6OOWPdDMjbuobhksb3TnI%2Bdx3PmhA8YzRmfvs3%2FE4DA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.28

Redirect headers

CF-RAY
6f4707be7e6592b7-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 31 Mar 2022 06:29:22 GMT
Expires
Thu, 31 Mar 2022 07:29:22 GMT
Location
https://earnme.club/safe2.php?link=108Gb
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kie3HUOq854qC%2BInOSSopLykouM9TOZx8T91zxBzZc7ipaVKiqoV1GUGWbw7FgZX68bBmsiDD4mbrvfoLtKhThnwPT7VS9QBs0JMBTSN9npvgznElK%2BOL95S2%2BQULFqTliN4qbuIZ38yRw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
url
www.google.com/
956 B
1 KB
Document
General
Full URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://earnme.club/zero-8i-from-infinix/&ved=2ahUKEwinyYX0v5X2AhW2yYsBHcAmD-I4MhAWegQIGRAB&usg=AOvVaw1N9mUF8GZmkp3HhOJmlhDy
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in
unload
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
481
content-type
text/html; charset=UTF-8
date
Thu, 31 Mar 2022 06:29:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma
no-cache
server
gws
strict-transport-security
max-age=31536000
x-xss-protection
0
Primary Request /
earnme.club/zero-8i-from-infinix/
44 KB
13 KB
Document
General
Full URL
https://earnme.club/zero-8i-from-infinix/
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://earnme.club/zero-8i-from-infinix/&ved=2ahUKEwinyYX0v5X2AhW2yYsBHcAmD-I4MhAWegQIGRAB&usg=AOvVaw1N9mUF8GZmkp3HhOJmlhDy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.28
Resource Hash
1b3e9c17d108472ca25fc496fce69233a7964fd30164db48c007514541c2fb9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6f4707c41cd1903d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 31 Mar 2022 06:29:23 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
<https://earnme.club/wp-json/>; rel="https://api.w.org/", <https://earnme.club/wp-json/wp/v2/posts/27>; rel="alternate"; type="application/json", <https://earnme.club/?p=27>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrY4xmf3Qde%2FLK5ywb33rL2oaaQ6Tdd5zetmFO17jnTfJXCOmHqcHiGt4V2mETLV5TSgFAPEUNixnre9z7gLsb1aUhN7gN0CDppQAlyjpF%2F5i6dThObcmzfPDCIr%2Fhj7eMJwCTkQurQeDg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-pingback
https://earnme.club/xmlrpc.php
x-powered-by
PHP/7.4.28
style.min.css
earnme.club/wp-includes/css/dist/block-library/
53 KB
8 KB
Stylesheet
General
Full URL
https://earnme.club/wp-includes/css/dist/block-library/style.min.css?ver=5.5.9
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/zero-8i-from-infinix/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Aug 2020 18:00:38 GMT
server
cloudflare
age
2568
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdWjs0Y698MyOoRCEyUvc4tdL9qELa3XFDsyPE1vkJiNKTJ%2FPT7%2Bp9I%2BuvT7LeF8GoFfhAdRaH1M8XNkXKh8TUWy0mgkgELJlVHN1oD4bg%2BNriT8LMvkzRLUQxPGxHICu5NeeSo3qz2SUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f4707c6c8979bc8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfd5a1ab67641b6e1770a0782c157943964d002e8c1b22f04cbe8cd3de4bd3f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 06:04:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 31 Mar 2022 06:29:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Mar 2022 06:29:23 GMT
style.css
earnme.club/wp-content/themes/mh-magazine-lite/
37 KB
8 KB
Stylesheet
General
Full URL
https://earnme.club/wp-content/themes/mh-magazine-lite/style.css?ver=2.9.2
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c6799f4aee89a69d9fbf39794dd02eb8c65a040cea6aa95c9ad34536f998495

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/zero-8i-from-infinix/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2568
cf-polished
origSize=45602
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 21 Feb 2022 09:00:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxfQACe1E8xpOZOyVlyU58SNTYylyhrDz44oUo0IcCesuTgyR2RaoqbLR9ltb%2FQHNDAjwW2fS0X72MP7PEyfmAv3EtkoHg3f%2BdBG%2FGFcv4pfpWIezQIywaUC4oItwuIbxR0Q9ZSGb4Ykdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6f4707c6c89c9bc8-FRA
cf-bgj
minify
font-awesome.min.css
earnme.club/wp-content/themes/mh-magazine-lite/includes/
30 KB
7 KB
Stylesheet
General
Full URL
https://earnme.club/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/zero-8i-from-infinix/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Feb 2022 09:00:39 GMT
server
cloudflare
age
2568
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BvoVk2OLf8HMdO15foQThp5BL9FSZysM9Uj9DvoXYw8pwBFEGScYQKDRmedhsOr%2B5gNuXNO%2F1JSmZ3z7aTxo1r3Tp9vOZJbWVKco%2FbXYLE%2BTyfCS9hSW64xQe%2BTj%2BW6ZmbHLlynex3l7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f4707c6c89e9bc8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.js
earnme.club/wp-includes/js/jquery/
95 KB
35 KB
Script
General
Full URL
https://earnme.club/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/zero-8i-from-infinix/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2568
cf-polished
origSize=96873
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 17 May 2019 04:25:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uj3u6ESmIdGhCvWVMwhX6%2BGOEEFHRQRlU5MG3H9owqxzDCJnavGSYNrRcXBFxG2CTOowLxAp7d62NDQICWhjFToP1t%2Fie3DY7aAwsei%2Bye8n6rrWEqJTTDie8tGxZFJAYOhHihuu4I1hAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6f4707c6c8a09bc8-FRA
cf-bgj
minify
scripts.js
earnme.club/wp-content/themes/mh-magazine-lite/js/
36 KB
12 KB
Script
General
Full URL
https://earnme.club/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ce57bd0fa2624bc5eac3701da8c04e315f177fc440ef4a9f46bb0699f942c34

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/zero-8i-from-infinix/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2568
cf-polished
origSize=37321
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 21 Feb 2022 09:00:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Us2Zzh7boafYZyFrBC3CtisnmXsRiXO6DIipA9muxBnWcLliwwQAjiL%2FAuhX9vjOjjhCK6MChD2mCmEAoYpDSZt%2FLVJcJRrycl1JjAEgWKL%2FIebxcsZlDqArZTWn3nObYkWq8tTG87JDww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
6f4707c6c8a29bc8-FRA
cf-bgj
minify
aaw.emc.js
cdn.adapex.io/hb/
477 KB
131 KB
Script
General
Full URL
https://cdn.adapex.io/hb/aaw.emc.js
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
969e9be177c78f263f4fe807f8c815c54526cbc3741c4a7d881428f066610306

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61348
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 29 Mar 2022 04:45:23 GMT
server
cloudflare
etag
W/"62428ee3-773a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWJ7O24Tzkf4yj4spig1K%2Ftsn7uppjh2G5Ks%2BTbb9iqtv8P1gJkDxwj%2BZMMhPws%2BfcePnZyt%2BYbxSAESkyGf0h5kc9b4aNRa9L%2BZc74saFltdOGwpnY4BoGYX0atBND4HqIdVzR9NZJa2kyi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
6f4707c799a26937-FRA
expires
Thu, 31 Mar 2022 04:56:15 GMT
spt
tg1.aniview.com/api/adserver/
15 KB
5 KB
Script
General
Full URL
https://tg1.aniview.com/api/adserver/spt?AV_TAGID=621f32205a5c530d554e9777&AV_PUBLISHERID=61236c658d8f39735560c155
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e19f205819a04bffb4cb56dc4fdfba7ac6dcff2f4dc19cc3db7212c9fa7c1364

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 06:29:23 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length
4563
Expires
Thu, 31 Mar 2022 06:34:23 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
83 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
a04af0a44597b3b07c8cc130746f19e96b7fd769e4c555c7c3b0b576549d63f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28173
x-xss-protection
0
server
sffe
etag
"1173 / 645 of 1000 / last-modified: 1648681922"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 31 Mar 2022 06:29:23 GMT
wp-emoji-release.min.js
earnme.club/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://earnme.club/wp-includes/js/wp-emoji-release.min.js?ver=5.5.9
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/zero-8i-from-infinix/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 20 Jun 2021 14:24:54 GMT
server
cloudflare
age
2567
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttsscpwS8eyVs1phSuFh006l2PNXASOWx26l761MYBqZ3pNxmw2YVK6t7MDkLdWKrDxMqs4p%2BGPVH%2FIX5fyMcksJ5dEFkCaaF%2BFw7FSLTwLE7fLLWzas1Rxqe2cksnGI21w0NruJwBiWiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f4707c75a009bc8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/
175 KB
65 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc6e31a7f25a2b840a9441fa01e0342f66edd315f40296c7cbbd0e1873cf8f49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:23 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65667
x-xss-protection
0
expires
Thu, 31 Mar 2022 06:29:23 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
155 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8166901308023325
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c388acf35492e2476b214bfb448ae32dd8bec6fd6088ecda3cb29ee4e738df2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://earnme.club/
Origin
https://earnme.club
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53963
x-xss-protection
0
server
cafe
etag
14727704412535557966
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 06:29:23 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://earnme.club
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 22:45:30 GMT
x-content-type-options
nosniff
age
114233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:03:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:45:30 GMT
fontawesome-webfont.woff2
earnme.club/wp-content/themes/mh-magazine-lite/fonts/
75 KB
76 KB
Font
General
Full URL
https://earnme.club/wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: earnme.club
URL: https://earnme.club/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://earnme.club/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Origin
https://earnme.club
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:23 GMT
cf-cache-status
HIT
last-modified
Mon, 21 Feb 2022 09:00:39 GMT
server
cloudflare
age
2567
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wa627vV2xr591pv7SnYbEmzYBRuTsYM%2FRBjwQa5hBgjVnF5SW9CXuGEDMBcM2REXcAzDnCHALNd5aU0jvqgkes13ZrhXmBSCXl%2FhU0HeO0yB6jrD0gcCmOT1p7MfDQmXlnw%2FxncHujVHVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6f4707c76a079bc8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v28/
31 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://earnme.club
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 22:48:24 GMT
x-content-type-options
nosniff
age
114059
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31272
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:00:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:48:24 GMT
a691551fbc5b6d1467740a0dd337c3fb
secure.gravatar.com/avatar/
1 KB
2 KB
Image
General
Full URL
https://secure.gravatar.com/avatar/a691551fbc5b6d1467740a0dd337c3fb?s=80&d=mm&r=g
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Thu, 31 Mar 2022 06:29:23 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="a691551fbc5b6d1467740a0dd337c3fb.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/a691551fbc5b6d1467740a0dd337c3fb?s=80&d=mm&r=g>; rel="canonical"
content-length
1323
expires
Thu, 31 Mar 2022 06:34:23 GMT
1b2daba8dacc4f9d190e646138ec84bb
secure.gravatar.com/avatar/
1 KB
1 KB
Image
General
Full URL
https://secure.gravatar.com/avatar/1b2daba8dacc4f9d190e646138ec84bb?s=80&d=mm&r=g
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Thu, 31 Mar 2022 06:29:23 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="1b2daba8dacc4f9d190e646138ec84bb.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/1b2daba8dacc4f9d190e646138ec84bb?s=80&d=mm&r=g>; rel="canonical"
content-length
1323
expires
Thu, 31 Mar 2022 06:34:23 GMT
pubads_impl_2022032106.js
securepubads.g.doubleclick.net/gpt/
364 KB
124 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:41:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2871
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126678
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 20:13:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 31 Mar 2023 05:41:32 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
242 B
155 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=earnme.club
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
83fdfe5b29fa21198b6a328153245800fefa7f15bcd72182517a6c187c24e527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 31 Mar 2022 06:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130
x-xss-protection
0
expires
Thu, 31 Mar 2022 06:29:23 GMT
comment-reply.min.js
earnme.club/wp-includes/js/
3 KB
2 KB
Script
General
Full URL
https://earnme.club/wp-includes/js/comment-reply.min.js?ver=5.5.9
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/zero-8i-from-infinix/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 20 Jun 2021 14:24:54 GMT
server
cloudflare
age
2568
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6d7C4FjSkEThPxzl6lUVWcXviqS%2B33fOHGIvsEWjJOiFD0M9mM5nkdBExznIiRhhOyiy1MfXn8LDIf5G%2BjODt4W7rJp4pBHv2t9ey%2BV7%2BMP7%2FcXwQdJb%2FNFqQqMKILSSwxZdeB67MxN0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f4707c81b9f9bc8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-embed.min.js
earnme.club/wp-includes/js/
1 KB
1 KB
Script
General
Full URL
https://earnme.club/wp-includes/js/wp-embed.min.js?ver=5.5.9
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/zero-8i-from-infinix/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 20 Jun 2021 14:24:54 GMT
server
cloudflare
age
2568
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iz52uEz8%2BGcokW7Bc1TVwZC77CN2swxNLJmYBH5pNPXiU1zoVHUBQXip008P4gr12EX1PkrrUJUyDYs7eD5luMAZVMn66MAdRN8oBfg6tAYOPd4mSxV0d05Fm7DR7qBWQWaogtLcT4RRbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6f4707c81ba39bc8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
cat.hbwrapper.com/
15 B
256 B
XHR
General
Full URL
https://cat.hbwrapper.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
capture.analytics.hbwrapper
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://earnme.club
Date
Thu, 31 Mar 2022 06:29:24 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
close
Content-Length
15
Content-Type
text/html; charset=UTF-8
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/
297 KB
107 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8166901308023325&plah=earnme.club&bust=31065921
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8166901308023325
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87617d3d981ac1e0f4a5a835feaf148a8fc32f5e2b08c764b93324e6924d95fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109416
x-xss-protection
0
server
cafe
etag
11336675150003490148
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 31 Mar 2022 06:29:23 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220329/r20190131/ Frame E6AA
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220329/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8166901308023325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
33683
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 21:08:00 GMT
etag
4044455266028820542
expires
Wed, 13 Apr 2022 21:08:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/
0
344 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-LY1N2M6E7Y&gtm=2oe3n1&_p=1800107939&sr=1600x1200&_z=ccd.AB&ul=en-us&cid=1040166477.1648708164&_s=1&dl=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=Zero%208i%20from%20Infinix%20%E2%80%93%20Tech%20One&sid=1648708163&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://earnme.club
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.lu/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.lu/adsid/integrator.js?domain=earnme.club
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=earnme.club
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
409 KB
97 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=81520691052323&correlator=4156315346006955&eid=31065713%2C31062930%2C44761144&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fifs&iu_parts=21735448363%3A22367406785%2Cearnme.club&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%2C320x50%7C336x280%7C300x250%7C250x250%7C200x200%2C320x50%7C336x280%7C300x250%7C250x250%7C200x200%2C320x50%7C336x280%7C300x250%7C250x250%7C200x200%2C320x50%7C336x280%7C300x250%7C250x250%7C200x200%2C1x1&fluid=height%2Cheight%2Cheight%2Cheight%2Cheight%2C0&ifi=2&adks=2564538650%2C174271564%2C174271567%2C174271566%2C174271561%2C3490001028&sfv=1-0-38&ecs=20220331&ists=1&fas=0%2C0%2C0%2C0%2C0%2C8&fsapi=false&eri=4&sc=1&cookie_enabled=1&cdm=earnme.club&abxe=1&dt=1648708163968&dlt=1648708163629&idt=307&biw=1600&bih=1200&adxs=-9%2C632%2C285%2C989%2C632%2C-9&adys=-9%2C217%2C766%2C1165%2C4434%2C-9&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fearnme.club%2F&loc=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C1080x0%7C678x0%7C326x0%7C1600x0%7C0x-1&msz=0x-1%7C1080x0%7C678x0%7C326x0%7C1600x0%7C0x-1&fws=2%2C0%2C4%2C4%2C0%2C2&ohw=0%2C0%2C678%2C326%2C0%2C0&ga_vid=1040166477.1648708164&ga_sid=1648708164&ga_hid=1800107939&ga_fc=true&btvi=-1%7C0%7C0%7C0%7C1%7C-1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
c77007b18d8de78468e9c57006eec632ec7179f1c27739899535cabba47289f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99306
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://earnme.club
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
49 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=81520691052323&correlator=4156315346006955&eid=31065713%2C31062930%2C44761144&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fifs&iu_parts=22687820958%2Cearnme.club_Display01&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=8&adks=1467249949&sfv=1-0-38&ecs=20220331&fsapi=false&eri=4&sc=1&cookie_enabled=1&cdm=earnme.club&abxe=1&dt=1648708163974&dlt=1648708163629&idt=307&biw=1600&bih=1200&adxs=474&adys=389&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fearnme.club%2F&loc=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=678x0&msz=678x0&fws=4&ohw=678&ga_vid=1040166477.1648708164&ga_sid=1648708164&ga_hid=1800107939&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
f9dd1a6570d67d229d4bdf1a08f18ad6679a76a80efee6f0c47bf0133ea6c6bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11749
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://earnme.club
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
52 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=81520691052323&correlator=4156315346006955&eid=31065713%2C31062930%2C44761144&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fifs&iu_parts=22687820958%2Cearnme.club_Display02&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=9&adks=1170053309&sfv=1-0-38&ecs=20220331&fsapi=false&eri=4&sc=1&cookie_enabled=1&cdm=earnme.club&abxe=1&dt=1648708163976&dlt=1648708163629&idt=307&biw=1600&bih=1200&adxs=474&adys=3131&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fearnme.club%2F&loc=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=678x0&msz=678x0&fws=4&ohw=678&ga_vid=1040166477.1648708164&ga_sid=1648708164&ga_hid=1800107939&ga_fc=true&btvi=2&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
bc87190748823a82e25f645baf79d53f6192372fa156427b971ac32b955c322b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12197
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://earnme.club
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
52 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=81520691052323&correlator=4156315346006955&eid=31065713%2C31062930%2C44761144&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fifs&iu_parts=22687820958%2Cearnme.club_Display03&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&ifi=10&adks=1237207139&sfv=1-0-38&ecs=20220331&fsapi=false&eri=4&sc=1&cookie_enabled=1&cdm=earnme.club&abxe=1&dt=1648708163977&dlt=1648708163629&idt=307&biw=1600&bih=1200&adxs=989&adys=2196&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fearnme.club%2F&loc=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=326x0&msz=326x0&fws=4&ohw=326&ga_vid=1040166477.1648708164&ga_sid=1648708164&ga_hid=1800107939&ga_fc=true&btvi=3&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
b12060a2b09abfbb792d0b7a9a1dd007157e7f03cbfd2d7cd6713df6d2ff4486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12049
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://earnme.club
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7186
6 KB
4 KB
Document
General
Full URL
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 06:29:24 GMT
expires
Fri, 31 Mar 2023 06:29:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022032106.js
securepubads.g.doubleclick.net/gpt/
35 KB
13 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022032106.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
17c36e9523e8b97999649b89a0f8480d574d7a1fe1dd4f3d8fe841e5649cd0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 16:37:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
136291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13258
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 20:13:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 29 Mar 2023 16:37:52 GMT
player.js
player.aniview.com/script/6.1/
26 KB
10 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/player.js
Requested by
Host: tg1.aniview.com
URL: https://tg1.aniview.com/api/adserver/spt?AV_TAGID=621f32205a5c530d554e9777&AV_PUBLISHERID=61236c658d8f39735560c155
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
eeead248868138b8e6f49f895e81497fbcef0d3a402b7ba997553ac211b448f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdufkQp8WATu0Y4CZ6DUzfY15RE_gah0Pt_DOlPZN7ljIw9fN4P3M6BQZTNoaxf2v3R1rHLnbdcn0ST3LKbWa-M
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
9411
last-modified
Wed, 23 Mar 2022 07:00:06 GMT
server
UploadServer
etag
"3e22639e49625f151a5d6165ee48cd54"
vary
Accept-Encoding
x-goog-hash
crc32c=SgaS2A==, md5=PiJjnkliXxUaXWFl7kjNVA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1648018806813075
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
9411
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 31 Mar 2022 06:34:24 GMT
track
track1.aniview.com/
0
71 B
Image
General
Full URL
https://track1.aniview.com/track?pid=61236c658d8f39735560c155&cid=621c5e1b99b8d6031e4ff892&cb=1648708163995&r=earnme.club&stagid=621f32205a5c530d554e9777&stplid=621f31ad0bf2103e4d763956&d35=&e=playerLoaded
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.93.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-93-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
cookie.js
partner.googleadservices.com/gampad/
215 B
416 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=earnme.club&callback=_gfp_s_&client=ca-pub-8166901308023325
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8166901308023325&plah=earnme.club&bust=31065921
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
f0fe4ac86ba05ce098ba84e9a218874e6d1d1e4113516f9cd5b913ee2a784818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CBD8
603 B
67 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8166901308023325&output=html&adk=3826760629&adf=1341073466&lmt=1648708164&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648708163892&bpp=2&bdt=263&idt=134&shv=r20220329&mjsv=m202203240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3263859720684&frm=20&pv=2&ga_vid=1040166477.1648708164&ga_sid=1648708164&ga_hid=1800107939&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065921%2C31062930&oid=2&pvsid=81520691052323&pem=267&tmod=1684429973&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=151
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8166901308023325&plah=earnme.club&bust=31065921
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 06:29:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
AVmanager.js
player.aniview.com/script/6.1/ Frame 0900
364 KB
103 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61236c658d8f39735560c155
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
32391e5d56d10900eccaf5ff6040224e96de4e09db5739aa213c4bb09779d579

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu1zT9ppBlIcCDvd9RXHL562v2k6ngWVC71iW6u0J2NNXblXgVj-ay8ArPdlSeo3sw4n4405qE0V0dMZibac4g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
104575
last-modified
Wed, 23 Mar 2022 06:59:54 GMT
server
UploadServer
etag
"02948485f0faba4c05b4a0eb92dd6f40"
vary
Accept-Encoding
x-goog-hash
crc32c=uG63EQ==, md5=ApSEhfD6ukwFtKDrkt1vQA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1648018794693190
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
104575
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 31 Mar 2022 06:34:24 GMT
auction
prebid.adnxs.com/pbs/v1/openrtb2/
297 B
677 B
XHR
General
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6c4447d8f1de0217e28e79639f27651a1957603dcc2131783469a180a4b75d41

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:24 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
X-Prebid
pbs-go/0.204.0
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://earnme.club
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
arj
digikulture-d.openx.net/w/1.0/
73 B
376 B
XHR
General
Full URL
https://digikulture-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bc7b00e6-cef8-45f7-b34f-0801f8697caf%2Cbfee0c86-82f1-4788-96cd-9e12a9ea7596%2C67922803-a039-472d-b8ad-e91385b2f288%2C004b5b9d-bcb2-4fd7-9131-33d32e6549b8&nocache=1648708164101&pubcid=08b906bd-1376-4fe5-aea6-c965731dbf98&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&aus=1x1%7C970x90%2C728x90%7C300x250%2C336x280%7C300x250%2C336x280&divids=776f80b2-4716-4763-b087-69be7072dd93%2C2433690a-6626-40b0-8ccb-09d5c23ba81f%2C7bde9b1f-04ed-4319-b78c-710887ef2da3%2C2f16ec98-c51a-49b2-a95c-9f7da9fc427f&aucs=%252F22181265%252Femc_OS%2C%252F22181265%252Femc_300v_1%2C%252F22181265%252Femc_300v_2%2C%252F22181265%252Femc_300v_3&auid=556674476%2C556580797%2C556580798%2C556580799&aumfs=10%2C10%2C10%2C10
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
0956c40a363ba6ed28293f597a1d04a70301bdc93847d0bc63c42054579a43dd

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://earnme.club
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/
6 KB
4 KB
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
06572b289d5f13650907ba974fedb76ea23ec4a25c41b90f43f93a892110036d

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://earnme.club
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
123
content-length
3531
prebid-request
onetag-sys.com/
15 B
358 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://earnme.club
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/
472 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ed7f9f13057c2e574b47c2e9e44c03b115e1ff2f429be51085ca7e80432af78b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:24 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
47727cb7-1090-47a8-9d34-36a006002bb4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://earnme.club
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
472
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/
27 KB
10 KB
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=783789&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2252497e0fa2fc0cd%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F%22%2C%22page%22%3A%22https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F%22%2C%22domain%22%3A%22earnme.club%22%2C%22publisher%22%3A%7B%22domain%22%3A%22earnme.club%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A1%2C%22bu%22%3A4%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A4%2C%22ren%22%3Afalse%2C%22version%22%3A%226.16.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225329235d4fecdfd%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22783789%22%2C%22sid%22%3A%221x1%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Femc_OS%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22542cccd2992360a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22773924%22%2C%22sid%22%3A%22970x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22773924%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Femc_300v_1%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%225637fa5e7167921%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22775312%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22775312%22%2C%22sid%22%3A%22336x280%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Femc_300v_2%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22589c99b74d5b41e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22775313%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22775313%22%2C%22sid%22%3A%22336x280%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Femc_300v_3%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s1602%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2208b906bd-1376-4fe5-aea6-c965731dbf98%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d25b83dd3052cdc0deb7ff8abc494a5f00f21398ed19dc79978e49a8a87a5e10

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.183], XFF:[]
server
Apache
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://earnme.club
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
10202
x-ak-client-geo
12
expires
Thu, 31 Mar 2022 06:29:24 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
92 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96940a017e7e9c7bec9f58b6520082&pos=8a96940a017e7e9c7bec9f59e10a0086&cmd=bid&secure=1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
758847d2c5d9b649afd91bb16d19be8b66601bb237e4a0f1717156c9e2b4b0c3

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://earnme.club
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
92 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96940a017e7e9c7bec9f58b6520082&pos=8a96940a017e7e9c7bec9f5a59560087&cmd=bid&secure=1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
da8b0a49283852e21e9c165961823115b4426d2ac7830a6b4c0cf9a6186c049a

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://earnme.club
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
5 KB
5 KB
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96940a017e7e9c7bec9f58b6520082&pos=8a969074017e7e9c77fb9f5bc22f008a&cmd=bid&secure=1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e4efdbebf72892600381b1f062abeca640790faf52dda3c9f6bb961032deb11b

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://earnme.club
access-control-allow-credentials
true
content-length
4769
bidRequest
c2shb.ssp.yahoo.com/
62 B
289 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96940a017e7e9c7bec9f58b6520082&pos=8a96940a017e7e9c7bec9f5c3a140089&cmd=bid&secure=1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
497bf7076b444cdfe3fc9abb983941941625f509e61b4ad4e7580d32f1b5db50

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://earnme.club
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
92 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96940a017e7e9c7bec9f58b6520082&pos=8a969074017e7e9c77fb9f5ce3ea008b&cmd=bid&secure=1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
c5d5457f90066522a911b38cb46406ab934010552afd79068832a6173ac7e275

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://earnme.club
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/
62 B
92 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96940a017e7e9c7bec9f58b6520082&pos=8a969c97017e7e9c72109f5d6baf008d&cmd=bid&secure=1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
862848c10f138911ab402b4433b520465bf8eff2fe5f4bab46ed9a94896d0e32

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://earnme.club
access-control-allow-credentials
true
content-length
62
fastlane.json
fastlane.rubiconproject.com/a/api/
478 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2319498&size_id=221&p_pos=atf&rp_schain=1.0,1!adapex.io,s1602,1,,,&eid_pubcid.org=08b906bd-1376-4fe5-aea6-c965731dbf98%5E1&rf=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.ref=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_OS&tg_i.gpid=%2F22181265%2Femc_OS&tk_flint=pbjs_lite_v6.16.0&x_source.tid=bc7b00e6-cef8-45f7-b34f-0801f8697caf&l_pb_bid_id=6808ced7c6d1dca&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.12167309149230188
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
35c270a84a842110f7c7dd21d7565dc5dd006d44c0f668ade3551ec0b1f41432

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:24 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://earnme.club
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
478
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
461 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294686&size_id=2&alt_size_ids=55&p_pos=atf&rp_schain=1.0,1!adapex.io,s1602,1,,,&eid_pubcid.org=08b906bd-1376-4fe5-aea6-c965731dbf98%5E1&rf=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.ref=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_1&tg_i.gpid=%2F22181265%2Femc_300v_1&tk_flint=pbjs_lite_v6.16.0&x_source.tid=bfee0c86-82f1-4788-96cd-9e12a9ea7596&l_pb_bid_id=69bca6eb9ad5845&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.918621802513977
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
93159626bdf613bd55ce1e7091f1122d2f17d177eebbd86873bd3e9747a2d759

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:24 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://earnme.club
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
461
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
462 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294692&size_id=15&alt_size_ids=16&p_pos=atf&rp_schain=1.0,1!adapex.io,s1602,1,,,&eid_pubcid.org=08b906bd-1376-4fe5-aea6-c965731dbf98%5E1&rf=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.ref=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_2&tg_i.gpid=%2F22181265%2Femc_300v_2&tk_flint=pbjs_lite_v6.16.0&x_source.tid=67922803-a039-472d-b8ad-e91385b2f288&l_pb_bid_id=70f120468a90419&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.9989076907353076
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
94bb6e8cec71065f833a185c82836a1572e4e11e4c9c678c66adf26d96b834be

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:24 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://earnme.club
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
462
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
462 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294696&size_id=15&alt_size_ids=16&p_pos=btf&rp_schain=1.0,1!adapex.io,s1602,1,,,&eid_pubcid.org=08b906bd-1376-4fe5-aea6-c965731dbf98%5E1&rf=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.ref=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_3&tg_i.gpid=%2F22181265%2Femc_300v_3&tk_flint=pbjs_lite_v6.16.0&x_source.tid=004b5b9d-bcb2-4fd7-9131-33d32e6549b8&l_pb_bid_id=7149df1a08b323c&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.1982249199289916
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
24acc823398408f3bef7f5f1beed6ee71d5a9c72d18929f1a5509d79bd18f8c1

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:24 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://earnme.club
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
462
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
prebid.media.net/rtb/
1 KB
906 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
d494a9f84e2e75c53163d8ef6ee37a7794aab3e6abf38ef388e00cce92e2857f

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://earnme.club
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/
87 B
170 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=dSQrD4Kmqr7io0rkHcnlxd
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
0140d1187c3308c40475bc2e2edaa99ed1b397695abbcbfa80b8692939bd0636

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://earnme.club
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/
87 B
179 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=dYto7aKmqr7io0rkHcnlxd
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
0140d1187c3308c40475bc2e2edaa99ed1b397695abbcbfa80b8692939bd0636

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://earnme.club
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/
87 B
348 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=d2Vd5MKmqr7io0rkHcnlxd
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
0140d1187c3308c40475bc2e2edaa99ed1b397695abbcbfa80b8692939bd0636

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://earnme.club
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?r=earnme.club&sn=&ic=0&tgt=0&app=&wi=480&he=270&test=&d36=6.2.12&apppkg=&fv=3&proto=https&pid=61236c658d8f39735560c155&cid=621c5e1b99b8d6031e4ff892&stagid=621f32205a5c530d554e9777&stplid=621f31ad0bf2103e4d763956&e=inventory&vi=100&cb=1648708164173
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.93.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-93-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/
331 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
740 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
384 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
782 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
395 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
449 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
480 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
577 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/
13 KB
3 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=621f32205a5c530d554e9777&AV_PUBLISHERID=61236c658d8f39735560c155&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&AV_CHANNELID=621c5e1b99b8d6031e4ff892&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=earnme.club&AV_DADPOS=3&AV_PLACEMENT=5&AV_TAG=621f32205a5c530d554e9777&AV_TEMPLATE=621f31ad0bf2103e4d763956&d36=6.2.12&responsive=1&sver=2&avtoken=164172&AV_WIDTH=480&AV_HEIGHT=270&AV_DNT=0&cb=1648708164226
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61236c658d8f39735560c155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.157.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-157-73.compute-1.amazonaws.com
Software
/
Resource Hash
bfa0d8300b382db32ad1a8338598f455b9887178273a65d7ea581fb2d9c5aa61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://earnme.club
cache-control
no-cache
access-control-allow-credentials
true
expires
Sat, 19 Mar 2022 16:42:44 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame 0F5A
222 KB
62 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
220738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Mar 2023 17:10:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 0F5A
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
220738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Mar 2023 17:10:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 0F5A
96 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
220738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Mar 2023 17:10:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 0F5A
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
535442
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Fri, 25 Mar 2022 01:45:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Mar 2023 01:45:22 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 0F5A
42 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
313509
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Sun, 27 Mar 2022 15:24:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 27 Mar 2023 15:24:15 GMT
css
fonts.googleapis.com/ Frame 0F5A
8 KB
892 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 05:41:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 31 Mar 2022 06:29:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Mar 2022 06:29:24 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0F5A
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 02:56:26 GMT
x-content-type-options
nosniff
server
cafe
age
12778
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Fri, 01 Apr 2022 02:56:26 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0F5A
344 B
807 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
48619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 31 Mar 2022 16:59:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0F5A
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CIgI9REpFYoOFAYSK7gO3x6e4BtWtz6JpnsbmsqgP67DGn48tEAEg3NizkQFguwOgAciN6qgoyAEBqQLcuYch64loPuACAKgDAcgDCqoE7gFP0FB0TvXW6eQtrayEDiZUZ4L4RVSm7DC4QM6QjuMtsfe36beT3avADGfSd179-WSRee9bWP28B_OiZ2TYSNZe2PKBnRq3rP3YpuSnzJZ0YdwBAM7WuweAim_aESsfBluhHgpMiBBraaE1FFkjdZIfUTxcgGdhIxDLxgh0akVj9J7grgMCdwCkyFsCVKcA8xycxtN2MNvw6hk4xnwKlun9-J_0shdK3fD3o3fppveX9S1yy3ImvfJUmSg8JKHqlSNHVwNgx_wsOeywJRu50edQJEoIu-ILDnob7ZROp22jHaB-Md8ytooTk2VRmtH_wATEndeWiQTgBAGSBQQIBBgBkgUECAUYBKAGLoAHyMW6iAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRDKwYIB0ggJCIjhgBAQARgdgAoDyAsBuBOdJ9gTDNAVAZgWAYAXAbIXHwodCAASFHB1Yi0xNDM4NzA5NjY3MjM0NjAyGMLbgwE&sigh=7gkQ_XLe5g0&uach_m=[UACH]&template_id=5021
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

downsize_200k_v1
tpc.googlesyndication.com/simgad/938930006787729482/ Frame 0F5A
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/938930006787729482/downsize_200k_v1?w=100&h=100
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37ac1b83493ec0dfb9e7576f0307fd51e1cde119c37a64333e0f905f359bc9c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 10:18:15 GMT
x-content-type-options
nosniff
age
72669
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2354
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 18:05:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Mar 2023 10:18:15 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/6733887896531254486/ Frame 0F5A
10 KB
10 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/6733887896531254486/downsize_200k_v1?w=400&h=209
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73c2ed8b0532eed7e4e8493b41da27756b818aa7e648b70bfdd50571cd8d7535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 01:58:10 GMT
x-content-type-options
nosniff
age
534674
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10155
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 18:05:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 25 Mar 2023 01:58:10 GMT
truncated
/ Frame 0F5A
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b87b832b8f0af9f872dd159f430ecf6c8e5e15abf94502baf490edfde3261c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 0F5A
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 0F5A
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a926c8423c691b65331a025893bc4fece556403894858bc55663cd7aeb67100a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 0F5A
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://earnme.club
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 22:47:37 GMT
x-content-type-options
nosniff
age
114107
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:47:37 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame 22F6
222 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
220738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Mar 2023 17:10:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 22F6
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
220738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Mar 2023 17:10:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 22F6
96 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
220738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Mar 2023 17:10:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 22F6
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
535442
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Fri, 25 Mar 2022 01:45:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Mar 2023 01:45:22 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 22F6
42 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
313509
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Sun, 27 Mar 2022 15:24:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 27 Mar 2023 15:24:15 GMT
css
fonts.googleapis.com/ Frame 22F6
8 KB
892 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 04:38:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 31 Mar 2022 06:29:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Mar 2022 06:29:24 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 22F6
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 02:56:26 GMT
x-content-type-options
nosniff
server
cafe
age
12778
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Fri, 01 Apr 2022 02:56:26 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 22F6
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
48619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 31 Mar 2022 16:59:05 GMT
container.html
3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8593
6 KB
3 KB
Document
General
Full URL
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 06:29:24 GMT
expires
Fri, 31 Mar 2023 06:29:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame 8C99
222 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
220738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Mar 2023 17:10:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8C99
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
220738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Mar 2023 17:10:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8C99
96 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
220738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Mar 2023 17:10:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8C99
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
535442
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Fri, 25 Mar 2022 01:45:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Mar 2023 01:45:22 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 8C99
42 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
313509
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Sun, 27 Mar 2022 15:24:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 27 Mar 2023 15:24:15 GMT
css
fonts.googleapis.com/ Frame 8C99
8 KB
892 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 04:46:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 31 Mar 2022 06:29:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Mar 2022 06:29:24 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8C99
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 02:56:26 GMT
x-content-type-options
nosniff
server
cafe
age
12778
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Fri, 01 Apr 2022 02:56:26 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8C99
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
48619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 31 Mar 2022 16:59:05 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame AFA4
222 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
220738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Mar 2023 17:10:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame AFA4
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
220738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Mar 2023 17:10:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame AFA4
96 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
220738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Mar 2023 17:10:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame AFA4
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
535442
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Fri, 25 Mar 2022 01:45:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Mar 2023 01:45:22 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame AFA4
42 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
313509
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Sun, 27 Mar 2022 15:24:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 27 Mar 2023 15:24:15 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame AFA4
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 02:56:26 GMT
x-content-type-options
nosniff
server
cafe
age
12778
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Fri, 01 Apr 2022 02:56:26 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame AFA4
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
48619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 31 Mar 2022 16:59:05 GMT
truncated
/ Frame AFA4
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7172332d735b861329db6ee6def453719638564dac67bf15a5d39f7b8b6d259

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
container.html
3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 251D
6 KB
3 KB
Document
General
Full URL
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 06:29:24 GMT
expires
Fri, 31 Mar 2023 06:29:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame 22F6
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT16EPnttFwzm9nbVpCaRZKK3rS3SW90IRR_iGX6_NujN6IrTIlomYsl-0g7pTbiSpjIY7U
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 22F6
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CrvOiREpFYoH4Ac6zgAfOl6vgDYnPyIVo6vuQ6vgMicf93wUQASC-zNdqYLsDoAGbkJW1AsgBCeACAKgDAcgDCqoE6gFP0LJY_ZsZIVWJhjlW7Q4GQrR6Nw1LnrcKnC5l6Olm9DYXgc14zmAaHea938gTXNdIK6fpg5jyNvaxcPjkl-OXRPjhe0RD9WkE4VCfbkdpVCW8p6xpSREPW5q8Fq0-NnWAlsgtyVL29RCJ4DfjFJUHAq3l3AgNtKy0GP4nAK2Hz7SXiJt53A1heSNmZynhhJ1w4syHKAzZAbSfajWPdZPZuQDHoXdhy08-MFRydZ_rDcMrX4nHh5ufPYoT7CigivcSGpLAZMVvLg8wG2gmAe0xVLjQWpYe0NJ70WgaN_MRmvLC4wx7n7knhWfABKmC09mtA-AEAZIFBAgEGAGSBQQIBRgEoAYugAeDiIzLAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJ-gLNIICQiI4YBwEAEYHfIIG2FkeC1zdWJzeW4tNjIxNjUxOTk0MTQxMDkwMIAKA8gLAbgTiCfYEwyIFALQFQGAFwGyFx4KHAgAEhRwdWItOTk1OTczMDc1NDAzODAyNhjG3W0&sigh=gpXa6QTgmOU&uach_m=[UACH]&template_id=5000
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

l
www.google.com/ads/measurement/ Frame 8C99
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJH4gHD-walK1-oiAB1Iv-4TDPo93-wEQrIneR6xd6DxKVNtjgaq_d6q2cZb9iF_WAfRbT
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame 8C99
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CF9VIREpFYoP4Ac6zgAfOl6vgDdWtz6JpnsbmsqgP67DGn48tEAEgvszXamC7A6AByI3qqCjIAQmpAvefUtw9kGg-4AIAqAMByAMKqgTrAU_QCikROxdLA_TwJi3zzitCXr0GsH7MJJr4Utwi25-gy4LCgZQE_Gfro0XFVwNPXScwwO5Lzmn7-KEeBKKsRkZ4JxlTd1o9lk2v5V8RLvRwOw9pPdp58yvPVM8q3No7ATxfUyQtyFhmmIcxEjsy94Yyxi9vJFJA7hk3nqgZa3ZjRqhPFbXSpKrPRVXRsR9jc5BoG7ir6BSWVNKbPkOW16s42P9FQiwdpTlKZWOdhEzQ3Y6YsdJnr4R8CHSCvLeJZCNSkXYrkCgaXSBD4FNOAn2RMF6xWHz8pl10XUxSrqWBP_V2NhhND4Iqk7HABMSd15aJBOAEAZIFBAgEGAGSBQQIBRgEoAYugAfIxbqIA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPmUBdIICQiI4YBwEAEYHfIIG2FkeC1zdWJzeW4tNjIxNjUxOTk0MTQxMDkwMIAKA8gLAbgTiCfYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItOTk1OTczMDc1NDAzODAyNhjG3W0&sigh=F4Pfc6Yh4E4&uach_m=[UACH]&template_id=5000
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

8523425964125252360
tpc.googlesyndication.com/simgad/ Frame AFA4
17 KB
17 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/8523425964125252360?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmltQxXH7y4vFZqe32r45cViQnPqA
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6846607e37237f076851e728699a5949c455a35dc6078ba8f7f05ca4c01f85b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 18:52:23 GMT
x-content-type-options
nosniff
age
214621
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17033
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 05:59:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Mar 2023 18:52:23 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame AFA4
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CMzG6REpFYoT4Ac6zgAfOl6vgDb2fs5lpo-Gd9NgP6rST0dUvEAEgvszXamC7A6ABkpmr_ALIAQLgAgCoAwHIAwiqBOEBT9AgSyT1M9s08_kxZm-C936tNOP_B-CE1txw6JM88lqWMdwQDvq7wHGpKgBsOscDO5RK76-PSs4NtRixo9srTN7SxAgbpi5Uf5KMPF2w7Cnjz880JG894eKUTkbhLv9O1NuMAixKp7wymJSfE1UrcVG3ZIqjzH4i0bZmHYEn5aQqr-ln012EQugez519WjRIB_73kjG5y0892Mh__hRIfaaAaOk640OSMg4iLzrZE4sHpwAUIB9EIzrCqj1iRxF2Kq5OZ9A583LObMqWcZ2nx041Bl1rUg-TmWuTRphFiKGywASoz_Tk_QPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH1ubUgwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC36g7SCAkIiOGAcBABGB3yCBthZHgtc3Vic3luLTYyMTY1MTk5NDE0MTA5MDCACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItOTk1OTczMDc1NDAzODAyNhjG3W0&sigh=5BSFW0wkbIc&uach_m=[UACH]
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0F5A
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 02:56:26 GMT
x-content-type-options
nosniff
server
cafe
age
12778
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Fri, 01 Apr 2022 02:56:26 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0F5A
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
48619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 31 Mar 2022 16:59:05 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/14653157537914924808/ Frame 22F6
14 KB
14 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14653157537914924808/downsize_200k_v1?w=600&h=314
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7a53bd43b94aeadeea2d82c90e10b53febb67c563f2e9b718452d146ceef20e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 08:11:06 GMT
x-content-type-options
nosniff
age
166698
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13947
x-xss-protection
0
last-modified
Tue, 08 Dec 2020 21:20:03 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 29 Mar 2023 08:11:06 GMT
truncated
/ Frame 22F6
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 22F6
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
610f564c5565b07da082ca267469e576974f28723dbed8897cad7944a5f988cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 22F6
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d52a9e2e1cd75216a62369337bda617eb7714b0b1483195d22fec2185c72258

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 22F6
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://earnme.club
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 22:47:37 GMT
x-content-type-options
nosniff
age
114107
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:47:37 GMT
avpb6.15.0.js
player.aniview.com/script/6.1/ Frame 0900
333 KB
100 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/avpb6.15.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61236c658d8f39735560c155
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
ffbba010d8b2a59b00c92ffe2dcd7d70bb9565edbbdd998f1df06e8e06b3a421

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdutz_qczWAdpxzHbv8rOOEjdOv_7Z-UfE_ZnP--B98sTCZ5l7raedGa9riFsaBWQhfxU6Th4_hV6oCNVKhvabM
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
101837
last-modified
Wed, 23 Mar 2022 06:59:30 GMT
server
UploadServer
etag
"26b8dd7a2abe2a4394dc3d482a4507e4"
vary
Accept-Encoding
x-goog-hash
crc32c=2aMe6A==, md5=Jrjdeiq+KkOU3D1IKkUH5A==
content-language
en
access-control-allow-origin
*
x-goog-generation
1648018770007457
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
101837
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 31 Mar 2022 06:34:24 GMT
avpb6.15.0a3.js
player.aniview.com/script/6.1/ Frame 0900
65 KB
20 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/avpb6.15.0a3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61236c658d8f39735560c155
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
036e9bd4c8ef7ecdc5101e90cfa027799d6ab642c1613b4ac53b0b145bcede23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvGHgKmGp86xxhIM1KkpM68vDjA9aOMfj8o6PBYdEmkx6w1LiWdx9az2BgUaRjqKN_X28DuOIInYdpKSfY4SzglcWcvfA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
19784
last-modified
Wed, 23 Mar 2022 06:59:46 GMT
server
UploadServer
etag
"8dd3911b1db93e9deb2d075276d1d273"
vary
Accept-Encoding
x-goog-hash
crc32c=r1d7rg==, md5=jdORGx25Pp3rLQdSdtHScw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1648018786191664
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
19784
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 31 Mar 2022 06:34:24 GMT
avpb6.15.0a1.js
player.aniview.com/script/6.1/ Frame 0900
64 KB
19 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/avpb6.15.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61236c658d8f39735560c155
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4823ba1362327addef6f7fd8d7235fcf62731a355c9b83a87b84941650689bea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdumOPpHG9fZVAUffKtITl6Vv1Xr6di11f7iyMWtpnGdTaLVZCJarz8c3L53CrushVd2ALDrGbYwTUo8A77-mew
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
19166
last-modified
Wed, 23 Mar 2022 06:59:38 GMT
server
UploadServer
etag
"61a8129b9a120ae681b3bcbdae92fd62"
vary
Accept-Encoding
x-goog-hash
crc32c=rhzfFg==, md5=YagSm5oSCuaBs7y9rpL9Yg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1648018778033227
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
19166
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 31 Mar 2022 06:34:24 GMT
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=earnme.club&rs=earnme.club&sid=97638&t=1648708164&cip=84.19.175.183&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=61236c658d8f39735560c155&test=&aafaid=&proto=https&uid=1648708164491-925064035684-007717-000-003032&cha=0.7&stagid=621f32205a5c530d554e9777&stplid=621f31ad0bf2103e4d763956&d35=&d36=6.2.12&cb=64706813216&d9=1000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&nid=61236c658d8f39735560c155&ncid=621c5e1b99b8d6031e4ff892&e=request&cb=1648708164613&asid=621cbd83946785184f043945%2C621c5c5c7c6fcc6d5f3ccb76%2C621c5d3b0769a573021e90d9%2C621c5cba74b49512954a1f4a%2C621cbdecd220c848d61b8e06%2C621c5d09bf996b13843839e2%2C621c5d6edc51303160529521%2C621c5c24bad4cf691d41ac48&ofpr=2%2C2%2C2%2C2%2C%2C2%2C2%2C2&fpo=%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.93.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-93-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://earnme.club
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://earnme.club
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 31 Mar 2022 06:29:23 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1351
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=nuVARnw3eUlxNTZzRmxFcjlTRDJ1ZWp4YXhCUUlVUG9pZ0w5TlhlM0s0Z2U0akptNHpiSGp5NEZzYmRUWGlXMTZGYnJVWlJvYlhxNWFPdkltWVY4NGR5bmY4eGNnWXIvRUV4b0s0TW9ubEF0dmlNYlV2d29aS3JpZFU1L2...
342 B
611 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=nuVARnw3eUlxNTZzRmxFcjlTRDJ1ZWp4YXhCUUlVUG9pZ0w5TlhlM0s0Z2U0akptNHpiSGp5NEZzYmRUWGlXMTZGYnJVWlJvYlhxNWFPdkltWVY4NGR5bmY4eGNnWXIvRUV4b0s0TW9ubEF0dmlNYlV2d29aS3JpZFU1L2FLdnkyMTIzQUxMZXl2UlpURFJRWHRNM3NvejNiWXh1c2VQVXJrempZSHBoTjY3MXRiT3g4QURubWI0YkoyNHJmbzNoV2paNm5zU21GeFpiR2Nya2t6TCt0WFZVaXNCc00wcVM5b00xaGZuYkVISWhJV3NRPXw&cppv=2
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
3ae0a68263138b47cb5c9206523a68a3cc2ded2e2522551a7601baf73828ef42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3022
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:24 GMT
location
https://mug.criteo.com/sid?cpp=nuVARnw3eUlxNTZzRmxFcjlTRDJ1ZWp4YXhCUUlVUG9pZ0w5TlhlM0s0Z2U0akptNHpiSGp5NEZzYmRUWGlXMTZGYnJVWlJvYlhxNWFPdkltWVY4NGR5bmY4eGNnWXIvRUV4b0s0TW9ubEF0dmlNYlV2d29aS3JpZFU1L2FLdnkyMTIzQUxMZXl2UlpURFJRWHRNM3NvejNiWXh1c2VQVXJrempZSHBoTjY3MXRiT3g4QURubWI0YkoyNHJmbzNoV2paNm5zU21GeFpiR2Nya2t6TCt0WFZVaXNCc00wcVM5b00xaGZuYkVISWhJV3NRPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://earnme.club
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1662
content-length
482
expires
0
579.json
id5-sync.com/g/v2/
213 B
529 B
XHR
General
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.3.40 , France, ASN16276 (OVH, FR),
Reverse DNS
p30.id5-sync.com
Software
/
Resource Hash
7c50f0896e327d8697a0accdaba9302b03ecb4aaadb4efe667c06c86935a5592
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://earnme.club
Date
Thu, 31 Mar 2022 06:29:24 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/
0
0

any
idx.liadm.com/idex/prebid/
0
485 B
XHR
General
Full URL
https://idx.liadm.com/idex/prebid/any
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.184.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-204-184-124.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 31 Mar 2022 06:29:25 GMT
Request-Time
2
Server
nginx/1.18.0
Vary
Origin
Access-Control-Allow-Origin
https://earnme.club
Connection
keep-alive
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000; includeSubDomains
trace-id
d475dc42beb096c6
id
id.crwdcntrl.net/
63 B
334 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.131.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-131-63.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ed2ecf3da64fedc199ed6e5fe34de7c97f8d8466ad15f392312b590d727a918e

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:24 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://earnme.club
cache-control
no-cache
x-server
10.45.2.230
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
g_pbst
1x1.a-mo.net/hbx/
0
89 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/g_pbst?A=amx&w=1&h=1&bid=88308a99a801d2c&c1=banner&np=0.021833972999999996&aud=38695767ac534ce&a=776f80b2-4716-4763-b087-69be7072dd93&c2=hb_bidder%3Damx%26hb_adid%3D88308a99a801d2c%26hb_pb%3D0.02%26hb_size%3D1x1%26hb_source%3Dclient%26hb_format%3Dbanner%26hb_adomain%3Dsteampowered.com&ts=1648708164662&eid=89f27022b9573ae
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.50.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-50-170.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
integrator.js
adservice.google.lu/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.lu/adsid/integrator.js?domain=earnme.club
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=earnme.club
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
247 KB
78 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=81520691052323&correlator=4156315346006955&eid=31065713%2C31062930%2C44761144&output=ldjh&gdfp_req=1&vrg=2022032106&ptt=17&impl=fifs&iu_parts=22181265%3A22367406785%2Cemc_OS%2Cemc_300v_1%2Cemc_300v_2%2Cemc_300v_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=1x1%2C970x90%7C728x90%2C300x250%7C336x280%2C300x250%7C336x280&ifi=11&adks=1333448797%2C2299369434%2C1406026357%2C314103536&sfv=1-0-38&ecs=20220331&fsapi=false&prev_scp=refresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dsteampowered.com%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D1x1%26hb_pb%3D0.02%26hb_adid%3D88308a99a801d2c%26hb_bidder%3Damx%26anh%3Dtrue%7Crefresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Derfolgs-anleger.de%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D970x90%26hb_pb%3D0.04%26hb_adid%3D86cde2f68f09f21%26hb_bidder%3Dix%26anh%3Dtrue%7Crefresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D2%26hb_adomain%3Dgenerac.com%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.27%26hb_adid%3D830012659a296e9%26hb_bidder%3Donemobile%26anh%3Dtrue%7Crefresh_count%3D0%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dzep.de%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D336x280%26hb_pb%3D0.10%26hb_adid%3D84d9aacae83a657%26hb_bidder%3Dix%26anh%3Dtrue&eri=4&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D10%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D100%26wrap_l%3D700%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D200%26waae%3D600%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D0s&sc=1&cookie=ID%3D720a837b1e82844a-222dddd46acd0082%3AT%3D1648708163%3AS%3DALNI_MarbANKJ1VWXupcnnava9T8My8I0g&cdm=earnme.club&abxe=1&dt=1648708164672&dlt=1648708163629&idt=307&biw=1600&bih=1200&adxs=0%2C315%2C989%2C650&adys=25%2C194%2C522%2C5244&ucis=a%7Cb%7Cc%7Cd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fearnme.club%2F&loc=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x5542%7C1080x0%7C326x0%7C1600x0&msz=1600x0%7C1080x0%7C326x0%7C1600x0&fws=0%2C0%2C4%2C0&ohw=0%2C0%2C326%2C0&ga_vid=1040166477.1648708164&ga_sid=1648708164&ga_hid=1800107939&ga_fc=true&btvi=0%7C0%7C0%7C4&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
b99b81870bf22b5a8cf7b0cc40f78bd0f6969947fd556e67d519aef8ce149993
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIX5_MPc7_YCFVGR3godht8LTg&gqi=&layout=/sadbundle/%24csp%253Der3%24/140445308604698908/html5-animation-MWD-300x250-en/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIX5_MPc7_YCFVGR3godht8LTg&gqi=&layout=/sadbundle/%24csp%253Der3%24/140445308604698908/html5-animation-MWD-300x250-en/index.html
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
google-creative-id
-2,-1,-1,-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80247
x-xss-protection
0
google-lineitem-id
-2,-1,-1,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
date
Thu, 31 Mar 2022 06:29:25 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://earnme.club
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/6733887896531254486/ Frame 8C99
15 KB
15 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/6733887896531254486/downsize_200k_v1?w=600&h=314
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc4c5d92a47944dc3194ecd5af16f1c7383967269e63ea2345352a4f038539a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:00:37 GMT
x-content-type-options
nosniff
age
5327
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15400
x-xss-protection
0
last-modified
Tue, 21 Dec 2021 18:05:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 31 Mar 2023 05:00:37 GMT
truncated
/ Frame 8C99
206 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8C99
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8C99
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2453adff620e3c8c50559b7b46f845ac36b22e140481605b9c69e3d85c6d151b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 8C99
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://earnme.club
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 22:47:37 GMT
x-content-type-options
nosniff
age
114107
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Mar 2023 22:47:37 GMT
css2
fonts.googleapis.com/ Frame 251D
4 KB
634 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 05:53:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 31 Mar 2022 06:29:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Mar 2022 06:29:24 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7C56
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiY8ZG_ATAB&v=APEucNUtKycfrMQq_cQXRqpVA6wlsn5djL8CwdGjmgGr_deY4tOreZug0zd10TzCRimCBZsnF-MpfLpooMUPHPq17w6LBCj_2w
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 06:29:24 GMT
expires
Thu, 31 Mar 2022 06:29:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/ Frame 93F3
19 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/abg_lite_fy2019.js
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 06:25:09 GMT
1509077974930286764
s0.2mdn.net/simgad/ Frame 93F3
13 KB
13 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/1509077974930286764
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
049d183b12915bb171ac4ffef9dd27ff4d9397b5741a8b12f564b76c94d11735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 08:46:16 GMT
x-content-type-options
nosniff
age
78188
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12870
x-xss-protection
0
last-modified
Fri, 07 Jan 2022 18:11:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Mar 2023 08:46:16 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/elements/html/ Frame 93F3
6 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4305
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 05:17:39 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 93F3
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60501
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 13:41:03 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/ Frame 93F3
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 06:13:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 93F3
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 31 Mar 2022 06:29:24 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/ Frame 93F3
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:12:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1027
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 06:12:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 93F3
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BZcoYC0ytqocDEw9MhTU_f0dqTpFUxsKne93Qmd34-vuSbcxz_czdlBCTp5IoyAMwW1knk3OfHPs0MYkJXWXDniHGYdfFQYpONM5tUG9C5p0NmOZI
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/elements/html/ Frame 251D
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e11dced993be3d8dc0b83a9532f0423d64ef189d577b91a7f9794b653ba435bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
971
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8226
x-xss-protection
0
server
cafe
etag
11792478805792993122
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 06:13:13 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F3B4
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiKrqDAATAB&v=APEucNVptvNw0JIOAKYHNTbpUikPe7JeA1CRuEaiTq_3RVXwZ7L_QMDCUUexEJMqfW48DKCs4zPct_S8VLaFyuJf0lzRzfMgjA
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 06:29:24 GMT
expires
Thu, 31 Mar 2022 06:29:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/ Frame 8593
19 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/abg_lite_fy2019.js
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
255
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 06:25:09 GMT
13254692950758216641
s0.2mdn.net/simgad/ Frame 8593
24 KB
24 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/13254692950758216641
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd95b8f5f967ec953aac878c8c952763b815cb1a3c9a20bee7bb70babee17bf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 06:32:59 GMT
x-content-type-options
nosniff
age
86185
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24528
x-xss-protection
0
last-modified
Sat, 22 Jan 2022 23:50:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Mar 2023 06:32:59 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/elements/html/ Frame 8593
6 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4305
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 05:17:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8593
0
622 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-y_j4bX2WiTp91r-sRAsGmM0pUtDvZwcWmn2XiUtXdSMSWcpMORU21KXe7FfbnmbPRYSTRCOcch_T5VtzmNZwwqYTTa5E91a29xddqxEtQwncC6CS9azu8xwz2O0Eq9t2gas1W7EIbnBkFT1AIenN4cTX93lCFiuAF3vLyx1L1Ci8jTswtTE-KNYTfycKqODkRUo9kWebZHbhpobQ0pM-d466upuBB00wLZuTMSD9gY0EOulLTimEL_kPEQyQzqemYUFR487rFbOBqlvHaVeGRjURD0Ez6gYAORpB73_GP7iCMiQJH_kupU3kQNvhobEgUlzg3pw6o-oXWrvZfmC5Ffc3QKpVCExi8q4szP6szwWDzLeutuf9bSDQ6ujQp9GfEWRmgua3PwY8OjaCEESRvChcYezRGMRLkoS3IkW03uy_GXCBAyXqRwec9_xZBlpF19hr5s1pYhQzm8wRuBgXPeTC8-O2P8PmuM2gyIBamDL-WM1_CPUnwKY-mpIRdvuBXZpcAh5U6m6HqwcsTQ-qY5jtASj5RcqCFc-xF7i9cOW1C-nxmOe8MZT79IlMIZHxm_VKkNB1-ujna8QNEfsEEM3ZT9PkjQT5k_SBt1T06R7B6z5iDCIEeVNW9glAI06mdknSqs2vPiQyv-rs1IETTowjNaAArTqgIAJMPP1lh_8wsY2s_FPCa26DOPukjXgr8GH4kVpGc0gcKhU7H9mZZyZ97cn-WmyU4V14DOyjvzTehqzw5CNt5sEu-Mdt-nqMBYg4jOTgNiNRKAG3gku52u822dj4r5DydqbdMsgA59TITKc0rt1t5G4wSrrf_LNTmFKjKsIKpqCTHpOm1DW_TkPTpNqpXD4QV0HfN3_6SFTxPkFeOotF5OuvEuE51R2hCRQfILkgkwJhD-KfRyzyzc3yDwQtlelCv6vfqwRfzXGA8ukE4AFiQMLXUzjtX5s7-K96Lat1e_LyXUjK9dHqt4SoJpKa7ebdFkANgAiA7kI_IRvwEh9btKbOckQGYqT0ntHF5hKpG-G4B0OnwgivPYKx_F5XGZC9MUlez_ZKeHpsefUt1Env9gtHO9IXbcd9Hx6almAkPEHNOuFmUF3GrlrTb3JNDx9zdQxxZMZ95ZgVklZBU0PbLWR2KbSDS0NoJPdtQb15ZyXAFn3C5-1bXXuQ58xixw7SVA&sai=AMfl-YTPLnxY-3CWVtBVxOil8h5ZnaHgfG9EPhVyVQfhS8s7BbqY1fOf6P46e-1tXRwZv8Px8D9akb5FCKoOL519uqAnnS0O8T6UtlTfcJ0bMHhrSECHp5G6XE9e0x2_O_jXorgcS9E7jYyZGp2ezUlHZtSLgM-Id9-PUd_GmhVTD6FeNF2PHnj459Cvyfq5KveIFyyQrhDi8m2OF51_r2Vjhg3YC3BUsRwxKA_QdRHISF_GADoVXu1q37PiN-cNnoRvRjgoymCUON_fXUncr9hMqWF57z4_CTDCblfl2Kf1gV_86bLWUek5lYaKLzlOu591TyJKA-rsEW4jCnwJdP_LxJ03XZTY51Ia5l0WEc6EhtVHPkceXQtctLpVGk674t4xRkwpCY5o5B33ZAo&sig=Cg0ArKJSzMu0xcrNLnz-EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220329.86495&adurl=
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 31 Mar 2022 06:29:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8593
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60501
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 13:41:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8593
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DUHPQi-ao_BC2rnVGxZPBqmJQEwZ7wxENyibfAUJj5B22j3loYYvPLxXm6b24tTmBSl0xv8iTxgGD9FoQUcqrvazI-0bYuELnQyz4mnc0vYWtS7q8
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/ Frame 8593
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
942
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 06:13:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8593
119 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 31 Mar 2022 06:29:24 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/ Frame 8593
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:12:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1027
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 06:12:17 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame CF2D
222 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
220738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Mar 2023 17:10:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame CF2D
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
220738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Mar 2023 17:10:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame CF2D
96 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
220738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Mar 2023 17:10:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame CF2D
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
535442
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Fri, 25 Mar 2022 01:45:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Mar 2023 01:45:22 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame CF2D
42 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
313509
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Sun, 27 Mar 2022 15:24:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 27 Mar 2023 15:24:15 GMT
css
fonts.googleapis.com/ Frame CF2D
4 KB
618 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 04:49:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 31 Mar 2022 06:29:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Mar 2022 06:29:24 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CF2D
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 02:56:26 GMT
x-content-type-options
nosniff
server
cafe
age
12778
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Fri, 01 Apr 2022 02:56:26 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CF2D
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
48619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 31 Mar 2022 16:59:05 GMT
l
www.google.com/ads/measurement/ Frame CF2D
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQr8ILOqQSAos9_K9dnKwg26LxHN8U7hFGH73uSqYyoI_ip8vpHHDu06fKa3VqlmWe27R57eGZ0dRJuIfTJa8olPSRqzw
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/ Frame CF2D
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTH43REpFYq_5EciJx_AP15iyyAuL9KGuaeGQ0MD0D_WCypySDhABINzYs5EBYLsDoAGP4MXfA8gBCakCfmuhMrxdQz7gAgCoAwHIAwqqBOMBT9BHTilYABg18CYWxvp8uqtAGHJLgGNf2J75SLXMrxBzvvlt-0jTdy8KbpExmQmHrZQFJjD3onGBi_caZuqedLZ6JTZMtJs103p_VsLzlu_IR2zeFVKJcAkBQiKCvJQ0yO_vHr_z6n_3bv0bp-aPNU_5j81-9I7szxP-zVCEDkyIB-9CBl2mqorkBIXLKn-QyuBSbjYbIwN-IFvwFOI30K5jRWG8NKiNnNCBvMjBT0zYmwdiSLh2tmmC64kYrcbZYSaTUTbcCajkxhbcMgwBMlS-7oUrrvyyocLHKxS57anC4APABL_EvuTkA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe_qI7HAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENHgLdIICQiI4YAQEAEYHYAKA8gLAbgTiCfYEwyIFAHQFQGAFwGyFx8KHQgAEhRwdWItMTQzODcwOTY2NzIzNDYwMhjC24MB&sigh=aoZ-tdRE3NM&uach_m=[UACH]&template_id=5000
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

si
googleads.g.doubleclick.net/pagead/drt/ Frame AFA4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Redirect headers

date
Thu, 31 Mar 2022 06:29:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=nuVARnw3eUlxNTZzRmxFcjlTRDJ1ZWp4YXhCUUlVUG9pZ0w5TlhlM0s0Z2U0akptNHpiSGp5NEZzYmRUWGlXMTZGYnJVWlJvYlhxNWFPdkltWVY4NGR5bmY4eGNnWXIvRUV4b0s0TW9ubEF0dmlNYlV2d29aS3JpZFU1L2FLdnkyMTIzQUxMZXl2UlpURFJRWHRNM3NvejNiWXh1c2VQVXJrempZSHBoTjY3MXRiT3g4QURubWI0YkoyNHJmbzNoV2paNm5zU21GeFpiR2Nya2t6TCt0WFZVaXNCc00wcVM5b00xaGZuYkVISWhJV3NRPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 31 Mar 2022 06:29:24 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1088
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 22F6
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 02:56:26 GMT
x-content-type-options
nosniff
server
cafe
age
12778
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Fri, 01 Apr 2022 02:56:26 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 22F6
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
48619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 31 Mar 2022 16:59:05 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8C99
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 02:56:26 GMT
x-content-type-options
nosniff
server
cafe
age
12778
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Fri, 01 Apr 2022 02:56:26 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8C99
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
48619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 31 Mar 2022 16:59:05 GMT
8523425964125252360
tpc.googlesyndication.com/simgad/ Frame AFA4
17 KB
17 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/8523425964125252360?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmltQxXH7y4vFZqe32r45cViQnPqA
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6846607e37237f076851e728699a5949c455a35dc6078ba8f7f05ca4c01f85b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 18:52:23 GMT
x-content-type-options
nosniff
age
214621
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17033
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 05:59:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Mar 2023 18:52:23 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame AFA4
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 02:56:26 GMT
x-content-type-options
nosniff
server
cafe
age
12778
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Fri, 01 Apr 2022 02:56:26 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame AFA4
344 B
368 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
48619
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 31 Mar 2022 16:59:05 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/9135768470114980627/ Frame CF2D
4 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9135768470114980627/downsize_200k_v1?w=400&h=209
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fc50bebc76b1e201390b7e601ee1ec7fee66fe98546209fd34a34fd59335c5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 14:45:57 GMT
x-content-type-options
nosniff
age
229407
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4241
x-xss-protection
0
last-modified
Tue, 28 Dec 2021 12:08:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Mar 2023 14:45:57 GMT
truncated
/ Frame CF2D
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame CF2D
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9421d55513b79e070b7391c8f0da289606a86f41880cef5d3772fe822dd03e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame CF2D
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://earnme.club
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 05:33:18 GMT
x-content-type-options
nosniff
age
89766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 05:33:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame CF2D
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://earnme.club
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 18:59:49 GMT
x-content-type-options
nosniff
age
127775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 29 Mar 2023 18:59:49 GMT
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://earnme.club
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://earnme.club
access-control-max-age
600
age
0
content-length
0
date
Thu, 31 Mar 2022 06:29:25 GMT
server
ATS/9.1.0.33
c
prebid.a-mo.net/a/
0
223 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://earnme.club
date
Thu, 31 Mar 2022 06:29:24 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
cygnus
htlb.casalemedia.com/
36 B
327 B
XHR
General
Full URL
https://htlb.casalemedia.com/cygnus?s=783789&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2235fe09a851a781%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A1%2C%22allu%22%3A1%2C%22ren%22%3Atrue%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224e36e3ec6a44e5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22783789%22%2C%22fl%22%3A%22p%22%7D%2C%22video%22%3A%7B%22placement%22%3A5%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A30%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B480%2C270%5D%5D%2C%22w%22%3A480%2C%22h%22%3A270%7D%2C%22bidfloor%22%3A2%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22sid%22%3A%22s1602%22%2C%22hp%22%3A1%2C%22asi%22%3A%22paperlit.com%22%7D%5D%2C%22ver%22%3A%221.0%22%7D%7D%7D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3b71f8c2c6155e87421d4937e09c80832544716217ad1f5da7a1249150cd9b4c

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[84.19.175.183], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://earnme.club
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Thu, 31 Mar 2022 06:29:25 GMT
prebid-request
onetag-sys.com/
15 B
358 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://earnme.club
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/
0
294 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://earnme.club/
x-openrtb-version
2.5
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://earnme.club
date
Thu, 31 Mar 2022 06:29:25 GMT
access-control-allow-credentials
true
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
auction
prebid-server.rubiconproject.com/openrtb2/
185 B
406 B
XHR
General
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.154.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-154-236.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
83ffc17f9823f4dd9fbcc6534ae9d38f4af6cacc4b699fabac6c7bbce20d6c6d

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
content-encoding
gzip
x-prebid
pbs-java/1.85.0
content-type
application/json
access-control-allow-origin
https://earnme.club
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
avjp
digikulture-d.openx.net/v/1.0/
106 B
126 B
XHR
General
Full URL
https://digikulture-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=93301177-09bd-4c5d-b9d3-12d89524bd03&nocache=1648708164977&schain=1.0%2C1!paperlit.com%2Cs1602%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A480%2C%22h%22%3A270%2C%22mimes%22%3A%5B%22video%2Fx-ms-wmv%22%2C%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%7D%7D%5D%7D&auid=556674476&vwd=480&vht=270&vos=101&aumfs=2000
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
via
1.1 google
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://earnme.club
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/
145 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1485b51d61c10a59def2ec263a190d9ee2351ce1b62972c43a78565675a37eef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:25 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
35823325-d658-4725-85ff-fa9304978b44
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://earnme.club
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8593
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu-y_j4bX2WiTp91r-sRAsGmM0pUtDvZwcWmn2XiUtXdSMSWcpMORU21KXe7FfbnmbPRYSTRCOcch_T5VtzmNZwwqYTTa5E91a29xddqxEtQwncC6CS9azu8xwz2O0Eq9t2gas1W7EIbnBkFT1AIenN4cTX93lCFiuAF3vLyx1L1Ci8jTswtTE-KNYTfycKqODkRUo9kWebZHbhpobQ0pM-d466upuBB00wLZuTMSD9gY0EOulLTimEL_kPEQyQzqemYUFR487rFbOBqlvHaVeGRjURD0Ez6gYAORpB73_GP7iCMiQJH_kupU3kQNvhobEgUlzg3pw6o-oXWrvZfmC5Ffc3QKpVCExi8q4szP6szwWDzLeutuf9bSDQ6ujQp9GfEWRmgua3PwY8OjaCEESRvChcYezRGMRLkoS3IkW03uy_GXCBAyXqRwec9_xZBlpF19hr5s1pYhQzm8wRuBgXPeTC8-O2P8PmuM2gyIBamDL-WM1_CPUnwKY-mpIRdvuBXZpcAh5U6m6HqwcsTQ-qY5jtASj5RcqCFc-xF7i9cOW1C-nxmOe8MZT79IlMIZHxm_VKkNB1-ujna8QNEfsEEM3ZT9PkjQT5k_SBt1T06R7B6z5iDCIEeVNW9glAI06mdknSqs2vPiQyv-rs1IETTowjNaAArTqgIAJMPP1lh_8wsY2s_FPCa26DOPukjXgr8GH4kVpGc0gcKhU7H9mZZyZ97cn-WmyU4V14DOyjvzTehqzw5CNt5sEu-Mdt-nqMBYg4jOTgNiNRKAG3gku52u822dj4r5DydqbdMsgA59TITKc0rt1t5G4wSrrf_LNTmFKjKsIKpqCTHpOm1DW_TkPTpNqpXD4QV0HfN3_6SFTxPkFeOotF5OuvEuE51R2hCRQfILkgkwJhD-KfRyzyzc3yDwQtlelCv6vfqwRfzXGA8ukE4AFiQMLXUzjtX5s7-K96Lat1e_LyXUjK9dHqt4SoJpKa7ebdFkANgAiA7kI_IRvwEh9btKbOckQGYqT0ntHF5hKpG-G4B0OnwgivPYKx_F5XGZC9MUlez_ZKeHpsefUt1Env9gtHO9IXbcd9Hx6almAkPEHNOuFmUF3GrlrTb3JNDx9zdQxxZMZ95ZgVklZBU0PbLWR2KbSDS0NoJPdtQb15ZyXAFn3C5-1bXXuQ58xixw7SVA&sai=AMfl-YTPLnxY-3CWVtBVxOil8h5ZnaHgfG9EPhVyVQfhS8s7BbqY1fOf6P46e-1tXRwZv8Px8D9akb5FCKoOL519uqAnnS0O8T6UtlTfcJ0bMHhrSECHp5G6XE9e0x2_O_jXorgcS9E7jYyZGp2ezUlHZtSLgM-Id9-PUd_GmhVTD6FeNF2PHnj459Cvyfq5KveIFyyQrhDi8m2OF51_r2Vjhg3YC3BUsRwxKA_QdRHISF_GADoVXu1q37PiN-cNnoRvRjgoymCUON_fXUncr9hMqWF57z4_CTDCblfl2Kf1gV_86bLWUek5lYaKLzlOu591TyJKA-rsEW4jCnwJdP_LxJ03XZTY51Ia5l0WEc6EhtVHPkceXQtctLpVGk674t4xRkwpCY5o5B33ZAo&sig=Cg0ArKJSzMu0xcrNLnz-EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=199&vt=11&dtpt=198&dett=2&cstd=0&cisv=r20220329.86495&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 31 Mar 2022 06:29:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1418
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
60417
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 13:42:28 GMT
expires
Thu, 30 Mar 2023 13:42:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 67CC
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
60417
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 13:42:28 GMT
expires
Thu, 30 Mar 2023 13:42:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame 3DA9
222 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
220739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Mar 2023 17:10:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 3DA9
16 KB
6 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
220739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Mar 2023 17:10:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 3DA9
96 KB
29 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
220739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Mon, 28 Mar 2022 17:10:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Mar 2023 17:10:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 3DA9
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
535443
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Fri, 25 Mar 2022 01:45:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Mar 2023 01:45:22 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 3DA9
42 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
313510
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Sun, 27 Mar 2022 15:24:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 27 Mar 2023 15:24:15 GMT
css
fonts.googleapis.com/ Frame 3DA9
4 KB
618 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 31 Mar 2022 05:08:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 31 Mar 2022 06:29:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 31 Mar 2022 06:29:25 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3DA9
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 02:56:26 GMT
x-content-type-options
nosniff
server
cafe
age
12779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Fri, 01 Apr 2022 02:56:26 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 3DA9
344 B
379 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
48620
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 31 Mar 2022 16:59:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3DA9
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZMDSREpFYq70LJOOgQfPkLjgD4v0oa5p4ZDQwPQP9YLKnJIOEAEg3NizkQFguwOgAY_gxd8DyAEJqQJ-a6EyvF1DPuACAKgDAcgDCqoE3QFP0OZ3KCvu-DeUoPmB-6wRPrSNeKE1MX3AshafHUMxnh7Zv4wivh-5BiXWNmd5g8EcpqvjxRVP2yMhPWByCGc3eYBXwOK4DqgfrfKenZBjjjL5gRbzGR8AB_y1nHHpYkKbLr4pCoslJpu5MihujmDU8bYY54X7zXcgM7WnYV2edPVsfajy5yNTPLV28qnVRmHTwA_qLr3Nt5_lwqaidzP8OtaMByVI_kHDWhljfOVXWx-1bQfP3zqpjxS2rlt8xZf67WCrI7q6FphUBJBSPtamJa79k05le7cbBqSLvsAEv8S-5OQD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7-ojscBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ08kp0ggJCIjhgBAQARgdgAoDyAsBuBOIJ9gTDIgUAdAVAYAXAbIXHwodCAASFHB1Yi0xNDM4NzA5NjY3MjM0NjAyGMLbgwE&sigh=yPF92n7clW4&uach_m=[UACH]&template_id=5000
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CF2D
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 02:56:26 GMT
x-content-type-options
nosniff
server
cafe
age
12779
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
15880770647744369592
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Fri, 01 Apr 2022 02:56:26 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CF2D
344 B
379 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
48620
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Thu, 31 Mar 2022 16:59:05 GMT
truncated
/ Frame 8593
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39452d7b5f27d980b68751b57e76a75098f20de419c7d1b0a10a4ae4fcb2e7a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=earnme.club&rs=earnme.club&sid=97638&t=1648708164&cip=84.19.175.183&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=61236c658d8f39735560c155&test=&aafaid=&proto=https&uid=1648708164491-925064035684-007717-000-003032&cha=0.7&stagid=621f32205a5c530d554e9777&stplid=621f31ad0bf2103e4d763956&d35=&d36=6.2.12&cb=64706813216&d9=1000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270&nid=61236c658d8f39735560c155&ncid=621c5e1b99b8d6031e4ff892&e=bid&cb=1648708165181&asid=621cbdecd220c848d61b8e06&ofpr=&fpo=
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.93.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-93-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:25 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/9135768470114980627/ Frame 3DA9
4 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9135768470114980627/downsize_200k_v1?w=400&h=209
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fc50bebc76b1e201390b7e601ee1ec7fee66fe98546209fd34a34fd59335c5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 14:45:57 GMT
x-content-type-options
nosniff
age
229408
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4241
x-xss-protection
0
last-modified
Tue, 28 Dec 2021 12:08:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Mar 2023 14:45:57 GMT
truncated
/ Frame 3DA9
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3DA9
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b8c27624d9ed0bc757193e0722738bd99eb8311403992e0ea6805251425e50c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3DA9
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://earnme.club
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 05:33:18 GMT
x-content-type-options
nosniff
age
89767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 05:33:18 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3DA9
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://earnme.club
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 18:59:49 GMT
x-content-type-options
nosniff
age
127776
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 29 Mar 2023 18:59:49 GMT
universal.creative.js
cdn.jsdelivr.net/gh/bozghiyy/native-renderer@latest/ Frame 8D42
26 KB
9 KB
Script
General
Full URL
https://cdn.jsdelivr.net/gh/bozghiyy/native-renderer@latest/universal.creative.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
996ee0f3a8f51bf144147caab718d06d9fb77b4431aa05be32337c629022322f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
30814
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19177-FRA, cache-hhn4021-HHN
timing-allow-origin
*
x-jsd-version-type
branch
server
cloudflare
etag
W/"6617-h3hIzgRTXPqfI6Vw1Xw12ZMDNIY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6f4707d0fad29162-FRA
container.html
3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0C9C
6 KB
3 KB
Document
General
Full URL
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 06:29:24 GMT
expires
Fri, 31 Mar 2023 06:29:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 75BF
6 KB
3 KB
Document
General
Full URL
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 06:29:24 GMT
expires
Fri, 31 Mar 2023 06:29:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3BA2
6 KB
3 KB
Document
General
Full URL
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 06:29:24 GMT
expires
Fri, 31 Mar 2023 06:29:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 0900
375 KB
126 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61236c658d8f39735560c155
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e352006cc3bc3c7c2206316ef5ecc3a319959d6b6a3b4da9702afd1dff10de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127864
x-xss-protection
0
expires
Thu, 31 Mar 2022 06:29:25 GMT
gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
pagead2.googlesyndication.com/bg/ Frame 1418
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:31:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
39504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13748
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 19:31:01 GMT
gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
pagead2.googlesyndication.com/bg/ Frame 67CC
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:31:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
39504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13748
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 19:31:01 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7F6F
624 B
299 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiA5pK_ATAB&v=APEucNV8kTYAGRAP0VPk0eHOySC1_9ZUI0ASDvCZD2raaz6XAlt13Bkkg-Hb_x7b3zQUZkFAvQ5S43bgvHsiAaYfV7PhiR5_m9O-8rMNaNCYNChgR4QxOrXYERuETEsKWX3e5JaEjdq2l-EBKae20N8f9AGRCjxYv3mWqDLtajhiAY98QiiQU4M
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 06:29:25 GMT
expires
Thu, 31 Mar 2022 06:29:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/ Frame 0C9C
19 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/abg_lite_fy2019.js
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 06:25:09 GMT
18191302276523646985
s0.2mdn.net/simgad/ Frame 0C9C
12 KB
12 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/18191302276523646985
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f8566c4f5cc6c0b5be451d305073bebb43ae90bc5daf402a4569f61a5da9c09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 20:53:48 GMT
x-content-type-options
nosniff
age
34537
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12340
x-xss-protection
0
last-modified
Fri, 07 Jan 2022 18:12:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Mar 2023 20:53:48 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/elements/html/ Frame 0C9C
6 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4306
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 05:17:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0C9C
0
27 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0iGzs97_UB-GbjvST2sT6oM5CLzK99kLJMqt_VAe9cfI0uKd5dqqS_uW381iNt77gb5kSTLim7Ol0F0ZOgZtOD59z4BPg49ed8OUd8tmZEhZbfWwjGJPdJn9Jf5m6Li0JFQ-rJSGJyH-gJWdLLA6Ou9hphbn2eMR0ZVx0Ju5kjqt_2SMnkgVvNzgYL1mcck3U0xqRfr8q8aHGFXsoPiliIhIrFdp-zw_xvn-dm3sU9Lmm0pkT5wj8NJb7XFp6MimzBC07rnO9lvAxDanXnOPzBXPtSDXJLiZDIrfCoYndq5VVVtcarpWD6NL_caA_sstOdRhK07XVFJ9FuEV-RiZrUIIdP3nmuQNsc4Q_ybe2KvP610W7Frq21G2oo4B9HkOw6iTg3unCpGcasgCM6C1Mwh3F801h-IOuctiSoilvEm1IwpOBNU537ZEYXKOsR_Y8uF7JNCdji565dqPD8paD_MfGaOIGwRsisFcAy1jgYnu2pOwN2A3HR7OASTKwsLHWuJysuXHOO8qjVIopmF2GFgvzyqaPLavQPjOMf4KcUam-OzUvaLYJVH8srw402Bs3jg9a4VswJksZtiCmRBousQGdYprn3jfimksEsOw95Ynpf01uC4vbJ-E5HPS21payHD7T3w11GsCXoRqt7_ikaKou09Ddzkr783_KWctYDomOSMGsBBFv9qNHH_fi7W1jf-SdBIAymd9hlipk1ArBgNfGmMH_1EXZ5c1-pcdlkNB9K4wwaghE3QzmE7U9vJ-IZ0pkdIbVPMjnu3I-QJ213-qZ38dI5lSB5Gx7EyCfvZi012gJk4am9BxAw748XjSjtVqcNozvTpA1CLdkmxIZLVAm-lNfQJhc9UDPjbnt05qXadv5EdM9HFkdQlkeMeC9Cx7xJ-qKizBxU--HWpjp1BG1jZ8-PF4FT9L0RCYhUDhlVQ2HUHWAodIbwRTtW8tOa7SIEHGbQgxyoyln-WrmyYgYv3dwdzhGRQ73702dlKWHzu_zt2WjQLe41ZQYVEHh2yV2qEQXySDo1NA7qzdsxeLvycyJPGOfkQIvl5IB64m5ypNfz1Q5t6ZRKeA1yPgAwHxji0r8G-NQRlOeJAqm8Odv5ibg6A4KXY-PmVMkNVZDr2igGNrQ&sai=AMfl-YQQe-XHZUah_myhu4HcnaBnIiyQhX7O6wzWqDdeRpH3fqsD7f3JDgxsoHznJsIVBWOCZxiNRDcYlQ5RJbA6cpTrmp0WNqf90BcnmFxOaixtQM53plipJ8TWIpdFBS8TeJGQWgqTllRl4Krkwy55USf3qIoKoYZFOFyGENiRQ5P6qKi5Z6Q0fAIWkNlwT0EBcRjIZbzA8ce-gxpMewlzCDVw47ApFl2t33AJHhxelVEt1NmkkvlI5kgfodzz0rjvqHLnYTfvi7A-oZLx_vwcCVqd6qw97hmTBiSb7Ec&sig=Cg0ArKJSzGfmFrEqX3WWEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220329.01304&adurl=
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 31 Mar 2022 06:29:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0C9C
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60502
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 13:41:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C9C
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AAmYKqvsyA9JGr_veUhkbRjM8Ur9lI5kkGRLFnJRYee2yOLviMgv1PGmmyThduaOjtmXGRZ2oXgkN4v0eUeqdC9vcPRe9029pzEpXamdU-J85yxLI
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/ Frame 0C9C
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
943
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 06:13:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0C9C
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 31 Mar 2022 06:29:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/ Frame 0C9C
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:12:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1028
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 06:12:17 GMT
v.js
assets.a-mo.net/js/ Frame 8D42
79 KB
28 KB
Script
General
Full URL
https://assets.a-mo.net/js/v.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8877253386a74e6d0d5679eeb3c5288751cbc436f2928fbaefc6189f2da02892

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:25 GMT
via
1.1 0d795eafd076030e534112fa223d138a.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
188
x-cache
Hit from cloudfront
content-encoding
br
last-modified
Thu, 24 Mar 2022 13:16:27 GMT
server
cloudflare
etag
W/"d77c10562a3ed6cd3aa442ff37d8d426"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
ARN54-C1
cf-ray
6f4707d1dadf9bb8-FRA
x-amz-cf-id
9LaTqjLw8SQb2krQJO71YTawNYyyHZHJWVv12qWSIVMnwLhUl2EOmQ==
expires
Thu, 31 Mar 2022 07:29:25 GMT
g_pbwin
1x1.a-mo.net/hbx/
0
88 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/g_pbwin?A=amx&w=1&h=1&bid=88308a99a801d2c&C=0&np=0.021833972999999996&a=776f80b2-4716-4763-b087-69be7072dd93&ts=1648708165347&eid=9072dc6420d6035
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.50.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-50-170.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:25 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6783
640 B
318 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiY8ZG_ATAB&v=APEucNW04g9ZRkt_6KSHIrDBFbBhDckzc0ZOuvasB4AyboAzZJsfYCcjtZZOAwZ1hzp2SOfuwQwYghVTSJt7gK0vt2qmaC5XAX_OLmggtLcmJpTUVnfwfnHio9r0MJ8ONtuw-2gWNqgarO6D89x_7TyL9EMSnfgXDM42N_GW-hZvTJDYDKLRuuE
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 06:29:25 GMT
expires
Thu, 31 Mar 2022 06:29:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1509077974930286764
s0.2mdn.net/simgad/ Frame 75BF
13 KB
13 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/1509077974930286764
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
049d183b12915bb171ac4ffef9dd27ff4d9397b5741a8b12f564b76c94d11735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 08:46:16 GMT
x-content-type-options
nosniff
age
78189
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12870
x-xss-protection
0
last-modified
Fri, 07 Jan 2022 18:11:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Mar 2023 08:46:16 GMT
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/ Frame 75BF
19 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/abg_lite_fy2019.js
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:25:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 06:25:09 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/elements/html/ Frame 75BF
6 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220329/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:17:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4306
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2626
x-xss-protection
0
server
cafe
etag
8548655983161038638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 05:17:39 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 75BF
0
27 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv-JMSYkmwpDdX9SAKrNrBOqHaDJDe7FV335aLm9zJrW8DpRXSWOPI26TPW5Rn69LvPArjQvTqooWhWOZNeKa9bH15Dffrfp5RYUUjupvAo2dCheBI18XlUQ4GnWaI59ei0_40PKsTTJPSXmsTAvIZwEV5UULojoLLXnQbrKm5Vsb6DPudPgqXyzC_Aukd275aSHQ6FzPrT9gLyLaIXaZgQNbk4m_avBqeYSkoYlsnkHWGGwuKGsxWneA-8ptSyC2-giPqAAx4BUTI8a0jrwKj5-De7DD-IcurxVcYIWrHhlW5KpjTu0bq4QxPFjNRpHgMg91NlyVum5CgaU85Qmzj1j2heEogMipFtBqHn7Ff_HhjsSvep6bsyK8OQ4FeVHMVpwSGSJZTvvUaoNWpXTtiyPMelfwCXqkndFCbmQ-dEv8LAI9X9Y2Uw-nNAd3-4Vo6SwVhAe16zPvp5KSecmCpliGXs_4JkiX4KIcyiRIFMm0wFsQHL1TSC-IpWQXNdooSEfq8jxFcwhFEN6r4rZfntDh3hZjNzJs-Hi0wAIoHjthVqO1LrcFuMsjyVkFmBpWlUDmyqf4bgAX6aYQq1VeF2bpaibMFbmTUOpQJZKKruTE6OEBGx5JAHR5u38BNg4nUiyj3zZA7JkdJdytLEF2FuW_Ch4y62QZbTJjMxgNO0mWASjOv6TfqgNMEXLdn0EDL3JeTL_VEbCBmqmuS7Nq9voys8h2bel7U9e_FyDN8Y0-LO9kDZ_tzfUCJeha7byjZodowpQZuckrXbdl4uiBBAw9f9pKibAkBqAA_uwlpJSp1GwakZ6oVjjOW8LmVueZOms5dahQSGEtoLU5wuzE5SSs__MaKjYDIXKhs2L7AJ1x8QP5aW4Z0mtGcTP5s78aK4pA5BwaN9w89PclkAxEGp3ws8CprkDoHkaCCVHxDPszYfRR6B2MLMtUa3qHVmLgi6KA5g8ifmvRH0e_O-1dKkApxpsKyX_Md9iJCFfWg4Xmi0HOlXUy1tx0-0bnC1NelB20Mp4jYGnifWqMBcX9ULIzP-lRFZqsuwGPGJifmOsMesBDXJw2XiopHVT92Tk0UCZHgWmJzmHaH5wMilCpfY95rkqZunU2EE_jXdz-pFUZ2S6FWJFJhBIZk&sai=AMfl-YQbBcjkQtf_2FW48jtYQVrk0f3qMK2LtPrLmCupJn0aer3nWoe6ded9_7SjFIh-EH-tBE4YRrysL54ZAGx0Siy0RtS9fx1vr9wXbht86UIKAln3SiCXSGIJJxWOrwLhdRlVFg082GDaJHyxzVMK1McXy82rt36NkXScCRBQ_inpyUcODjAKlnQyzUV4c9ZvfOxv20-3Pqrm1TXZR-teqCdpfgHAF-3lnYvwVzToy7E-csNSE7436Jy-j5CqMSPpiipOR0OMabMX2XJwKz1nfQiAt8L7QZ3KjctH8yw&sig=Cg0ArKJSzPP9PqtfSFQtEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220329.01404&adurl=
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 31 Mar 2022 06:29:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 75BF
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60502
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Mar 2023 13:41:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 75BF
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BvwfLyzYHqqKsub85CKqv63AdA8Ppr7lNObgXbLtBb8lbT7ex2Vd5sya0Yjv6JR-ThTGwgRb8X9Qg6op_ypeCCbwkOCmVJmoLB5rvkeqDYvlswUqM
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/ Frame 75BF
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
943
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 06:13:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 75BF
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 31 Mar 2022 06:29:25 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/ Frame 75BF
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:12:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1028
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 06:12:17 GMT
l
www.google.com/ads/measurement/ Frame 75BF
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQbyyIWc8JM53ei3fUfnsZgEAc6rU5I_0mu7CfFRmKy9HljLqZdj-6a7aGZAv1g8HkzleHv4bkDmDjUvbHEy4kZmVEJpA
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/ Frame 6DF6
3 KB
1 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/index.html
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16ce40d2e9fc1fffb92e49c4bc10958495518d843ca25ce6acd580c15215bb08
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
514766
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1045
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Mar 2022 07:29:59 GMT
expires
Sat, 25 Mar 2023 07:29:59 GMT
last-modified
Tue, 01 Feb 2022 13:39:29 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 3BA2
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CyFhgREpFYoXHLNGi-gaGv6_wBPrhtI1p9Y2l7NkPloLNhYgWEAEghveGJmC7A6AB4Mn5nQPIAQmpAtsumt0vwLI-4AIAqAMByANIqgTjAU_QQwlRN83p7nYoMAi0nyfj-mQUfpHUpwqivai6bGw95H65GncX3NZtgTsr6ny7sY2xdhnYOd_ZdIe1xfcGJSfONdxwFq6O-MBYKFWxRJMmV8zuoFYEui7pHxcs_J8U7vMhjmvBUV6yH_SDuRLUy08NzPphwtStUhubsM7ttG9jdjhfES-FuqsRaDKoi0Eu_2JPCLUGeHR10gUrpNjQ4LiY7vzktW6bbplfKj-LjVwIZAbKhbAkjRNmXBZ2wVL1-2SL7fizS7ClXaA7Dg3Pfa6V6qObZ2iW0qyzgbmUGhnWg-3ywATSzoex4wPgBAGSBQQIBBgBkgUECAUYBKAGLoAHiLaGYqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPTvE9IICQiA4YAQEAEYHYAKA8gLAdgTDYgUAdAVAYAXAbIXHgocCAASFHB1Yi0xMDYyOTcyODYxNTUzMzAzGIHUHA&sigh=kn5K6dTlPHA&uach_m=[UACH]&template_id=419
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/ Frame 3BA2
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/abg_lite_fy2019.js
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1037
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 06:12:08 GMT
rum
dsum-sec.casalemedia.com/ Frame 7F6F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0jX3_AJCh2cGMZ0RwDCj4&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0jX3_AJCh2cGMZ0RwDCj4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiA5pK_ATAB&v=APEucNV8kTYAGRAP0VPk0eHOySC1_9ZUI0ASDvCZD2raaz6XAlt13Bkkg-Hb_x7b3zQUZkFAvQ5S43bgvHsiAaYfV7PhiR5_m9O-8rMNaNCYNChgR4QxOrXYERuETEsKWX3e5JaEjdq2l-EBKae20N8f9AGRCjxYv3mWqDLtajhiAY98QiiQU4M
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 31 Mar 2022 06:29:25 GMT

Redirect headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0jX3_AJCh2cGMZ0RwDCj4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7F6F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkVKRQwlvWE.CejJfgNxpwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0jX3_AJCh2cGMZ0RwDCj4&google_cver=1&google_hm=2
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0jX3_AJCh2cGMZ0RwDCj4&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiA5pK_ATAB&v=APEucNV8kTYAGRAP0VPk0eHOySC1_9ZUI0ASDvCZD2raaz6XAlt13Bkkg-Hb_x7b3zQUZkFAvQ5S43bgvHsiAaYfV7PhiR5_m9O-8rMNaNCYNChgR4QxOrXYERuETEsKWX3e5JaEjdq2l-EBKae20N8f9AGRCjxYv3mWqDLtajhiAY98QiiQU4M
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 31 Mar 2022 06:29:25 GMT

Redirect headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN0jX3_AJCh2cGMZ0RwDCj4&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7F6F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEEJpyquqliPX8z5f0hS_ilA&google_cver=1
43 B
1016 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEEJpyquqliPX8z5f0hS_ilA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiA5pK_ATAB&v=APEucNV8kTYAGRAP0VPk0eHOySC1_9ZUI0ASDvCZD2raaz6XAlt13Bkkg-Hb_x7b3zQUZkFAvQ5S43bgvHsiAaYfV7PhiR5_m9O-8rMNaNCYNChgR4QxOrXYERuETEsKWX3e5JaEjdq2l-EBKae20N8f9AGRCjxYv3mWqDLtajhiAY98QiiQU4M
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:25 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
68cae451-a23f-47ed-acd3-0149ec0a96da
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEEJpyquqliPX8z5f0hS_ilA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7F6F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg5NDgxMTA4NjcyMzIxMDMxNA%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg5NDgxMTA4NjcyMzIxMDMxNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiA5pK_ATAB&v=APEucNV8kTYAGRAP0VPk0eHOySC1_9ZUI0ASDvCZD2raaz6XAlt13Bkkg-Hb_x7b3zQUZkFAvQ5S43bgvHsiAaYfV7PhiR5_m9O-8rMNaNCYNChgR4QxOrXYERuETEsKWX3e5JaEjdq2l-EBKae20N8f9AGRCjxYv3mWqDLtajhiAY98QiiQU4M
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:25 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
caafb860-512d-4afe-92ee-68f7bd8c9413
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzg5NDgxMTA4NjcyMzIxMDMxNA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6783
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDPd0kjJT1bnTBUFzxR61gs&google_cver=1
43 B
114 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDPd0kjJT1bnTBUFzxR61gs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiY8ZG_ATAB&v=APEucNW04g9ZRkt_6KSHIrDBFbBhDckzc0ZOuvasB4AyboAzZJsfYCcjtZZOAwZ1hzp2SOfuwQwYghVTSJt7gK0vt2qmaC5XAX_OLmggtLcmJpTUVnfwfnHio9r0MJ8ONtuw-2gWNqgarO6D89x_7TyL9EMSnfgXDM42N_GW-hZvTJDYDKLRuuE
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDPd0kjJT1bnTBUFzxR61gs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 6783
43 B
131 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiY8ZG_ATAB&v=APEucNW04g9ZRkt_6KSHIrDBFbBhDckzc0ZOuvasB4AyboAzZJsfYCcjtZZOAwZ1hzp2SOfuwQwYghVTSJt7gK0vt2qmaC5XAX_OLmggtLcmJpTUVnfwfnHio9r0MJ8ONtuw-2gWNqgarO6D89x_7TyL9EMSnfgXDM42N_GW-hZvTJDYDKLRuuE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 6783
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEJnhbBqCnG-dI2aZRvtZEEI&google_cver=1
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEJnhbBqCnG-dI2aZRvtZEEI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiY8ZG_ATAB&v=APEucNW04g9ZRkt_6KSHIrDBFbBhDckzc0ZOuvasB4AyboAzZJsfYCcjtZZOAwZ1hzp2SOfuwQwYghVTSJt7gK0vt2qmaC5XAX_OLmggtLcmJpTUVnfwfnHio9r0MJ8ONtuw-2gWNqgarO6D89x_7TyL9EMSnfgXDM42N_GW-hZvTJDYDKLRuuE
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 31 Mar 2022 06:29:25 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEJnhbBqCnG-dI2aZRvtZEEI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 6783
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-t7QIQhsvvAhiY8ZG_ATAB&v=APEucNW04g9ZRkt_6KSHIrDBFbBhDckzc0ZOuvasB4AyboAzZJsfYCcjtZZOAwZ1hzp2SOfuwQwYghVTSJt7gK0vt2qmaC5XAX_OLmggtLcmJpTUVnfwfnHio9r0MJ8ONtuw-2gWNqgarO6D89x_7TyL9EMSnfgXDM42N_GW-hZvTJDYDKLRuuE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 31 Mar 2022 06:29:25 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
view
googleads4.g.doubleclick.net/pcs/ Frame 75BF
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv-JMSYkmwpDdX9SAKrNrBOqHaDJDe7FV335aLm9zJrW8DpRXSWOPI26TPW5Rn69LvPArjQvTqooWhWOZNeKa9bH15Dffrfp5RYUUjupvAo2dCheBI18XlUQ4GnWaI59ei0_40PKsTTJPSXmsTAvIZwEV5UULojoLLXnQbrKm5Vsb6DPudPgqXyzC_Aukd275aSHQ6FzPrT9gLyLaIXaZgQNbk4m_avBqeYSkoYlsnkHWGGwuKGsxWneA-8ptSyC2-giPqAAx4BUTI8a0jrwKj5-De7DD-IcurxVcYIWrHhlW5KpjTu0bq4QxPFjNRpHgMg91NlyVum5CgaU85Qmzj1j2heEogMipFtBqHn7Ff_HhjsSvep6bsyK8OQ4FeVHMVpwSGSJZTvvUaoNWpXTtiyPMelfwCXqkndFCbmQ-dEv8LAI9X9Y2Uw-nNAd3-4Vo6SwVhAe16zPvp5KSecmCpliGXs_4JkiX4KIcyiRIFMm0wFsQHL1TSC-IpWQXNdooSEfq8jxFcwhFEN6r4rZfntDh3hZjNzJs-Hi0wAIoHjthVqO1LrcFuMsjyVkFmBpWlUDmyqf4bgAX6aYQq1VeF2bpaibMFbmTUOpQJZKKruTE6OEBGx5JAHR5u38BNg4nUiyj3zZA7JkdJdytLEF2FuW_Ch4y62QZbTJjMxgNO0mWASjOv6TfqgNMEXLdn0EDL3JeTL_VEbCBmqmuS7Nq9voys8h2bel7U9e_FyDN8Y0-LO9kDZ_tzfUCJeha7byjZodowpQZuckrXbdl4uiBBAw9f9pKibAkBqAA_uwlpJSp1GwakZ6oVjjOW8LmVueZOms5dahQSGEtoLU5wuzE5SSs__MaKjYDIXKhs2L7AJ1x8QP5aW4Z0mtGcTP5s78aK4pA5BwaN9w89PclkAxEGp3ws8CprkDoHkaCCVHxDPszYfRR6B2MLMtUa3qHVmLgi6KA5g8ifmvRH0e_O-1dKkApxpsKyX_Md9iJCFfWg4Xmi0HOlXUy1tx0-0bnC1NelB20Mp4jYGnifWqMBcX9ULIzP-lRFZqsuwGPGJifmOsMesBDXJw2XiopHVT92Tk0UCZHgWmJzmHaH5wMilCpfY95rkqZunU2EE_jXdz-pFUZ2S6FWJFJhBIZk&sai=AMfl-YQbBcjkQtf_2FW48jtYQVrk0f3qMK2LtPrLmCupJn0aer3nWoe6ded9_7SjFIh-EH-tBE4YRrysL54ZAGx0Siy0RtS9fx1vr9wXbht86UIKAln3SiCXSGIJJxWOrwLhdRlVFg082GDaJHyxzVMK1McXy82rt36NkXScCRBQ_inpyUcODjAKlnQyzUV4c9ZvfOxv20-3Pqrm1TXZR-teqCdpfgHAF-3lnYvwVzToy7E-csNSE7436Jy-j5CqMSPpiipOR0OMabMX2XJwKz1nfQiAt8L7QZ3KjctH8yw&sig=Cg0ArKJSzPP9PqtfSFQtEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=79&vt=11&dtpt=78&dett=2&cstd=0&cisv=r20220329.01404&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 31 Mar 2022 06:29:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 0C9C
0
26 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0iGzs97_UB-GbjvST2sT6oM5CLzK99kLJMqt_VAe9cfI0uKd5dqqS_uW381iNt77gb5kSTLim7Ol0F0ZOgZtOD59z4BPg49ed8OUd8tmZEhZbfWwjGJPdJn9Jf5m6Li0JFQ-rJSGJyH-gJWdLLA6Ou9hphbn2eMR0ZVx0Ju5kjqt_2SMnkgVvNzgYL1mcck3U0xqRfr8q8aHGFXsoPiliIhIrFdp-zw_xvn-dm3sU9Lmm0pkT5wj8NJb7XFp6MimzBC07rnO9lvAxDanXnOPzBXPtSDXJLiZDIrfCoYndq5VVVtcarpWD6NL_caA_sstOdRhK07XVFJ9FuEV-RiZrUIIdP3nmuQNsc4Q_ybe2KvP610W7Frq21G2oo4B9HkOw6iTg3unCpGcasgCM6C1Mwh3F801h-IOuctiSoilvEm1IwpOBNU537ZEYXKOsR_Y8uF7JNCdji565dqPD8paD_MfGaOIGwRsisFcAy1jgYnu2pOwN2A3HR7OASTKwsLHWuJysuXHOO8qjVIopmF2GFgvzyqaPLavQPjOMf4KcUam-OzUvaLYJVH8srw402Bs3jg9a4VswJksZtiCmRBousQGdYprn3jfimksEsOw95Ynpf01uC4vbJ-E5HPS21payHD7T3w11GsCXoRqt7_ikaKou09Ddzkr783_KWctYDomOSMGsBBFv9qNHH_fi7W1jf-SdBIAymd9hlipk1ArBgNfGmMH_1EXZ5c1-pcdlkNB9K4wwaghE3QzmE7U9vJ-IZ0pkdIbVPMjnu3I-QJ213-qZ38dI5lSB5Gx7EyCfvZi012gJk4am9BxAw748XjSjtVqcNozvTpA1CLdkmxIZLVAm-lNfQJhc9UDPjbnt05qXadv5EdM9HFkdQlkeMeC9Cx7xJ-qKizBxU--HWpjp1BG1jZ8-PF4FT9L0RCYhUDhlVQ2HUHWAodIbwRTtW8tOa7SIEHGbQgxyoyln-WrmyYgYv3dwdzhGRQ73702dlKWHzu_zt2WjQLe41ZQYVEHh2yV2qEQXySDo1NA7qzdsxeLvycyJPGOfkQIvl5IB64m5ypNfz1Q5t6ZRKeA1yPgAwHxji0r8G-NQRlOeJAqm8Odv5ibg6A4KXY-PmVMkNVZDr2igGNrQ&sai=AMfl-YQQe-XHZUah_myhu4HcnaBnIiyQhX7O6wzWqDdeRpH3fqsD7f3JDgxsoHznJsIVBWOCZxiNRDcYlQ5RJbA6cpTrmp0WNqf90BcnmFxOaixtQM53plipJ8TWIpdFBS8TeJGQWgqTllRl4Krkwy55USf3qIoKoYZFOFyGENiRQ5P6qKi5Z6Q0fAIWkNlwT0EBcRjIZbzA8ce-gxpMewlzCDVw47ApFl2t33AJHhxelVEt1NmkkvlI5kgfodzz0rjvqHLnYTfvi7A-oZLx_vwcCVqd6qw97hmTBiSb7Ec&sig=Cg0ArKJSzGfmFrEqX3WWEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=99&vt=11&dtpt=99&dett=2&cstd=0&cisv=r20220329.01304&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: earnme.club
URL: https://earnme.club/safe2.php?link=108Gb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 31 Mar 2022 06:29:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6DF6
9 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 13:42:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60395
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 31 Mar 2022 13:42:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6DF6
26 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:22:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58040
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 31 Mar 2022 14:22:05 GMT
bild1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/images/ Frame 6DF6
12 KB
12 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/images/bild1.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
786cbbdde94aac41b3ec33a08b95aad7415911afc5820daffa8e329002d8a96e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
514638
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12563
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 13:39:29 GMT
server
sffe
date
Fri, 25 Mar 2022 07:32:07 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 25 Mar 2023 07:32:07 GMT
bild2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/images/ Frame 6DF6
31 KB
31 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/images/bild2.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11876c569cf92772a49a6f735f902f2c79a194985674afad091c13cb6ceb7250
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
29524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31597
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 13:39:29 GMT
server
sffe
date
Wed, 30 Mar 2022 22:17:21 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Mar 2023 22:17:21 GMT
bild3.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/images/ Frame 6DF6
13 KB
13 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/images/bild3.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aad7386266e146728e3a4065284327c76369b5f8d991952d5021ae47ed5acd1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
533884
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13273
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 13:39:29 GMT
server
sffe
date
Fri, 25 Mar 2022 02:11:21 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 25 Mar 2023 02:11:21 GMT
bild4.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/images/ Frame 6DF6
38 KB
39 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/images/bild4.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/140445308604698908/html5-animation-MWD-300x250-en/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71609501b179bed21d0470e366fa2c6c3441a3d16101f17dd6b3793ddc57bde7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
29524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39407
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 13:39:29 GMT
server
sffe
date
Wed, 30 Mar 2022 22:17:21 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 30 Mar 2023 22:17:21 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3E79
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
2141
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 05:53:44 GMT
etag
48472445140208031
expires
Fri, 01 Apr 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2BF5
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
2141
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 05:53:44 GMT
etag
48472445140208031
expires
Fri, 01 Apr 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0C9C
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
553bace60a0d1bdefb85f9a5eb768da636d311df18645c29d0d9ab18a7e9d910

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame DDF7
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
1432
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Thu, 31 Mar 2022 06:05:33 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/ Frame 3BA2
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:13:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
943
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 06:13:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3BA2
119 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36916
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648640521462251"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 31 Mar 2022 06:29:25 GMT
truncated
/ Frame 75BF
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb4d0a7322dfb7992da3c50dc52f52196a852d893bddd26de002eee0ae270b0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
iwin
1x1.a-mo.net/hbx/ Frame 8D42
0
88 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/iwin?aid=ZWFybm1lLmNsdWI&b=earnme.club&M=13&v=pba0.0-aa2.13.0-3779a5d-1&cv=v.js&lng=en-US&_e=CoED8gUBMLICEHN0ZWFtcG93ZXJlZC5jb23CAgUxMzE3MzFL5IIz-PulP_IBDzk3NjkxMzQ2NjU0ODA5OaoEA0RDSPoBBjYuMTYuMMoDBTEzMTczwgUBMogDxJSVkgbKBQUxNDI3M-gBAVoIcGJhMS4zLjGoAQGKAQhlNzY0ZjdmN2oLZWFybm1lLmNsdWLgA7B44AUByAEAQgZlbWNfT1PSBQkxMDUxOTkzODZSDWFhcy05NDNjOTNlYi3YBQF4AZoDJDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMOoFB2Rlc2t0b3CgAQHAAfv3CjoIYXBwbmV4dXO6AgkzNDcyNDA5NzdKC2Vhcm5tZS5jbHViqQIAAAAAAAAAANoCCDIxMDA4MzA1kgECMTCiAwxZV1JoY0dWNExtbHaRAl0w6B-lW5Y_IgpfbHJycnV6cWNwqAM9mAKtA-gCAeoDDzM4Njk1NzY3YWM1MzRjZdAB____________AQ&r=1&c3=347240977&c1=visible%3Av%3Ab%3Afi&p=0.021833972999999996&c2=v&bid=976913466548099&eid=1afbnf0wg32lnws5xg&ts=1648708165558
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.50.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-50-170.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:25 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
ab
nym1-ib.adnxs-simple.com/ Frame 8D42
20 KB
7 KB
XHR
General
Full URL
https://nym1-ib.adnxs-simple.com/ab?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&e=wqT_3QK5Dmw5BwAAAwDWAAUBCMSUlZIGEOi11ImKnuiGGBj_EQF4ASo2CZJ0zeSbba4_EST2vxL--6U_GQAAAGC4Hh5AIRESACkRJNgxAAAAoEfh6j8wsZ-CCjiCYED1ZkgCUJH0yaUBWLGTkAFgAGiijqkBeLyoBYABAYoBA1VTRJIBAQbwVZgBAaABAagBAbABALgBA8ABBcgBAtABANgBAOABAPABAIoClQF1ZignYScsIDU1NjMyMTYsIDE2NDg3MDgxNjQpO3VmKCdpJywgNjgzNjE1MSwgMTY0Mh0AMGcnLCAxNzA2NjE0OSxCOwAsYycsIDUxOTA0OTAwRh4AMHInLCAzNDcyNDA5Nzc2HwDwkJICpQUhYUlCWTdRaUVnLUFZRUpIMHlhVUJHQUFnc1pPUUFUQUJPQUJBQUVqMVpsQ3huNElLV0FCZ19fX19fdzlvQUhBQmVBR0FBUUdJQVFHUUFRR1lBUUdnQVFLb0FRS3dBUUM1QVpBWk5RTmpiYTRfd1FHUUdUVURZMjJ1UDhrQkFBQUFBQUFBOERfWkFRQUEFD3RQQV80QUczbjZFRDlRRUFBSUJBbUFJQW9BSUF0UUkFIwB2DQjYd0FJQnlBSUIwQUlCMkFJQjRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNWENLbVNtaDhRQWhnQkxRQQFE8Fh5QjJSbFptRjFiSFNpQXc0STJxbTBJQkFFR0FFdHJXalNQS0lERXdpX3B1VWZFQW9ZQVMyOFBaQV9NZ04xYm11NkF3bE9XVTB5T2pRME5EZmdBX3d0NlFNQQFd8EBBQURnUF9BRDN4T0FCUGJTNUFlSUJMUFQ1QWVRQkFDWUJBU3lCQW9JNF82U0RSREZrNDBOdWdRYUNJUUdFV1ptWgECDHRZX0cJrAUBKElPUC1rZzNCQkdaAR4AbQEgBHlRHSEYTmdFQV9FRQUtBQEgQ0lCZDhpcVFVBQ4cQUFEd1A3RUYNDQEQBEJCHT8AeQUoHENnZE1YblA5MigAAFoVKCWcqFczTHZBRnBkR1JDUGdGME1iVEFvSUdBMVZUUklnR0FKQUdBWmdHQUtFR0EBZzhBQUFFRUNvQmdTeUJpUUoBEA0BAFINCAEBAFoBBQ0BAGgNCExBQUFDNEJnby6aApkBIXh4WDNjZzqpAixMR1RrQUVnQUNnQU0RzRRCQkFPZ2w9nRBkQV9DMRV5CDhEOR15AEIVeQw0RDloLVsQbTFqOXABfwkBBEJ4CQgBARRCNEFJa0IBCgEB8EY4RDgu2AIA4ALY1VvqAilodHRwczovL2Vhcm5tZS5jbHViL3plcm8tOGktZnJvbS1pbmZpbml4L_ICEQoGQURWX0lEEgc1NYUUMPICEgoGQ1BHX0lEEghx7hjyAgoKBUNQARQYATDyAg0KCAE2DEZSRVEREBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BUREPEAsKB0NQFQ4QEAoFSU8BWQAHjXgA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCGATCAAwGIAwCQAwCYAxSgAwGqAwDAA-CoAcgDANgDtsDEAeADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIECzg0LjE5LjE3NS4wqAQAsgQQCAEQBBgAIAAoASgCMAA4BLgEAMAEAMgEANIEDzEzMTczI05ZTTI6NDQ0N9oEAggB4AQA8ASRoeM0-gQSCQAAAEAzc0lAEQAFASQmQIgFAZgFAKAF0VRk_wGqBRBaRkRER1lMQTJTQVVORkJHwAUAyQUFMRQA8D_SBQkBRwUBbNgFAeAFAfAFwW_6BQQIABAAkAYBmAYAuAYBwQYFITAA8D_QBqnVAtoGFgoQCRIZAVwQABgA4AYE8gYCCACABwGIBwCgB0C6Bw8BSUgYACAAMAA4ugZAAMgHvKgF0gcNFXYBOAjaBwYJJzzgBwDqBwIIAPAHAIoIAhAA&s=9eaa03c505e2768b95b3bd39793e293a7494d515&pp=0.042938
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/v.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.154 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
574.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1edd5391168ee2ad5d26dfc28001a17ddc0865fe458493c1ebde2be83cd9e9e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 06:29:25 GMT
Content-Encoding
gzip
X-Creative-ID
347240977
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 574.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs-simple.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0dd46585-e6a6-41a2-b53b-209d26d9a320
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/xml; charset=utf-8
Access-Control-Allow-Origin
https://earnme.club
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A804
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
60417
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 13:42:28 GMT
expires
Thu, 30 Mar 2023 13:42:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.508.0_en.html
imasdk.googleapis.com/js/core/ Frame EBFA
592 KB
193 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.508.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56e21c0b93290490c1b1bcd3c541dc358b4f5bb43b24d954dc075e82fe48dcaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
459133
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
197186
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Mar 2022 22:57:12 GMT
expires
Sat, 25 Mar 2023 22:57:12 GMT
last-modified
Fri, 25 Mar 2022 22:49:52 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 0900
44 KB
16 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 31 Mar 2022 06:29:25 GMT
integrator.js
adservice.google.com/adsid/ Frame 0900
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=earnme.club
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 31 Mar 2022 06:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E47E
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
60417
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 30 Mar 2022 13:42:28 GMT
expires
Thu, 30 Mar 2023 13:42:28 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2764
37 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:58:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 31 Mar 2022 06:58:58 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame D2C4
3 KB
2 KB
Document
General
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Thu, 31 Mar 2022 06:29:25 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 771A
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 31 Mar 2022 06:29:25 GMT
ETag
"623de86a-cf34"
Expires
Fri, 01 Apr 2022 06:29:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 7474
2 KB
814 B
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1648708165143
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 5BF2
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 31 Mar 2022 06:29:25 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame E4C2
0
91 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb6.15.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 31 Mar 2022 06:29:25 GMT
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
via
1.1 google
/
google2waycm.netmng.com/cm/ Frame 3E79
0
0

current
dclk-match.dotomi.com/match/bounce/ Frame 3E79
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENGMMUUj7yvctv6KRqNvio4&google_cver=1&google_push=AYg5qPIHb-z26xN_qo0lPJdddcvYwFs5x-sq-JHa0Ne4EKQdHHABCWB8JN075V-SDvsIPNS5B_PriPD5WtIpvo8DiOjmBb_-HoQy
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
google
match.adsrvr.org/track/cmf/ Frame 3E79
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEJZqILMXcg7flcVwVoc8oNA&google_cver=1&google_push=AYg5qPIDz2TdzwTaFfeOnUmdH7ztBJebk-AnaxP9TkV49MfhXh5AtTwz5ZeF60IsKujVwfdQfCoijOUWAM2GWogKL4_zRnp6PjPV
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 3E79
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEOuD1-umrv1JdKGLuV9WW7A&google_cver=1&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
0
0

pixel
cm.g.doubleclick.net/ Frame 3E79
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEN...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPI8eV4mU3DEG74YLZPiPSYs-l8H2iqQS2Oa6AKCGO3ZHgZb60X8yoNhcHiT32FwOTf_NLuM6pux15YKjtdmgt-W9NcNv9vZ&redir=https%3A%2F%2Fcm.g.doubl...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI8eV4mU3DEG74YLZPiPSYs-l8H2iqQS2Oa6AKCGO3ZHgZb60X8yoNhcHiT32FwOTf_NLuM6pux15YKjtdmgt-W9NcNv9vZ&google_hm=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI8eV4mU3DEG74YLZPiPSYs-l8H2iqQS2Oa6AKCGO3ZHgZb60X8yoNhcHiT32FwOTf_NLuM6pux15YKjtdmgt-W9NcNv9vZ&google_hm=
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPI8eV4mU3DEG74YLZPiPSYs-l8H2iqQS2Oa6AKCGO3ZHgZb60X8yoNhcHiT32FwOTf_NLuM6pux15YKjtdmgt-W9NcNv9vZ&google_hm=
cache-control
no-store, no-cache, must-revalidate
expires
0
pixel
cm.g.doubleclick.net/ Frame 3E79
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBrFrPkaaDBrcKFf4xuC7gs&google_cver=1&google_push=AYg5qPLfHN8DfHPV0Fa5joOgQJick0soZb-RfWJ2Pj1TqJjE08KfYgdMwkuKUKNXCrCEEO6ac7f4_M8tbDMIrEcDTibNou8wdDaz
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLfHN8DfHPV0Fa5joOgQJick0soZb-RfWJ2Pj1TqJjE08KfYgdMwkuKUKNXCrCEEO6ac7f4_M8tbDMIrEcDTibNou8wdDaz&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTg3NTgyMzg1MjI5NDEyNDE5NzYw&google_push=AYg5qPLfHN8DfHPV0Fa5joOgQJick0soZb-RfWJ2Pj1TqJjE08KfYgdMwkuKUKNX...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTg3NTgyMzg1MjI5NDEyNDE5NzYw&google_push=AYg5qPLfHN8DfHPV0Fa5joOgQJick0soZb-RfWJ2Pj1TqJjE08KfYgdMwkuKUKNXCrCEEO6ac7f4_M8tbDMIrEcDTibNou8wdDaz
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTg3NTgyMzg1MjI5NDEyNDE5NzYw&google_push=AYg5qPLfHN8DfHPV0Fa5joOgQJick0soZb-RfWJ2Pj1TqJjE08KfYgdMwkuKUKNXCrCEEO6ac7f4_M8tbDMIrEcDTibNou8wdDaz
date
Thu, 31 Mar 2022 06:29:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 3E79
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEN3kRwuHin5jPfEueJnln5c&google_cver=1&google_push=AYg5qPItHkRf4Q4o1sy9mZ2c2uKu5Wk2D32ESmA_hN0wagrkDA0TfvQ4...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEN3kRwuHin5jPfEueJnln5c&google_cver=1&google_push=AYg5qPItHkRf4Q4o1sy9mZ2c2uKu5Wk2D32ESmA_hN0wagrkDA0TfvQ4...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEN3kRwuHin5jPfEueJnln5c&google_cver=1&google_push=AYg5qPItHkRf4Q4o1sy9mZ2c2uKu5Wk2D32ESmA_hN0wagrkDA0Tfv...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlOTFiMzRkOC1iMGJiLTExZWMtOTJlNi0wNjg5OGVjNzU0ZjA%3D&google_push=AYg5qPItHkRf4Q4o1sy9mZ2c2uKu5Wk2D32ESmA_hN0wagrkDA0TfvQ4qjT4SOiySJ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlOTFiMzRkOC1iMGJiLTExZWMtOTJlNi0wNjg5OGVjNzU0ZjA%3D&google_push=AYg5qPItHkRf4Q4o1sy9mZ2c2uKu5Wk2D32ESmA_hN0wagrkDA0TfvQ4qjT4SOiySJAxQlPPbuPb0qRGXbsucaFLb8FQ4LeQj_9qUA
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBlOTFiMzRkOC1iMGJiLTExZWMtOTJlNi0wNjg5OGVjNzU0ZjA%3D&google_push=AYg5qPItHkRf4Q4o1sy9mZ2c2uKu5Wk2D32ESmA_hN0wagrkDA0TfvQ4qjT4SOiySJAxQlPPbuPb0qRGXbsucaFLb8FQ4LeQj_9qUA
date
Thu, 31 Mar 2022 06:29:25 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 3E79
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LafZeUcD4XwSgpgU_2dgZ5gfLH2OIMReY3nQXHBP3gqesp_z_53hctQUOxm5Fd-tnZanJcOw
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
google2waycm.netmng.com/cm/ Frame 2BF5
0
0

pixel
cm.g.doubleclick.net/ Frame 2BF5
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKRLgnwmXdk8AfI_5U2O4_k&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKRLgnwmXdk8AfI_5U2O4_k&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UkpmcHMzVG4xTnpPamI1&google_gid=CAESEKRLgnwmXdk8AfI_5U2O4_k&google_cver=1&google_push=AYg5qPLLhMNdFRA4bSoWVVSqQeGc21amO5LLxdoSqkWTXks...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UkpmcHMzVG4xTnpPamI1&google_gid=CAESEKRLgnwmXdk8AfI_5U2O4_k&google_cver=1&google_push=AYg5qPLLhMNdFRA4bSoWVVSqQeGc21amO5LLxdoSqkWTXksy81XjSohMB9mffq5ktObLRvgS0FVqf4X7HUo-urOgoXCCdklNHTYMbg
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:25 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ae965e2f8a6b4310@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=UkpmcHMzVG4xTnpPamI1&google_gid=CAESEKRLgnwmXdk8AfI_5U2O4_k&google_cver=1&google_push=AYg5qPLLhMNdFRA4bSoWVVSqQeGc21amO5LLxdoSqkWTXksy81XjSohMB9mffq5ktObLRvgS0FVqf4X7HUo-urOgoXCCdklNHTYMbg
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 2BF5
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEMsnZvYRndQveqiEJ0-4RNk&google_cver=1&google_push=AYg5qPKzoH32jOnW8zk20MYQg22ZTbQgyWpmssq8lKGk2ri6CnRDzF5RvwyJX7wsW2v1fs2ftRribm46A6H4YF_sUL1Gh83-E6gk&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMsnZvYRndQveqiEJ0-4RNk&google_cver=1&google_push=AYg5qPKzoH32jOnW8zk20MYQg22ZTbQgyWpmssq8lKGk2ri6CnRDzF5RvwyJX7wsW2v1fs2ftRribm46A6H4YF_sUL1Gh83-E6g...
43 B
447 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMsnZvYRndQveqiEJ0-4RNk&google_cver=1&google_push=AYg5qPKzoH32jOnW8zk20MYQg22ZTbQgyWpmssq8lKGk2ri6CnRDzF5RvwyJX7wsW2v1fs2ftRribm46A6H4YF_sUL1Gh83-E6gk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKzoH32jOnW8zk20MYQg22ZTbQgyWpmssq8lKGk2ri6CnRDzF5RvwyJX7wsW2v1fs2ftRribm46A6H4YF_sUL1Gh83-E6gk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:26 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6f4707d5783e9180-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
81
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6f4707d42e559180-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEMsnZvYRndQveqiEJ0-4RNk&google_cver=1&google_push=AYg5qPKzoH32jOnW8zk20MYQg22ZTbQgyWpmssq8lKGk2ri6CnRDzF5RvwyJX7wsW2v1fs2ftRribm46A6H4YF_sUL1Gh83-E6gk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKzoH32jOnW8zk20MYQg22ZTbQgyWpmssq8lKGk2ri6CnRDzF5RvwyJX7wsW2v1fs2ftRribm46A6H4YF_sUL1Gh83-E6gk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2BF5
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKVNdqmsWgmm-W7V_W49Mqs&google_push=AYg5qPLNfScmctmsfHrk2bfWAN9cJVOO2BqbN5TiK-AlI_AgCelSbwyUfW...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKVNdqmsWgmm-W7V_W49Mqs&google_push=AYg5qPLNfScmctmsfHrk2bfWAN9cJVOO2BqbN5TiK-AlI_AgCelSbwyUfWdhc4zwYneJ8Fe3V7m2G45NyX4q5PgArk5_h2133HqHjQ
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1648708166.791717,VS0,VE93
x-served-by
cache-hhn4083-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKVNdqmsWgmm-W7V_W49Mqs&google_push=AYg5qPLNfScmctmsfHrk2bfWAN9cJVOO2BqbN5TiK-AlI_AgCelSbwyUfWdhc4zwYneJ8Fe3V7m2G45NyX4q5PgArk5_h2133HqHjQ
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 2BF5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIPOndSS7RuLA1qOoHt4KMk&google_cver=1&google_push=AYg5qPKDb9nFWNllMBLDWchLb3uXDcTFJJqgZsHe2cP1yO8mJbx8K_w6yp2y-Jb5odkeDWurhbk...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFFTTlUQjEtOC01OUc5&google_push=AYg5qPKDb9nFWNllMBLDWchLb3uXDcTFJJqgZsHe2cP1yO8mJbx8K_w6yp2y-Jb5odkeDWurhbkfNjt7JqjLBXCR8ATVc6VtSOnWqg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFFTTlUQjEtOC01OUc5&google_push=AYg5qPKDb9nFWNllMBLDWchLb3uXDcTFJJqgZsHe2cP1yO8mJbx8K_w6yp2y-Jb5odkeDWurhbkfNjt7JqjLBXCR8ATVc6VtSOnWqg
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFFTTlUQjEtOC01OUc5&google_push=AYg5qPKDb9nFWNllMBLDWchLb3uXDcTFJJqgZsHe2cP1yO8mJbx8K_w6yp2y-Jb5odkeDWurhbkfNjt7JqjLBXCR8ATVc6VtSOnWqg
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
cm.g.doubleclick.net/ Frame 2BF5
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBrFrPkaaDBrcKFf4xuC7gs&google_cver=1&google_push=AYg5qPIVbEtvpH4mUO7RFtnQBNNRbp2yQamlWfEr-eHenWjHewJCx4G-PihT92XlEF_paydVXAdBzWC2F2fIVUXqIUbOuunHU6Xv
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPIVbEtvpH4mUO7RFtnQBNNRbp2yQamlWfEr-eHenWjHewJCx4G-PihT92XlEF_paydVXAdBzWC2F2fIVUXqIUbOuunHU6Xv&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTg3NTgyMzg1MjI5NDEyNDE5NzYw&google_push=AYg5qPIVbEtvpH4mUO7RFtnQBNNRbp2yQamlWfEr-eHenWjHewJCx4G-PihT92Xl...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTg3NTgyMzg1MjI5NDEyNDE5NzYw&google_push=AYg5qPIVbEtvpH4mUO7RFtnQBNNRbp2yQamlWfEr-eHenWjHewJCx4G-PihT92XlEF_paydVXAdBzWC2F2fIVUXqIUbOuunHU6Xv
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=OTg3NTgyMzg1MjI5NDEyNDE5NzYw&google_push=AYg5qPIVbEtvpH4mUO7RFtnQBNNRbp2yQamlWfEr-eHenWjHewJCx4G-PihT92XlEF_paydVXAdBzWC2F2fIVUXqIUbOuunHU6Xv
date
Thu, 31 Mar 2022 06:29:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 2BF5
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENv4AT2_qlQP3XwNTZ-gUKI&google_cver=1&google_push=AYg5qPLKTD_15OYRXrGJ_EUcr5_gzGaJf_QDzZWNvP-Ovy6ymzqyHe3uN9FbwpKGoqWWVqYDVt...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1oS0E3ZXVoRTJ1Ri44eEpKNWtHOFk5THAzdG9tR3J5Vn5B&google_push=AYg5qPLKTD_15OYRXrGJ_EUcr5_gzGaJf_QDzZWNvP-Ovy6ymzqyHe3uN...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1oS0E3ZXVoRTJ1Ri44eEpKNWtHOFk5THAzdG9tR3J5Vn5B&google_push=AYg5qPLKTD_15OYRXrGJ_EUcr5_gzGaJf_QDzZWNvP-Ovy6ymzqyHe3uN9FbwpKGoqWWVqYDVt7MkeQoFPR1YPCtxaX088WTH83zP-k
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1oS0E3ZXVoRTJ1Ri44eEpKNWtHOFk5THAzdG9tR3J5Vn5B&google_push=AYg5qPLKTD_15OYRXrGJ_EUcr5_gzGaJf_QDzZWNvP-Ovy6ymzqyHe3uN9FbwpKGoqWWVqYDVt7MkeQoFPR1YPCtxaX088WTH83zP-k
date
Thu, 31 Mar 2022 06:29:25 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 2BF5
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LsTJYwT5PBF2G3146wUww5OlmmFMwL8SySmDQX-G4iSPBTiQM5SU3hZCqOuHSHRFOYmWXmDw
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:25 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/ Frame 3BA2
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220329/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:12:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1028
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 14 Apr 2022 06:12:17 GMT
usync.js
eus.rubiconproject.com/ Frame 5BF2
32 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1119f39b46f15ecba4131ef36fa1019b2501d56883ad704f0bfc9034b57987dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 06:29:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=68134
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Fri, 01 Apr 2022 01:24:59 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame DDF7
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 31 Mar 2022 06:29:26 GMT
expires
Thu, 31 Mar 2022 06:29:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 31 Mar 2022 06:29:25 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
pagead2.googlesyndication.com/bg/ Frame A804
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:31:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
39504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13748
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 19:31:01 GMT
gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
pagead2.googlesyndication.com/bg/ Frame E47E
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:31:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
39504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13748
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 19:31:01 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 5C9F
2 KB
3 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9dd321b25a6ac6e4a57b8772334701adb2dcf8a0d0f93c270b54ef421e6c18be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1536
Content-Type
text/html
Date
Thu, 31 Mar 2022 06:29:26 GMT
Dropped-Udsids
241|230|39|46|47|81|111|188
Expires
Thu, 31 Mar 2022 06:29:26 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
activeview
pagead2.googlesyndication.com/pcs/ Frame 0F5A
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurq7Oyxly_DOOc1-A9CfqztkRLQW58Kkd2PGJaMB0G8CO2Jr9y8xkcJVg0xisNFiz1NUWe3lIW2-IZsfkfSRbp6QVtmVht6Hdn_gBork0jNpspDqNqrA&sai=AMfl-YQMmwCCg22YQb2G7mDlGYyNbsO1-04ceB-2sd0eNy_e6JmKnGcXff658FOlyDRuKGwYzu8c0RssdwYDX24KumYmbBwQgCKXRumHDeJDay_7Wnp5buTrEMtQKY38vk4&sig=Cg0ArKJSzOfCnZOOv9TEEAE&id=ampim&o=456,389&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1066&mtos=0,0,1066,1066,1066&tos=0,0,1066,0,0&tfs=490&tls=1556&g=100&h=100&tt=1556&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=0
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 771A
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:26 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5ed1be6a-aad9-48cc-8036-4caa5b9f3848
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 3BA2
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10aaabc82b4fc7e53f9a4b8c6a467d6b8bcf2e27cda8f9ea13235a4974740fd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
pagead2.googlesyndication.com/bg/ Frame 6DF6
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gjBotrajnK0yz4ntvsDRFlMTAuB3twHveDeuldaHPWQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 19:31:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
39504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13748
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Mar 2023 19:31:01 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame EBFA
156 B
516 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22181265%2C22367406785%2Femc_OS&description_url=http%3A%2F%2Fearnme.club&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2680701567829041&sdkv=h.3.508.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=4078299256&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.508.0&sid=2D01D72F-1E24-4310-B783-96D442F2F033&nel=0&eid=44754419%2C44758348%2C44760640&url=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&dt=1648708166004&cookie=ID%3D720a837b1e82844a%3AT%3D1648708163%3AS%3DALNI_MZSRL-TjHgj9Gp5ExtG1AnhEadrSA&scor=3886959007500746&ged=ve4_td2_tt0_pd2_la2000_er930.1120.1086.1420_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.508.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1418
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmMmrREpFYoX4Ac6zgAfOl6vgDQAAAAA4AeAEAg&bg=!jI-lj8vNAAZku-1yRLs7ACkAdvg8WixBVOHwlnWzV_1EbcvXAOD7gLO47yxk9KRWffxxiMn63uJEqQIAAAH-UgAAAAdoAQeZA2XBVbxquu46iR_aBnGp_r88eZPMm4WZmMeegERcHCxeOrvbeh3v2obp1q0KR97B8lIljW_6q124ryyFoXy26jMBxxmIQv-2nVo-wAE4sF9TozTOzI4KD_BEhhbRAv5df6dnjBYZpPjrUU8f342lN4E_xnTLfG5o4BkJNDJTJXoSu1zFTUNqLSvXhvgOOmuvpThwYsPDiYWj9dI5EzBnIonFddO4nvLqxd8y8q57q6uN-1X2AsLU39CSJ8XGMnp4xcjy0tKDaswjmTVTjnXCm-GOlHFsgeBL-0HdM-el_GmorpB3oTujyU9AuIJybBrWhE6yMHWac-aqLU6W8y7TrcT-a-gmCx1BkGh3PnSO5hH0HwtSC_8vsV-aHrL4fq3HTX8-hKB5wFKtW2iQ5g7tUqncEJDo1e9E2rWnUqj3EpYHC224M7Rzgr8EyF9Z4SQXXFDuY8n4PPWHjYFbr2cdCHTCDxHfg4Q4REE-M5o1E1WHhvqH_N6e3GcPK5yiLl52s35BoxIRC93C_ila4hwdCbtg5jGp5j_ef7iCjzU9rh9wfIecGDlg_ddiuPQRon4na2DCaPsSDugaQ19TmwfbZ6IDYopebLpEFFI9su8T5t5gg0wqyuwh_ly0GmYkq91EMhpgMjPZbkYcglbb6TqoEaZp6OBbIVWQfGQaWDjkw-IG2_WnlxjX6zYzZ6EfnsISblyE54yI-mpgPu5inm_RR-yY45fq8frFXs59bcbt777oygRsNPGSo5X-Fzrk3I2NhzsOt2GvF7ZhVFLg5Vm8NMLzpA3IMob_pCq7BGCQJfXIZXpWmyElwQiQnAUMk0CNZJWapkbcukzneVke1YPOh48hmzoKLFXpDH6ry_kgTvU2IfV_TbxkaPXBHzd4dDzLGfFt47uH4RR_Em7BLrmvMN9GZIQL08uDs2i6Ns-wpZ0pU8sQDbuQLelXU5GHQNSDvlu6gDWUyljOG8_cbbiCWEl_NE7JjW6EHhdvahxT3gNbZXzK4YcF8bo4SOnl9MjdSUkqKVhoRAgU58LqDCPtIIip0QwwywV2nF2DWdzELdr-dEtbbCED7U6cHZ6p876rfFSF7RZn5pfn2W0WnqL8GWW9Mwm49p6lPogErVCxkO37qkAFecP3c5sbOexpI3j4lBUjS10O-Q
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 67CC
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BptQ_REpFYoL4Ac6zgAfOl6vgDQAAAAA4AeAEAg&bg=!rq2lrenNAAZku-1yRLs7ACkAdvg8WjZhGUTVoch5IVncAgrZB-mWCBCQGSKu9qk8rH8JsyVTS3A0cQIAAAH6UgAAAAloAQcKAGMnHbF49hfFFXBIMT7J3pfbfme1t84HLMrXIgDb6KBKGfMZN8EmKX2CUKlhzsOcLPqtcdWBDq5_plzl8J7zN6LVLDqL6h7u2rwleUuiEa_pAOkgCUWLVIHXAWVCB8KRpV6-5WaZAzLmH_7YgLeX16olNSi-jzsBRvqJ51xtsHqGcsLL0fm1O-1MewBxOw1h3Zkfp_T7FM2PCG40ykk-bMjCwSXH2_qF6izJzFENy-CUg52kcCm3iYDP2YLL25_gxiqnS3m5MZIU38FXN0FKbn73o_jYStAreCXmuoVYIcr48l3J7JbRLbWVTPOWhZGiFjKU2idV3AF60isoqU_OJ2W2U60rvkqraSRytcM5HKCkzPFYgFDDF31NVVBP49MqxLnsRa_doR78daSpHVkUN8xYTOqCShrHv_6oHWpnu2quN9Zi0R_2qOD-TXZkmQmRzZWpU48xge1ydLoJAwSxsrm21M0LroFDmAWZr851qXkaqdMm3_gWWL_Ww15JD_eIveG-YZdbB4aI-NvrDtupFgT_c4Xo7ljSZPlP8J0dPkGnzCJIVNxEnUDeoTTvL92tRcrAZ76VLlECZsX_hWWQfZKL1P87DnMs0TDQxf0EWyDAIKhQQVu6MIlv12A8xPNhIXhMJ4jpxbjW2rvyYnCNFEksl3tPG0k-4anHa3mQ8bdUk3rR9s-Uu4kgNjtjO24c8NpmjEPaWQODlOLgp0f4VR_WyZJW8KOwW36B5IVFBDTzOgJk-zpPZhjc4bMvpSI6cMwZ1JlDhKKD54saKsdgh9XC324wrm5wx-U4VlNGTxe92Zkwc30PapVhtDvtEegrgzFyq1cAlerBo8h8xLhyyuYAKQ4ZDUnEvlHmN8w6Lr3mucYivhheLWp_PCsAnp6bdAG9jFPyK7YId_5lLX6IOYclhTZivJvKwvIuMvjEaKTVDDgcFN6Ic5geYTcxaXrhVQE4gx-GfmOWQhJqjrMtmgK9MRLgFYG__vxoVboBkDaDJHbGUvzV68EVpnr1y73eWbnKZLpR2KtjMC3f6RBpPHiypyTmfrBG5-VkM7b9ubvjoMDRGeCWPDXp918xnsS46tDfYm3vtjoDzWDsEdSxGcY-OR4SqGXE34oBgmbDowCeTg25p_QwUTUs3mmS8CQ4rLRNe9tceLxZze6i7431-gfktKKaQOPa9351rfkXs_q8vkjiuvwG9WKRL9AzajjwiURj1rnKHUgBRw
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2.png
assets.a-mo.net/vc/bgi/ Frame 8D42
7 KB
7 KB
Image
General
Full URL
https://assets.a-mo.net/vc/bgi/2.png
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da0fc35d006856428a7148ae611b2a97ed67b92644ef63d89761b6c6d0339d89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:26 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
772411
x-cache
RefreshHit from cloudfront
content-length
7301
last-modified
Wed, 22 Sep 2021 18:35:29 GMT
server
cloudflare
etag
"648527fd8b800231454f7c3db2e65c51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
cf-ray
6f4707d5d92d9bb8-FRA
x-amz-cf-id
gqYebSwTEM1SyJIGpRJkPmiV2qe7UKmoRNU4kocDut698Rtrh_KysQ==
expires
Fri, 31 Mar 2023 06:29:26 GMT
himp
1x1.a-mo.net/hbx/ Frame 8D42
0
88 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/himp?_e=Cq8C8gUBMLICEHN0ZWFtcG93ZXJlZC5jb20xXTDoH6Vblj_yAQ85NzY5MTM0NjY1NDgwOTmqBANEQ0j6AQY2LjE2LjCIA8SUlZIG6AEBWghwYmExLjMuMagBAYoBCGU3NjRmN2Y3agtlYXJubWUuY2x1YuADsHjgBQHIAQBCBmVtY19PU9IFCTEwNTE5OTM4NlINYWFzLTk0M2M5M2ViLdgFAXgBmgMkMDAwMDAwMDAtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAw6gUHZGVza3RvcKABAcAB-vcKOgVtb25ldEoLZWFybm1lLmNsdWKpAgAAAAAAAAAAogMMWVdSaGNHVjRMbWx2IglscnJydXpxY3CoAz2YAtoB6AIB6gMPMzg2OTU3NjdhYzUzNGNl&M=4&v=pba0.0-aa2.13.0-3779a5d-1
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.50.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-50-170.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:26 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
himp
1x1.a-mo.net/hbx/ Frame 8D42
0
88 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/himp?_e=CoED8gUBMLICEHN0ZWFtcG93ZXJlZC5jb23CAgUxMzE3MzFL5IIz-PulP_IBDzk3NjkxMzQ2NjU0ODA5OaoEA0RDSPoBBjYuMTYuMMoDBTEzMTczwgUBMogDxJSVkgbKBQUxNDI3M-gBAVoIcGJhMS4zLjGoAQGKAQhlNzY0ZjdmN2oLZWFybm1lLmNsdWLgA7B44AUByAEAQgZlbWNfT1PSBQkxMDUxOTkzODZSDWFhcy05NDNjOTNlYi3YBQF4AZoDJDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMOoFB2Rlc2t0b3CgAQHAAfv3CjoIYXBwbmV4dXO6AgkzNDcyNDA5NzdKC2Vhcm5tZS5jbHViqQIAAAAAAAAAANoCCDIxMDA4MzA1kgECMTCiAwxZV1JoY0dWNExtbHaRAl0w6B-lW5Y_IgpfbHJycnV6cWNwqAM9mAKtA-gCAeoDDzM4Njk1NzY3YWM1MzRjZdAB____________AQ&M=4&v=pba0.0-aa2.13.0-3779a5d-1
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.50.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-50-170.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:26 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
nop
ib.adnxs-simple.com/ Frame 8D42
0
595 B
Image
General
Full URL
https://ib.adnxs-simple.com/nop
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:26 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs-simple.com
AN-X-Request-Uuid
bee41816-2fdf-4966-8452-c6aa15df29d5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
it
nym1-ib.adnxs-simple.com/ Frame 8D42
0
667 B
Image
General
Full URL
https://nym1-ib.adnxs-simple.com/it?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&e=wqT_3QKyDGwyBgAAAwDWAAUBCMSUlZIGEOi11ImKnuiGGBj_EQHwvAEqNgmTEDLEk22uPxFL5IIz-PulPxkAAABguB4eQCEk9r8S_vulPymSdM3km22uPzEAAACgR-HqPzCxn4IKOIJgQPVmSAJQkfTJpQFYsZOQAWAAaKKOqQF4vKgFgAEBigEDVVNEkgEDVVNEmAEBoAEBqAEBsAEAuAEDwAEFyAEC0AEA2AEA4AEA8AEAigKVAXVmKCdhJywgNTU2MzIxNiwgMTY0ODcwODE2NCk7dWYoJ2knLCA2ODM2MTUxLEIdADBnJywgMTcwNjYxNDksQh4ALGMnLCA1MTkwNDkwMEYeADByJywgMzQ3MjQwOTc3Nh8A8JCSAqUFIWFJQlk3UWlFZy1BWUVKSDB5YVVCR0FBZ3NaT1FBVEFCT0FCQUFFajFabEN4bjRJS1dBQmdfX19fX3c5b0FIQUJlQUdBQVFHSUFRR1FBUUdZQVFHZ0FRS29BUUt3QVFDNUFaQVpOUU5qYmE0X3dRR1FHVFVEWTIydVA4a0JBQUFBQUFBQThEX1pBUUFBBQ90UEFfNEFHM242RUQ5UUVBQUlCQW1BSUFvQUlBdFFJBSMAdg0I2HdBSUJ5QUlCMEFJQjJBSUI0QUlBNkFJQS1BSUFnQU1CbUFNQm9nTVhDS21TbWg4UUFoZ0JMUUEBRPBYeUIyUmxabUYxYkhTaUF3NEkycW0wSUJBRUdBRXRyV2pTUEtJREV3aV9wdVVmRUFvWUFTMjhQWkFfTWdOMWJtdTZBd2xPV1UweU9qUTBORGZnQV93dDZRTUEBXfBAQUFEZ1BfQUQzeE9BQlBiUzVBZUlCTFBUNUFlUUJBQ1lCQVN5QkFvSTRfNlNEUkRGazQwTnVnUWFDSVFHRVdabVoBAgx0WV9HCawFAShJT1Ata2czQkJHWgEeAG0BIAR5UR0hGE5nRUFfRUUFLQUBIENJQmQ4aXFRVQUOHEFBRHdQN0VGDQ0BEARCQh0_AHkFKBxDZ2RNWG5QOTIoAABaFSglnKhXM0x2QUZwZEdSQ1BnRjBNYlRBb0lHQTFWVFJJZ0dBSkFHQVpnR0FLRUdBAWc4QUFBRUVDb0JnU3lCaVFKARANAQBSDQgBAQBaAQUNAQBoDQhMQUFBQzRCZ28umgKZASF4eFgzY2c6qQIsTEdUa0FFZ0FDZ0FNEc0UQkJBT2dsPZ0QZEFfQzEVeQg4RDkdeQBCFXkMNEQ5aC1bEG0xajlwAX8JAQRCeAkIAQEUQjRBSWtCAQoBAfDeOEQ4LtgCAOAC2NVb6gIpaHR0cHM6Ly9lYXJubWUuY2x1Yi96ZXJvLThpLWZyb20taW5maW5peC-AAwGIAwCQAwCYAxSgAwGqAwDAA-CoAcgDANgDtsDEAeADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIECzg0LjE5LjE3NS4wqAQAsgQQCAEQBBgAIAAoASgCMAA4BLgEAMAEAMgEANIEDzEzMTczI05ZTTI6NDQ0N9oEAggB4AQA8ASR9MmlAfoEEgkAAABAM3NJQBEAAAAAAAAmQIgFAZgFAKAF_7VOYKoFEFpGRERHWUxBMlNBVU5GQkfABQDJBQAFARTwP9IFCQkFC3gAAADYBQHgBQHwBcFv-gUECAAQAJAGAZgGALgGAcEGASA0AADwP9AGqdUC2gYWChAJEhkBXBAAGADgBgTyBgIIAIAHAYgHAKAHQLoHDwFJSBgAIAAwADi6BkAAyAe8qAXSBw0VdgE4CNoHBgknPOAHAOoHAggA8AcAiggCEAA.&s=b06a44afe0c098037a6cfbab268417c108e5ea67
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.154 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
574.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:26 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 574.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs-simple.com
AN-X-Request-Uuid
708e7413-b401-4905-9f89-91741fecefc9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adServer.bs
bs.serving-sys.com/Serving/ Frame 8D42
0
217 B
Image
General
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=display&c=25&pli=1077631962&gdpr=1&gdpr_consent=&adid=1086293331&ord=90559501
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.167.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-167-236.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:26 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
text/html; charset=UTF-8
content-length
0
expires
Sun, 05-Jun-2005 22:00:00 GMT
vimp
1x1.a-mo.net/hbx/ Frame 8D42
0
88 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/vimp?aid=ZWFybm1lLmNsdWI&b=earnme.club&M=4&v=pba0.0-aa2.13.0-3779a5d-1&cv=v.js&lng=en-US&_e=CoED8gUBMLICEHN0ZWFtcG93ZXJlZC5jb23CAgUxMzE3MzFL5IIz-PulP_IBDzk3NjkxMzQ2NjU0ODA5OaoEA0RDSPoBBjYuMTYuMMoDBTEzMTczwgUBMogDxJSVkgbKBQUxNDI3M-gBAVoIcGJhMS4zLjGoAQGKAQhlNzY0ZjdmN2oLZWFybm1lLmNsdWLgA7B44AUByAEAQgZlbWNfT1PSBQkxMDUxOTkzODZSDWFhcy05NDNjOTNlYi3YBQF4AZoDJDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMOoFB2Rlc2t0b3CgAQHAAfv3CjoIYXBwbmV4dXO6AgkzNDcyNDA5NzdKC2Vhcm5tZS5jbHViqQIAAAAAAAAAANoCCDIxMDA4MzA1kgECMTCiAwxZV1JoY0dWNExtbHaRAl0w6B-lW5Y_IgpfbHJycnV6cWNwqAM9mAKtA-gCAeoDDzM4Njk1NzY3YWM1MzRjZdAB____________AQ&r=1&w=-17.77777777777778&h=-10&bid=976913466548099&cr=347240977&c2=acdn.adnxs-simple.com&c1=InLine&us=va4.0&i=0&cn=15&eid=qw0ua0u7qy1ew32h7f&ts=1648708166079&M=4&v=pba0.0-aa2.13.0-3779a5d-1
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.50.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-50-170.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:26 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
v2
nym1-ib.adnxs-simple.com/vast_track/ Frame 8D42
0
667 B
Image
General
Full URL
https://nym1-ib.adnxs-simple.com/vast_track/v2?info=ZwAAAAMArgAFAQlFSkViAAAAABHoGjWh8KANGBlESkViAAAAACCR9MmlASgAMPVmOIJgQL6Pc0iUtsoCULGfggpYwW9iAkRFaAFwAXgAgAECiAEBkAEAmAEAoAEAqAGR9MmlAbABAQ..&s=044890e54c3a75935e30876026b34c5b16d3f69d&event_type=2
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.154 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
574.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:26 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 574.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs-simple.com
AN-X-Request-Uuid
ff9fbd13-61e8-4e95-8f45-b7343423dc95
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adServer.bs
bs.serving-sys.com/Serving/ Frame 8D42
0
216 B
Image
General
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=isi&iv=2&interactionsStr=1086293331%7E%7E%7E0%7E%7E%7E%5EebVideoStarted%7E0%7E0%7E01010&gdpr=1&gdpr_consent=
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.167.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-167-236.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:26 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
text/html; charset=UTF-8
content-length
0
expires
Sun, 05-Jun-2005 22:00:00 GMT
vstart
1x1.a-mo.net/hbx/ Frame 8D42
0
88 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/vstart?aid=ZWFybm1lLmNsdWI&b=earnme.club&M=4&v=pba0.0-aa2.13.0-3779a5d-1&cv=v.js&lng=en-US&_e=CoED8gUBMLICEHN0ZWFtcG93ZXJlZC5jb23CAgUxMzE3MzFL5IIz-PulP_IBDzk3NjkxMzQ2NjU0ODA5OaoEA0RDSPoBBjYuMTYuMMoDBTEzMTczwgUBMogDxJSVkgbKBQUxNDI3M-gBAVoIcGJhMS4zLjGoAQGKAQhlNzY0ZjdmN2oLZWFybm1lLmNsdWLgA7B44AUByAEAQgZlbWNfT1PSBQkxMDUxOTkzODZSDWFhcy05NDNjOTNlYi3YBQF4AZoDJDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMOoFB2Rlc2t0b3CgAQHAAfv3CjoIYXBwbmV4dXO6AgkzNDcyNDA5NzdKC2Vhcm5tZS5jbHViqQIAAAAAAAAAANoCCDIxMDA4MzA1kgECMTCiAwxZV1JoY0dWNExtbHaRAl0w6B-lW5Y_IgpfbHJycnV6cWNwqAM9mAKtA-gCAeoDDzM4Njk1NzY3YWM1MzRjZdAB____________AQ&r=1&w=-17.77777777777778&h=-10&bid=976913466548099&cr=347240977&c2=acdn.adnxs-simple.com&c1=InLine&us=va4.0&i=0&cn=15&eid=2efbdx7u0qx1rkbt69&ts=1648708166079&
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.50.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-50-170.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:26 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine
e98a894f-7900-4323-9597-f3f483b8ace6_768_432_500k.mp4
crcdn09.adnxs-simple.com/creative/p/13173/2022/3/14/32462430/ Frame 8D42
1 MB
1 MB
Media
General
Full URL
https://crcdn09.adnxs-simple.com/creative/p/13173/2022/3/14/32462430/e98a894f-7900-4323-9597-f3f483b8ace6_768_432_500k.mp4
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
b3d376ff58af2e019802aec5b372a1f2be762015129477395039976e13fa2e32

Request headers

Referer
https://earnme.club/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=0-

Response headers

Date
Thu, 31 Mar 2022 06:29:26 GMT
Via
1.1 varnish, 1.1 varnish
Age
752219
X-Cache
HIT, HIT
Content-Range
bytes 0-1397838/1397839
Connection
keep-alive
x-amz-request-id
176a6414-da1d-433d-a204-03fa1dc8f013
X-Served-By
cache-lga13621-LGA, cache-hhn4030-HHN
Accept-Ranges
bytes
Last-Modified
Mon, 14 Mar 2022 17:52:59 GMT
Server
nginx/1.21.3
Cache-Control
max-age=3888000
X-Timer
S1648708166.149296,VS0,VE0
ETag
"7d9033d905ae7b333fcb189a245c561e"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Expires
Thu, 28 Apr 2022 18:49:29 GMT
X-Clv-Request-Id
176a6414-da1d-433d-a204-03fa1dc8f013
Content-Length
1397839
X-Clv-S3-Version
2.5
X-Cache-Hits
1, 0
dcm
s.amazon-adsystem.com/ Frame 5C9F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkVKRQwlvWE-CejJfgNxpwAABHAAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkVKRQwlvWE-CejJfgNxpwAABHAAAAIB&dcc=t
43 B
645 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkVKRQwlvWE-CejJfgNxpwAABHAAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RP4G8GNYYYVGYXTKNGVH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MXHFT9D1VGNSB5H66EJ3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YkVKRQwlvWE-CejJfgNxpwAABHAAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5C9F
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YkVKRQwlvWE-CejJfgNxpwAABHAAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 5C9F
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
getuid
secure.adnxs.com/ Frame 5C9F
0
0
Image
General
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

crum
dsum-sec.casalemedia.com/ Frame 5C9F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=RJfps3Tn1NzOjb5&gdpr=1
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=RJfps3Tn1NzOjb5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 31 Mar 2022 06:29:26 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:25 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-078691873e5d8cf91@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=RJfps3Tn1NzOjb5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5C9F
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=5aa4Auf1uAH-p7oC462hA-bwuQT-re5S5vJwYloI
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=5aa4Auf1uAH-p7oC462hA-bwuQT-re5S5vJwYloI
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 31 Mar 2022 06:29:26 GMT

Redirect headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=5aa4Auf1uAH-p7oC462hA-bwuQT-re5S5vJwYloI
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 5C9F
0
331 B
Image
General
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:26 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
CookieIndex
rtb.adentifi.com/ Frame 5C9F
0
47 B
Image
General
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.175.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-175-192.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:26 GMT
content-length
0
content-type
text/plain
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 5C9F
43 B
425 B
Image
General
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YkVKRQwlvWE.CejJfgNxpwAA%261136
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fearnme.club%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Thu, 31 Mar 2022 06:29:26 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1342
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 31 Mar 2022 06:51:48 GMT
ecm3
s.amazon-adsystem.com/ Frame 5BF2
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=cEX4JGs6SWWEDechuBrXjA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=cEX4JGs6SWWEDechuBrXjA
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=cEX4JGs6SWWEDechuBrXjA
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BVVN1ZV801X67JW6PNXC
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=cEX4JGs6SWWEDechuBrXjA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 5BF2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1EM9TB1-8-59G9
0
708 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1EM9TB1-8-59G9
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:26 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: BA05C92037D741A780485473E82FE9E2 Ref B: FRAEDGE1518 Ref C: 2022-03-31T06:29:26Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXbfciXONnwGOnMnmfv8w==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L1EM9TB1-8-59G9
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 5BF2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1EM9TB1-8-59G9&sigv=1&esig=2~501d022883222f4efba16e84249268ee1e71e371
0
194 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1EM9TB1-8-59G9&sigv=1&esig=2~501d022883222f4efba16e84249268ee1e71e371
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:26 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L1EM9TB1-8-59G9&sigv=1&esig=2~501d022883222f4efba16e84249268ee1e71e371
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5BF2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTA0ZTVkODhkZDA2MDZhMGY5N2E1ZGE4ZTc3NjYzNjFkZmZlYTUyMA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTA0ZTVkODhkZDA2MDZhMGY5N2E1ZGE4ZTc3NjYzNjFkZmZlYTUyMA
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTA0ZTVkODhkZDA2MDZhMGY5N2E1ZGE4ZTc3NjYzNjFkZmZlYTUyMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 5BF2
0
0
Image
General
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

tap.php
pixel.rubiconproject.com/ Frame 5BF2
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Sv0KSiAzMizFbHzJJSinxQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5726900045340237696
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5726900045340237696
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

date
Thu, 31 Mar 2022 06:29:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5726900045340237696
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
rubicon
match.adsrvr.org/track/cmf/ Frame 5BF2
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 5BF2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHUveGStaoWe1j5w5tH4N9o&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHUveGStaoWe1j5w5tH4N9o&google_cver=1
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHUveGStaoWe1j5w5tH4N9o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 22F6
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss82SqIxsaP4YreYTQyb_R8ICX8dZMmuusmyZyAP_M98mxiVbhCV3k5Kvvg0dAa8q1I6u6OVVlF6RTqWbMyiw03d997tdBpYn8gTdmGDqqrniPscNbOnA&sai=AMfl-YQkNPaF1u-qPw93y8Y8cQ44x96JWIV7v9QFVTh-87YCu1N0SbhVCbKR0GsFk3lJANcxMqbjbI8qwxMgfWX_wiRvfXNv2ZfmbWHNzw2W3HhH8CSCUQCetdDhw5p4HVY&sig=Cg0ArKJSzEv6QI3iFuR6EAE&cid=CAAST-Rod1u7yb6DNw9_nlFxXkSSOWvwdEVVkfwDWHVAXotuFkkuql-fnixlXif6tkPCjnCWHkERdkimaBy94U3AG14Savi3COACye-oi3YJzgo&id=ampim&o=464,217&d=672,280&ss=1600,1200&bs=1600,1200&mcvt=1066&mtos=0,0,1066,1066,1066&tos=0,0,1066,0,0&tfs=581&tls=1647&g=100&h=100&tt=1647&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=174271564
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1_0.png
fav-cdn.a-mo.net/vf/0.1/aHR0cHMlM0ElMkYlMkZjcmNkbjA5LmFkbnhzLXNpbXBsZS5jb20lMkZjcmVhdGl2ZSUyRnAlMkYxMzE3MyUyRjIwMjIlMkYzJTJGMTQlMkYzMjQ2MjQzMCUyRmU5OGE4OTRmLTc5MDAtNDMyMy05NTk3LWYzZjQ4M2I4YWNlNl83N... Frame 8D42
Redirect Chain
  • https://fav.a-mo.net/f/aHR0cHMlM0ElMkYlMkZjcmNkbjA5LmFkbnhzLXNpbXBsZS5jb20lMkZjcmVhdGl2ZSUyRnAlMkYxMzE3MyUyRjIwMjIlMkYzJTJGMTQlMkYzMjQ2MjQzMCUyRmU5OGE4OTRmLTc5MDAtNDMyMy05NTk3LWYzZjQ4M2I4YWNlNl83Nj...
  • https://fav-cdn.a-mo.net/vf/0.1/aHR0cHMlM0ElMkYlMkZjcmNkbjA5LmFkbnhzLXNpbXBsZS5jb20lMkZjcmVhdGl2ZSUyRnAlMkYxMzE3MyUyRjIwMjIlMkYzJTJGMTQlMkYzMjQ2MjQzMCUyRmU5OGE4OTRmLTc5MDAtNDMyMy05NTk3LWYzZjQ4M2I4Y...
283 KB
284 KB
Image
General
Full URL
https://fav-cdn.a-mo.net/vf/0.1/aHR0cHMlM0ElMkYlMkZjcmNkbjA5LmFkbnhzLXNpbXBsZS5jb20lMkZjcmVhdGl2ZSUyRnAlMkYxMzE3MyUyRjIwMjIlMkYzJTJGMTQlMkYzMjQ2MjQzMCUyRmU5OGE4OTRmLTc5MDAtNDMyMy05NTk3LWYzZjQ4M2I4YWNlNl83NjhfNDMyXzUwMGsubXA0/1_0.png
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H2
Server
2606:4700::6813:9f13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fa70691323e853719d08d57b1d4003fe54a6c75a1365d8d8658177300754b6c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:26 GMT
cf-cache-status
HIT
age
71940
cf-polished
origSize=304066
cf-ray
6f4707d7bdb29968-FRA
last-modified
Mon, 28 Mar 2022 17:03:57 GMT
content-length
289799
x-amz-id-2
01yiNSY+2kcD+HES0GGRmWPHfr9TIav98Eh414i9zRHDZSmEpteL/yi+y742XhOd1JY2V1UWdF0=
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"26253a939980de5bf30e3acb42379579"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
M884JW1AS2RJWNHW
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
image/png
expires
Fri, 31 Mar 2023 06:29:26 GMT

Redirect headers

date
Thu, 31 Mar 2022 06:29:26 GMT
cf-cache-status
HIT
access-control-allow-origin
*
server
cloudflare
age
469061
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, POST
location
https://fav-cdn.a-mo.net/vf/0.1/aHR0cHMlM0ElMkYlMkZjcmNkbjA5LmFkbnhzLXNpbXBsZS5jb20lMkZjcmVhdGl2ZSUyRnAlMkYxMzE3MyUyRjIwMjIlMkYzJTJGMTQlMkYzMjQ2MjQzMCUyRmU5OGE4OTRmLTc5MDAtNDMyMy05NTk3LWYzZjQ4M2I4YWNlNl83NjhfNDMyXzUwMGsubXA0/1_0.png
cache-control
public,max-age=31536000
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
6f4707d71c819bf5-FRA
access-control-allow-headers
Authorization, origin, accept
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A804
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-TgTREpFYoPHLNGi-gaGv6_wBAAAAAA4AeAEAg&bg=!IiGlIWXNAAZku-1yRLs7ACkAdvg8WlWfpu8QQd94piWmKU4skNslnazvPWGxwemjdvl2ZYvxfYB8WgIAAADxUgAAAAJoAQeZAzP8Zembap0H9Q4BrXE2Xv8-geB-oKICluutDk5FtO5O4ohXmeUqJ-b9z63jyNzANGM3UFtwL52vl71AulJLi4rEPfsT04x5JDZh2CVzluIObkkMLRUHkvJLQoXPIkEf8V4FKh-BNpjjAFdWn1xQVseIN6fywZ7siFJ16-leNE5ELdmZU6Kc6C4Njbsl35G7OqBzH-txhtnpDyXV2G9GkJ6gsqymtHghEHVaTALDmbBmTHPlgaaw2CcNACLcD6zPXF7ZA-xVf1w4Z4-MNiykhYT6eMsAn8EPr_70eYIkSH9D75AhgYNAUsnVCUpt58ZW5s0SCgJJ4ilY3ebVoT_UmaJ97nOxBlUu97dXEz8pqpHIhXk5kGM1w2icBcIKS_aJtOER5wpoIQRe_Jfe9s94RYYaH-0bEqbeNTeBRhRWINoEq1r-5oOKlP7sVGl2taqvT4eJ6v-rW4O-xKLWUhzSjh5SE8ByIcbZn8BfABtnI0fuUIXcGRC-jUpBPydLHGbbkJM_bCv_t1CN8MWm9oZFmY3DNB590G2-4tgNqQczU2IsYY7aFY5QiRDh_3OyDX6qx-YazI6DqmpLjoGN2sWrb4Z4p6TiybpyleBXQMk3m9yKnl7pmg7qOrUla3gfUO5KoizIfJ0Mf9fq7-geyXtj8YDA1gg3khp3kxC1DUiLALkTsxEwUc8SwcftLDqdWPjSCHKus_H1wCIima8o6Ne-e_zEOHqB9Btk1FaW2YPI8aQqTUASMIPGdsLADGw_rr0vAyevTodovjNFCJXckFj4uDVc52y0Qymwg0_TNqGQcB19YAhmLVxG5PM3s_9FxVy3-4fpY037OwFhRxLQ39y327Kf3NdbnyTkPOIzG98SA4RFTC0uq_HDDJUDgrF15_LSn9s9NuVAcP4XlkZC_A_zept8cgudcS2K5j1vlt2US76l6rUCi2H7fwRXRUTNZ_80AqeDogPBAKzODq2gzB3ipBUaN8RyvO0Kj-0xP9QCP2hF4xKgm5VizwCvcuNL45gBBrdDRGVTWOwnE7_hA0OFWHT-zzVAtINIHZZ_bwnFwA58EYRzGchrjyZz-WiagUVjeDoFuqk
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E47E
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCrzAREpFYoTHLNGi-gaGv6_wBAAAAAA4AeAEAg&bg=!SkmlSQ3NAAZku-1yRLs7ACkAdvg8WlCoh78lg0Zk3l0y_RrvXTDrwF8ktiMju-KfzN5ZVqOyVC6MUQIAAADlUgAAAAhoAQcKADJGAyAh2lHuLbOiNrUmQxI3FNRDy-y-FkvX0-v9rGebLJYowuS8C72TLtyc_ZeAQ7yxvpkDKTrH-W_ws9SxXm3VaNROpQAJKCgVIUUkiwMLbkWxvmPSokBSWQfsbdVsAtKLeerCjQOol3J8ixHZriRP0wGr4LWjEvuy51aZA8lIOlZf2p2kuxbEUhX-fbaO_ujOVx__Au76Go2n1FhYF-AVvdfT_vYN1PzpBVeqZ5geRMrHEJFCQK9DwNv6xlS3IZyGh1bgNCLLdQenX0UyJDNb0PtRO8_QUuf2zQzOgF_ZYdcD7ra0t96Xp0r-7iUzh8cyn8JyFBzCyKC3Xw8op3V6wzW9tWgq_Y_gAb0Up6CWFYBgpFbzCLUlTaiMzRYBs4GKxQWEL_youGW0mOywGfzQraw3xaozKFCpk5EUQTQ6qXEtytOXDaZIHxV938koxy5GnazOvUrusQCEYNjNzYBJACrvpMeaNcdH3YKZVw_5Ja_jcciJrW5p9D6SsaHTVv-NAOoQZIFQ-ZrEsF582MOVb7j058OeIbTCZFnX1T0kRTNGSBe723Zy5jJWpiizFKtbg_hLNaHGU5dSyf3rmHG2NhDDfPmtuQxeUhzrrDEZ8MeHGl_sbtegoKX9Dow-suvrw38hD39dHQt7x_nYBs7kj5kxP7kghjLy-L4ArGNoIrZkp0fXTos-QyDMcmc4LaGAIVEGlEkrWdxc9LQbur1gIeLrfPxRZiqzBi8gLlc0fvETSauDeIzS1k6KdmBrSFmqR8RlXbKggWd5IDaIsEGPnHKymjCyscOSc0J0T7rd4URs1RGH22P1g5RlMOTrq01q58aa7xL9K0KJ_HIiH238nXl93KPk8a0Cmx75zNrmwzo6kEiSNxZw-pWi_UxWLCR2FGPxgv-WhwEXnOj8I8Iu2wESmUP-CkUDogOdoJ5iniYpNY8D5aDo4frGuawZNRdPatIpwo3vr_no3egIMSlwBe6hgJpj83PYzUqZ1ovCK_0Fhi0SWKT9E4o8w_9wcb4rQvrGrWz_ZStlyWaUuH4uK26pjZjSqTgpkOG60xucGVW_rR_4AbrCpntMjt01mP4OXsBZBpUDbYSFvA743A3IB7631gkgGj-vyPzOlPE6_75wLq8-4PYzMyn9pCx2
Requested by
Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0C9C
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVGFPpLqdjH2J3MwFEsqDUyqS1llMXUbWnhoG5qQSnryjIk7HuwPT5FAT5NcOyPCqqY2n8IOqXTzlI3j_f7p9c0uuPWmfIal3e-IU6EEm6f0hTrv_uJQ&sai=AMfl-YR7yiVpWmCMU_7aJV0lWglWBUwFPil3ZE5EkvPpNRAjvpetmjaFkBo_8lsPg9y-Fv_0U4AatUffYrHD2_K5WqjfVS9ZjO3AcL_067i8nKgObczJlAltyXG5r48&sig=Cg0ArKJSzNFidnBhXxZ5EAE&cid=CAASJORootWpCifnCwCnnYU3oq8laOAvdRqWA-PE1jRX8yYmqMEyOg&id=lidar2&mcvt=1000&p=216,436,306,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2299369434&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648708165232&rpt=279&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 75BF
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5e2UyaMAEkIVtWWbE8EOIXJQetIRUXMdtR2LL1WUW8Gox0cou4tzlaTYU6gmCPbKMA0-ztiax_5fRjeJk_h0lQBOF5Hp-D9vnuEHUQz4QUpl_IumXDw&sai=AMfl-YQ1NjmLansc7aGVXVnlXrOZQ3AzM_vY-fu2oWLXXUtByXRmXgrJl6GwEbyOyFl7e5UZmR1Lpqf5P0as5ev90TN9oG-5gDJ6dSf9KsqUI-bnUZZZ0Tc1rmqLFzs&sig=Cg0ArKJSzFRZHmQHxtNVEAE&cid=CAASJORoXl59eMQD4y2bDUYINLkdanwfZ09Nk6zME0vaNVldAq965A&id=lidar2&mcvt=1002&p=635,989,885,1289&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220330&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1406026357&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648708165237&rpt=260&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022032106&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e4aebefe0331b731aacbaa4f0578757bbb75575f5406bd3c6a83729eef3d134
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 31 Mar 2022 06:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10533
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022032106.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 31 Mar 2022 06:29:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 72EF
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
105
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 06:27:41 GMT
expires
Fri, 31 Mar 2023 06:27:41 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DF50
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ee48df789588d8c0a7731208a107f84251d6ee5e74e37257d86909c920ff54b3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9uGb+cJdDGm61J2aeRpAAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-9uGb+cJdDGm61J2aeRpAAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 31 Mar 2022 06:29:26 GMT
expires
Thu, 31 Mar 2022 06:29:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
FyXTnIqgf3MR1shnyKQtc5k9nN1KItMFAbgv4xYT2II.js
pagead2.googlesyndication.com/bg/ Frame 72EF
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/FyXTnIqgf3MR1shnyKQtc5k9nN1KItMFAbgv4xYT2II.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1725d39c8aa07f7311d6c867c8a42d73993d9cdd4a22d30501b82fe31613d882
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 05:25:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
3819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13680
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 31 Mar 2023 05:25:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DF50
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022032106&jk=81520691052323&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 72EF
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?StjPrw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
async_usersync
ib.adnxs.com/ Frame 771A
0
743 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:26 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d54125e0-80cf-4b7c-b22d-0ed582aa3d2b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
22 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022032106&jk=81520691052323&bg=!gYKlgsbNAAZku-1yRLs7ACkAdvg8WjEIQt8NE_aBoL1nKpMcsN3phTWA_agYHp5lNOKjQmIkYnfwswIAAABaUgAAAAJoAQcKAEKFoeR_rik8g2UVe1GBQUMvLTuX6cd_ObIzxTJU-tt96l_pKlVPtYGore7Q5dekZ62V-vFXhhOoUC-2lMtwKzTdvtKZAtt1Lzux2rT7na0n-u_gWx0OmyUgqmjo6ulNCFz1qS6m5lJCYa1wgB23kLBqQVKJdfS9iaPwwYmyvFb9nkx83DV4Ua08-D-MeIjSr90VttuIFCq2F-9o4L_QeBWovnYNhDrBNMp2EbYswCXI70adKt9t4Y9wkHyuB0lgPLsOCe7BxvSykdw7Nv49nCgq8BhkpCXzFVJkbQvZq_6G5_NIZ7RducIGIGXD6Y3M_Yg4iVLChWUA83YyRrl7dSZZqkNHDKqmqRULoyCEv-5hlQjVGdHvtl_OjPwcXvYYhqZhFP5JHbM46dd_naWedI79erziwvwwtzBtsDVcWj1AhW8qykcIKb8TNm4nMfmHSOoNDFrme4akl7jODbLbGLuLqzNa9gaw2hi4cg8Fl80zp1hky4_HtxnuwgMVhwYQTEYkv3kEESbrHssXtrQWLOGHkNK5Hka2i14mBdRBOSGSYbFw3EVUCw_cDwR4C39IStb2852z-O5DnoXGoFit9dPdc8mblq0UVOXfRFpzU5-XkuO2aE9JH2StXJCmsqTc--Pt3FXP32aboVZBG8bTXoeWMAJdIcp0daBU2PHQF45B_DbycLPrINhvsRj64VkK-kVSVUUFYpCSHpcFUo2mN1CY1Kouv1N4dgNjKdVIqqEkviB8wQnHuNuxlxVRjRhkcY5J8XQcJAbEDpSs1ECRDCp25PO2Maouy0V3D08OEB2zmNMD8X3A_b6IZ9nl0R9EN1RIl4JzWn2Z4n2L71ZERNW5DBgOc2n9ZqhYL3AFlLJvPmM0_sq212XBPKbyBqxwWXPW-ui-Tc0cl7Adi0AYoJg8vRBnHb0TTVR6dlHWIER5fy2jeO8kBUy6VfMjKz1nF0PRB4Mszj1tgp1ipmVGVJN_xistCuU5t_r99QDVCq8jh_5tovLGDeavagQC9C7VTeaDKUNUyO0de5TctY3dCFgUaSrrUoPpaQllLxjjC1yVHw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-LY1N2M6E7Y&gtm=2oe3n1&_p=1800107939&sr=1600x1200&_z=ccd.AB&ul=en-us&cid=1040166477.1648708164&_s=2&dl=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=Zero%208i%20from%20Infinix%20%E2%80%93%20Tech%20One&sid=1648708163&sct=1&seg=1&en=page_view&_et=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://earnme.club
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/
0
94 B
XHR
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=earnme.club&rs=earnme.club&sid=97638&t=1648708164&cip=84.19.175.183&sn=&tgt=0&osv=10&bv=100.0&brn=Chrome&wi=480&he=270&app=&AV_PUBLISHERID=61236c658d8f39735560c155&test=&aafaid=&proto=https&uid=1648708164491-925064035684-007717-000-003032&cha=0.7&stagid=621f32205a5c530d554e9777&stplid=621f31ad0bf2103e4d763956&d35=&d36=6.2.12&cb=64706813216&d9=1000&d37=realtime&AV_WIDTH=480&AV_HEIGHT=270
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61236c658d8f39735560c155
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.93.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-93-71.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://earnme.club/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 31 Mar 2022 06:29:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
v2
nym1-ib.adnxs-simple.com/vast_track/ Frame 8D42
0
667 B
Image
General
Full URL
https://nym1-ib.adnxs-simple.com/vast_track/v2?info=ZwAAAAMArgAFAQlFSkViAAAAABHoGjWh8KANGBlESkViAAAAACCR9MmlASgAMPVmOIJgQL6Pc0iUtsoCULGfggpYwW9iAkRFaAFwAXgAgAECiAEBkAEAmAEAoAEAqAGR9MmlAbABAQ..&s=044890e54c3a75935e30876026b34c5b16d3f69d&event_type=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.154 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
574.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 31 Mar 2022 06:29:30 GMT
X-Proxy-Origin
84.19.175.183; 84.19.175.183; 574.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs-simple.com
AN-X-Request-Uuid
e83d4d47-7890-40e8-8126-d782b7ff0593
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adServer.bs
bs.serving-sys.com/Serving/ Frame 8D42
0
216 B
Image
General
Full URL
https://bs.serving-sys.com/Serving/adServer.bs?cn=isi&iv=2&interactionsStr=1086293331%7E%7E%7E0%7E%7E%7E%5Eeb25Per_Played%7E0%7E0%7E01010&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.167.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-167-236.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 31 Mar 2022 06:29:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
text/html; charset=UTF-8
content-length
0
expires
Sun, 05-Jun-2005 22:00:00 GMT
vfq
1x1.a-mo.net/hbx/ Frame 8D42
0
88 B
Image
General
Full URL
https://1x1.a-mo.net/hbx/vfq?aid=ZWFybm1lLmNsdWI&b=earnme.club&M=4&v=pba0.0-aa2.13.0-3779a5d-1&cv=v.js&lng=en-US&_e=CoED8gUBMLICEHN0ZWFtcG93ZXJlZC5jb23CAgUxMzE3MzFL5IIz-PulP_IBDzk3NjkxMzQ2NjU0ODA5OaoEA0RDSPoBBjYuMTYuMMoDBTEzMTczwgUBMogDxJSVkgbKBQUxNDI3M-gBAVoIcGJhMS4zLjGoAQGKAQhlNzY0ZjdmN2oLZWFybm1lLmNsdWLgA7B44AUByAEAQgZlbWNfT1PSBQkxMDUxOTkzODZSDWFhcy05NDNjOTNlYi3YBQF4AZoDJDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMOoFB2Rlc2t0b3CgAQHAAfv3CjoIYXBwbmV4dXO6AgkzNDcyNDA5NzdKC2Vhcm5tZS5jbHViqQIAAAAAAAAAANoCCDIxMDA4MzA1kgECMTCiAwxZV1JoY0dWNExtbHaRAl0w6B-lW5Y_IgpfbHJycnV6cWNwqAM9mAKtA-gCAeoDDzM4Njk1NzY3YWM1MzRjZdAB____________AQ&r=1&w=-17.77777777777778&h=-10&bid=976913466548099&cr=347240977&c2=acdn.adnxs-simple.com&c1=InLine&us=va4.0&i=0&cn=15&eid=15kcpcq6sfn7c590mt&ts=1648708170218&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.50.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-50-170.compute-1.amazonaws.com
Software
MonetEngine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://earnme.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 31 Mar 2022 06:29:30 GMT
cache-control
max-age=0, private, must-revalidate
server
MonetEngine

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1323
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEGek8EsukChr3lUEDiN-rK4&google_cver=1&google_push=AYg5qPLHwtT6rQ0uZYjqdmN9EYd2kfytmOI-1IBFWF3kNdrpPEjf8ES_oJWXKw11xL-wgpqJ-oHX8L9KRFtpnBYHD-E9CtPGBVDB
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEGek8EsukChr3lUEDiN-rK4&google_cver=1&google_push=AYg5qPJbvxpm7MYeA4xT22aGxujhRSin6lTgzaF0ZCmLubvvc6ai0wg7BfTqoCRwfEPrSuEfc1AJcMCdBWi4McaRU-xH0ac0ZnMwzQ

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| _wpemojiSettings function| advanced_ads_ready undefined| $ function| jQuery object| html5 object| Modernizr object| jQuery112408559259964925632 object| anchorSlot object| interstitial object| googletag object| interstitialSlot function| gtag object| dataLayer object| twemoji object| wp object| ggeac object| google_js_reporting_queue number| count number| counter function| timer object| google_tag_manager function| aawChunk object| aaw object| _pbjsGlobals function| docReady object| mnet number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map object| google_tag_data object| gaGlobal string| google_user_agent_client_hint object| addComment object| googleToken object| googleIMState function| processGoogleToken object| aniplayerPos function| onYouTubeIframeAPIReady function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| avPlayer object| liQ object| storageAni object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| closure_lm_304929 object| GoogleGcLKhOms object| google_image_requests

46 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: m2v6tl-012949f34489f6b577-003
earnme.club/ Name: tp2
Value: 108Gb
.google.com/ Name: CONSENT
Value: PENDING+278
earnme.club/ Name: _uc_referrer
Value: https://www.google.com/
.earnme.club/ Name: _ga
Value: GA1.1.1040166477.1648708164
.earnme.club/ Name: _ga_LY1N2M6E7Y
Value: GS1.1.1648708163.1.1.1648708163.0
earnme.club/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.rubiconproject.com/ Name: khaos
Value: L1EM9TB1-8-59G9
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qq0KOCQfHKF4ObASkO6QPb7E03ikE5KqM12XwTgci4QkscSJC2XDL/4nG16TXBLBX+ujHVvJEoBj/CD5b2doRFDsqlSNZOaaDQ=
.doubleclick.net/ Name: IDE
Value: AHWqTUkz7qvpuwPWTebzoNXlqEVqqiZXqRw0WDBPjp_g-ARgex7JgtOr06lsxNRg0eU
.aniview.com/ Name: aniC
Value: 1648708164491-925064035684-007717-000-003032
earnme.club/ Name: _lr_retry_request
Value: true
earnme.club/ Name: _lr_env_src_ats
Value: false
.earnme.club/ Name: panoramaId_expiry
Value: 1648794564764
.yahoo.com/ Name: A3
Value: d=AQABBEVKRWICEBYqm06Y-LN8wPMjgsA1nE8FEgEBAQGbRmJPYgAAAAAA_eMAAA&S=AQAAAndqrYeMRf5p1bOByHPuCOA
.liadm.com/ Name: lidid
Value: 267c3c2a-55c4-4c7c-9710-d3e13e5130da
.doubleclick.net/ Name: DSID
Value: NO_DATA
prebid.a-mo.net/ Name: __amc
Value: 2_1648708164_1648708165
earnme.club/ Name: pbjs_li_nonid
Value: %7B%7D
.adnxs.com/ Name: icu
Value: ChgI3uM8EAoYASABKAEwxZSVkgY4AUABSAEQxZSVkgYYAA..
.adnxs.com/ Name: uuid2
Value: 3894811086723210314
.earnme.club/ Name: __gads
Value: ID=720a837b1e82844a:T=1648708163:S=ALNI_MZSRL-TjHgj9Gp5ExtG1AnhEadrSA
.earnme.club/ Name: cto_bundle
Value: KUUn4V9NQnZSb05PRXl0TmJEaTU4M2FEM2d3OTdPMTY4ZENrODhPJTJGQVRFSTNMUUw0cmpZVWFZRHFqTm1Jcmtra1pWazU2SXZ6UmZNQkJ3Um9LdUptVHVmWVhMRUM2ODN1SUNzbVc3RE9GJTJGUVFaQ1JDYzY3M1J2cXI1NDFpZ3huQnMlMkZBZg
.earnme.club/ Name: cto_bidid
Value: DDeq9184NEo3VHVLUGFoWWc1a0pWSlBQU0lxRGNhSjE3b2hDT1pocGh4Nk15SWFDYUtmaWNXMUN4MjQlMkZsNzdmY2hMbFhweThxREFBaVhYa0lMZUc4bWRnZTNBJTNEJTNE
.casalemedia.com/ Name: CMID
Value: YkVKRQwlvWE.CejJfgNxpwAA
.casalemedia.com/ Name: CMPS
Value: 3194
.casalemedia.com/ Name: CMPRO
Value: 1136
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hb<Is*iH!@wnfH8K6pQK`!5=E<*L5?%M3]1_h(_sRoe.Qxpv4xM0k6)O1A??l_([O^x`*bpRz*qF1`*b^JZ)v$''
.3lift.com/ Name: tluid
Value: 987582385229412419760
.advertising.com/ Name: APID
Value: UPe91b34d8-b0bb-11ec-92e6-06898ec754f0
.w55c.net/ Name: wfivefivec
Value: RJfps3Tn1NzOjb5
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YkVKRQARMcMJygBH
.w55c.net/ Name: matchgoogle
Value: 5
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~2426:18wq~2426"
.casalemedia.com/ Name: CMST
Value: YkVKRWJFSkYA
.w55c.net/ Name: matchcasale
Value: 5
.tribalfusion.com/ Name: ANON_ID
Value: aOnsIHSyZaRGRT8vnQXvQA0cBFxqKu9vpakWrUxNrGXoXMfSNeHWkMnlVQukrf5PZd72l6AiVqjDZc3jAgU3kMcb3qL
.quantserve.com/ Name: d
Value: EDsBDQHlJbjvsQA
.quantserve.com/ Name: mc
Value: 62454a46-36509-45d53-9be5f
.casalemedia.com/ Name: CMRUM3
Value: bc62454a4605a00&5162454a4627605aa4Auf1uAH-p7oC462hA-bwuQT-re5S5vJwYloI&2f62454a462760RJfps3Tn1NzOjb5&6f62454a4605a0&2e62454a4605a0&2d62454a452760CAESEN0jX3_AJCh2cGMZ0RwDCj4&e662454a462760&2762454a460b40&f162454a4605a0
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&83920c2b-cb54-4f35-84a4-90e9b8274ff3"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDg3MDgxNjY7MjswMjH3CuAuIPmHn8SquxAyyw9aytpTqDYxkJ5M6GzDj+wipg==
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2755:u=1:x=1:i=1648708166:t=1648794566:v=2:sig=AQGPrjbrdGnHLjnvMTXfnmW47v6_trx6"
.amazon-adsystem.com/ Name: ad-id
Value: A5hqg8zlAUewhGIhaMzq2VM
.amazon-adsystem.com/ Name: ad-privacy
Value: 0

15 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8166901308023325&output=html&adk=3826760629&adf=1341073466&lmt=1648708164&plat=8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648708163892&bpp=2&bdt=263&idt=134&shv=r20220329&mjsv=m202203240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3263859720684&frm=20&pv=2&ga_vid=1040166477.1648708164&ga_sid=1648708164&ga_hid=1800107939&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065921%2C31062930&oid=2&pvsid=81520691052323&pem=267&tmod=1684429973&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=151
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
javascript error URL: https://earnme.club/zero-8i-from-infinix/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://earnme.club' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1323
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.adapex.io/hb/aaw.emc.js(Line 2)
Message:
Unrecognized feature: 'conversion-measurement'.
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/140445308604698908/html5-animation-MWD-300x250-en/index.html".
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJqfKlw368J3fzMfcX2d9eA8me9QrxojjeC89owISUq5fC8DIwB08WWxAXKYK80c3rQX__dGIrvB8KhPfl7y89-5RyurWXb
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1x1.a-mo.net
3e0e8bdba998987575c0c3d402df05df.safeframe.googlesyndication.com
a.tribalfusion.com
acdn.adnxs.com
ads.yahoo.com
adservice.google.com
adservice.google.lu
api.rlcdn.com
assets.a-mo.net
bit.ly
bs.serving-sys.com
c1.adform.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
cat.hbwrapper.com
cdn.adapex.io
cdn.ampproject.org
cdn.jsdelivr.net
cm.g.doubleclick.net
crcdn09.adnxs-simple.com
dclk-match.dotomi.com
digikulture-d.openx.net
dsum-sec.casalemedia.com
earnme.club
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fav-cdn.a-mo.net
fav.a-mo.net
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs-simple.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
idx.liadm.com
imasdk.googleapis.com
js-sec.indexww.com
link.tnlink.in
match.adsrvr.org
mug.criteo.com
nym1-ib.adnxs-simple.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
player.aniview.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.adnxs.com
prebid.media.net
pubads.g.doubleclick.net
px.ads.linkedin.com
rtb.adentifi.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
ssc.33across.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.1rx.io
sync.teads.tv
tg1.aniview.com
tnlink.in
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
api.rlcdn.com
cm.g.doubleclick.net
google2waycm.netmng.com
100.25.50.170
100.25.93.71
104.109.78.125
104.111.242.245
104.254.151.60
13.248.245.213
141.95.3.40
142.250.181.226
142.250.185.194
142.250.186.34
147.75.38.124
15.197.193.217
151.101.193.108
151.101.194.49
178.250.0.157
18.185.154.236
18.198.167.236
18.204.184.124
184.31.84.150
192.241.157.60
213.19.147.44
23.35.236.188
23.35.236.247
2602:803:c003:200::41
2606:4700:3034::6815:44f4
2606:4700::6810:5814
2606:4700::6812:c05
2606:4700::6813:9e13
2606:4700::6813:9f13
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2620:1ec:21::14
2a00:1288:80:807::1
2a00:1450:4001:800::200a
2a00:1450:4001:808::2001
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a02:2638::1c
2a02:26f0:3500:58c::2c79
2a02:26f0:3500:595::2c79
2a02:fa8:8806:12::1370
2a04:fa87:fffe::c000:4902
2a05:d018:d29:3601:a746:fcb9:df78:326d
2a06:98c1:3120::7
2a06:98c1:3121::7
3.120.46.173
3.126.56.137
3.248.131.63
3.65.16.69
34.107.148.139
34.149.20.76
34.98.64.218
35.244.174.68
37.157.4.23
37.252.161.190
37.252.172.123
37.252.172.45
44.196.175.192
51.75.86.98
52.28.203.152
52.46.154.242
54.145.157.73
67.199.248.11
68.67.179.154
69.173.144.138
69.173.144.139
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0140d1187c3308c40475bc2e2edaa99ed1b397695abbcbfa80b8692939bd0636
036e9bd4c8ef7ecdc5101e90cfa027799d6ab642c1613b4ac53b0b145bcede23
049d183b12915bb171ac4ffef9dd27ff4d9397b5741a8b12f564b76c94d11735
06572b289d5f13650907ba974fedb76ea23ec4a25c41b90f43f93a892110036d
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
0956c40a363ba6ed28293f597a1d04a70301bdc93847d0bc63c42054579a43dd
0aad7386266e146728e3a4065284327c76369b5f8d991952d5021ae47ed5acd1
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b87b832b8f0af9f872dd159f430ecf6c8e5e15abf94502baf490edfde3261c8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
10aaabc82b4fc7e53f9a4b8c6a467d6b8bcf2e27cda8f9ea13235a4974740fd4
1119f39b46f15ecba4131ef36fa1019b2501d56883ad704f0bfc9034b57987dc
11876c569cf92772a49a6f735f902f2c79a194985674afad091c13cb6ceb7250
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1485b51d61c10a59def2ec263a190d9ee2351ce1b62972c43a78565675a37eef
16ce40d2e9fc1fffb92e49c4bc10958495518d843ca25ce6acd580c15215bb08
1725d39c8aa07f7311d6c867c8a42d73993d9cdd4a22d30501b82fe31613d882
17c36e9523e8b97999649b89a0f8480d574d7a1fe1dd4f3d8fe841e5649cd0c5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b3e9c17d108472ca25fc496fce69233a7964fd30164db48c007514541c2fb9d
1b8c27624d9ed0bc757193e0722738bd99eb8311403992e0ea6805251425e50c
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1edd5391168ee2ad5d26dfc28001a17ddc0865fe458493c1ebde2be83cd9e9e6
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
2453adff620e3c8c50559b7b46f845ac36b22e140481605b9c69e3d85c6d151b
24acc823398408f3bef7f5f1beed6ee71d5a9c72d18929f1a5509d79bd18f8c1
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ce57bd0fa2624bc5eac3701da8c04e315f177fc440ef4a9f46bb0699f942c34
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
2e4aebefe0331b731aacbaa4f0578757bbb75575f5406bd3c6a83729eef3d134
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
2f8566c4f5cc6c0b5be451d305073bebb43ae90bc5daf402a4569f61a5da9c09
32391e5d56d10900eccaf5ff6040224e96de4e09db5739aa213c4bb09779d579
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35c270a84a842110f7c7dd21d7565dc5dd006d44c0f668ade3551ec0b1f41432
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37ac1b83493ec0dfb9e7576f0307fd51e1cde119c37a64333e0f905f359bc9c7
39452d7b5f27d980b68751b57e76a75098f20de419c7d1b0a10a4ae4fcb2e7a7
3ae0a68263138b47cb5c9206523a68a3cc2ded2e2522551a7601baf73828ef42
3b71f8c2c6155e87421d4937e09c80832544716217ad1f5da7a1249150cd9b4c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4823ba1362327addef6f7fd8d7235fcf62731a355c9b83a87b84941650689bea
497bf7076b444cdfe3fc9abb983941941625f509e61b4ad4e7580d32f1b5db50
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c388acf35492e2476b214bfb448ae32dd8bec6fd6088ecda3cb29ee4e738df2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86
4fc50bebc76b1e201390b7e601ee1ec7fee66fe98546209fd34a34fd59335c5a
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
553bace60a0d1bdefb85f9a5eb768da636d311df18645c29d0d9ab18a7e9d910
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e21c0b93290490c1b1bcd3c541dc358b4f5bb43b24d954dc075e82fe48dcaf
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
610f564c5565b07da082ca267469e576974f28723dbed8897cad7944a5f988cd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6846607e37237f076851e728699a5949c455a35dc6078ba8f7f05ca4c01f85b7
6c4447d8f1de0217e28e79639f27651a1957603dcc2131783469a180a4b75d41
6c6799f4aee89a69d9fbf39794dd02eb8c65a040cea6aa95c9ad34536f998495
71609501b179bed21d0470e366fa2c6c3441a3d16101f17dd6b3793ddc57bde7
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73c2ed8b0532eed7e4e8493b41da27756b818aa7e648b70bfdd50571cd8d7535
758847d2c5d9b649afd91bb16d19be8b66601bb237e4a0f1717156c9e2b4b0c3
786cbbdde94aac41b3ec33a08b95aad7415911afc5820daffa8e329002d8a96e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7c50f0896e327d8697a0accdaba9302b03ecb4aaadb4efe667c06c86935a5592
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
823068b6b6a39cad32cf89edbec0d116531302e077b701ef7837ae95d6873d64
83fdfe5b29fa21198b6a328153245800fefa7f15bcd72182517a6c187c24e527
83ffc17f9823f4dd9fbcc6534ae9d38f4af6cacc4b699fabac6c7bbce20d6c6d
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
862848c10f138911ab402b4433b520465bf8eff2fe5f4bab46ed9a94896d0e32
87617d3d981ac1e0f4a5a835feaf148a8fc32f5e2b08c764b93324e6924d95fa
8877253386a74e6d0d5679eeb3c5288751cbc436f2928fbaefc6189f2da02892
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da979458600536726a4bfca5e105c96a405e0740c16e55a7d6cc59108706417
8fa70691323e853719d08d57b1d4003fe54a6c75a1365d8d8658177300754b6c
93159626bdf613bd55ce1e7091f1122d2f17d177eebbd86873bd3e9747a2d759
93a048524adfccae5639bcfc6fe2d7c2dabcebdaad4addb80d4d79f828f55c9a
94bb6e8cec71065f833a185c82836a1572e4e11e4c9c678c66adf26d96b834be
969e9be177c78f263f4fe807f8c815c54526cbc3741c4a7d881428f066610306
996ee0f3a8f51bf144147caab718d06d9fb77b4431aa05be32337c629022322f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d52a9e2e1cd75216a62369337bda617eb7714b0b1483195d22fec2185c72258
9dd321b25a6ac6e4a57b8772334701adb2dcf8a0d0f93c270b54ef421e6c18be
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04af0a44597b3b07c8cc130746f19e96b7fd769e4c555c7c3b0b576549d63f6
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a7172332d735b861329db6ee6def453719638564dac67bf15a5d39f7b8b6d259
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7a53bd43b94aeadeea2d82c90e10b53febb67c563f2e9b718452d146ceef20e
a926c8423c691b65331a025893bc4fece556403894858bc55663cd7aeb67100a
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
b12060a2b09abfbb792d0b7a9a1dd007157e7f03cbfd2d7cd6713df6d2ff4486
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3d376ff58af2e019802aec5b372a1f2be762015129477395039976e13fa2e32
b8e352006cc3bc3c7c2206316ef5ecc3a319959d6b6a3b4da9702afd1dff10de
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
b99b81870bf22b5a8cf7b0cc40f78bd0f6969947fd556e67d519aef8ce149993
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bc87190748823a82e25f645baf79d53f6192372fa156427b971ac32b955c322b
bfa0d8300b382db32ad1a8338598f455b9887178273a65d7ea581fb2d9c5aa61
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5d5457f90066522a911b38cb46406ab934010552afd79068832a6173ac7e275
c77007b18d8de78468e9c57006eec632ec7179f1c27739899535cabba47289f0
c9421d55513b79e070b7391c8f0da289606a86f41880cef5d3772fe822dd03e9
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cb4d0a7322dfb7992da3c50dc52f52196a852d893bddd26de002eee0ae270b0f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd95b8f5f967ec953aac878c8c952763b815cb1a3c9a20bee7bb70babee17bf3
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d25b83dd3052cdc0deb7ff8abc494a5f00f21398ed19dc79978e49a8a87a5e10
d494a9f84e2e75c53163d8ef6ee37a7794aab3e6abf38ef388e00cce92e2857f
d593fdf64289375adaa96b87ebf4c4beec2995d730e3601254e0a226808bfe57
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da0fc35d006856428a7148ae611b2a97ed67b92644ef63d89761b6c6d0339d89
da8b0a49283852e21e9c165961823115b4426d2ac7830a6b4c0cf9a6186c049a
dc4c5d92a47944dc3194ecd5af16f1c7383967269e63ea2345352a4f038539a7
dc6e31a7f25a2b840a9441fa01e0342f66edd315f40296c7cbbd0e1873cf8f49
dfd5a1ab67641b6e1770a0782c157943964d002e8c1b22f04cbe8cd3de4bd3f0
e11dced993be3d8dc0b83a9532f0423d64ef189d577b91a7f9794b653ba435bd
e19f205819a04bffb4cb56dc4fdfba7ac6dcff2f4dc19cc3db7212c9fa7c1364
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bbdc376b0d9f6584950084b59e7fffc02ca3da87ea543bafe19d4a5e1b9f0e
e4efdbebf72892600381b1f062abeca640790faf52dda3c9f6bb961032deb11b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed2ecf3da64fedc199ed6e5fe34de7c97f8d8466ad15f392312b590d727a918e
ed7f9f13057c2e574b47c2e9e44c03b115e1ff2f429be51085ca7e80432af78b
ee48df789588d8c0a7731208a107f84251d6ee5e74e37257d86909c920ff54b3
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eeead248868138b8e6f49f895e81497fbcef0d3a402b7ba997553ac211b448f3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f0fe4ac86ba05ce098ba84e9a218874e6d1d1e4113516f9cd5b913ee2a784818
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f9dd1a6570d67d229d4bdf1a08f18ad6679a76a80efee6f0c47bf0133ea6c6bb
ffbba010d8b2a59b00c92ffe2dcd7d70bb9565edbbdd998f1df06e8e06b3a421