earnmoneysafe.com Open in urlscan Pro
194.36.191.196  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response earnmoneysafe.com/	20 KB 3 KB	160ms 34ms	Document text/html	194.36.191.196 HS
General Check archive.org Show headers Download Go to Full URL http://earnmoneysafe.com/ Protocol HTTP/1.1 Server 194.36.191.196 Naaldwijk, Netherlands, ASN60117 (HS, AE), Reverse DNS hosting1.nl.hostsailor.com Software LiteSpeed / Resource Hash 355107b5ee670961c785308a98c61b6149084edeab910995487fd10168896149 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Connection Keep-Alive Keep-Alive timeout=5, max=100 accept-ranges bytes content-encoding gzip content-length 2833 content-type text/html date Mon, 06 Mar 2023 21:01:40 GMT last-modified Wed, 25 Jan 2023 15:43:41 GMT server LiteSpeed vary Accept-Encoding
GET H2	200	css fonts.googleapis.com/	5 KB 1001 B	117ms 42ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat:400,500,700&display=swap Requested by Host: earnmoneysafe.com URL: http://earnmoneysafe.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fe4ded55789f78204754a353d124951e36b60128ca671450e55b5f328927f786 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer http://earnmoneysafe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 06 Mar 2023 21:01:40 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 06 Mar 2023 20:52:36 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 06 Mar 2023 21:01:40 GMT
GET H/1.1	200 OK	image.jpg earnmoneysafe.com/laonm/images/assets/	45 KB 46 KB	33ms 32ms	Image image/jpeg	194.36.191.196 HS
General Check archive.org Show headers Download Go to Show image Full URL http://earnmoneysafe.com/laonm/images/assets/image.jpg Requested by Host: earnmoneysafe.com URL: http://earnmoneysafe.com/ Protocol HTTP/1.1 Server 194.36.191.196 Naaldwijk, Netherlands, ASN60117 (HS, AE), Reverse DNS hosting1.nl.hostsailor.com Software LiteSpeed / Resource Hash 1c6f1c03d8ce481c18affa2df9dc9fcacd6d7ead4a38b2727642d1a8c7ed6ddf Request headers accept-language nl-NL,nl;q=0.9 Referer http://earnmoneysafe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 06 Mar 2023 21:01:40 GMT last-modified Wed, 25 Jan 2023 00:05:08 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 Connection Keep-Alive accept-ranges bytes Keep-Alive timeout=5, max=100 content-length 46506 expires Mon, 13 Mar 2023 21:01:40 GMT
GET H/1.1	200 OK	benefits.jpg earnmoneysafe.com/laonm/images/assets/	7 KB 7 KB	54ms 28ms	Image image/jpeg	194.36.191.196 HS
General Check archive.org Show headers Download Go to Show image Full URL http://earnmoneysafe.com/laonm/images/assets/benefits.jpg Requested by Host: earnmoneysafe.com URL: http://earnmoneysafe.com/ Protocol HTTP/1.1 Server 194.36.191.196 Naaldwijk, Netherlands, ASN60117 (HS, AE), Reverse DNS hosting1.nl.hostsailor.com Software LiteSpeed / Resource Hash 26f3674c5b265f1062db1dda7c1816442e35c79d6cfc281dbfddac0fdff39f7d Request headers accept-language nl-NL,nl;q=0.9 Referer http://earnmoneysafe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 06 Mar 2023 21:01:40 GMT last-modified Wed, 25 Jan 2023 00:05:08 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 Connection Keep-Alive accept-ranges bytes Keep-Alive timeout=5, max=100 content-length 6809 expires Mon, 13 Mar 2023 21:01:40 GMT
GET H/1.1	200 OK	run.php Show response cdn101.zeroparallel.com/form/	4 KB 2 KB	649ms 450ms	Script text/javascript	104.18.118.235 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn101.zeroparallel.com/form/run.php?p=41FDDFA013EE4F31987673326FC74C20 Requested by Host: earnmoneysafe.com URL: http://earnmoneysafe.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.18.118.235 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7007d4909ce159624421ce8e2b3a298f8711ad40ac4c33ea93edd67dff5dfe90 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer http://earnmoneysafe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Mon, 06 Mar 2023 21:01:41 GMT Strict-Transport-Security max-age=31536000 Content-Encoding br CF-Cache-Status DYNAMIC Server cloudflare Transfer-Encoding chunked Content-Type text/javascript;charset=UTF-8 Connection keep-alive CF-RAY 7a3d890abb190bad-AMS
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v25/	30 KB 31 KB	188ms 59ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://earnmoneysafe.com accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Fri, 03 Mar 2023 13:48:40 GMT x-content-type-options nosniff age 285180 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30928 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:57:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 02 Mar 2024 13:48:40 GMT
GET H/1.1	200 OK	loader.php Show response cdn101.zeroparallel.com/form/	51 KB 16 KB	298ms 298ms	Script text/javascript	104.18.118.235 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn101.zeroparallel.com/form/loader.php?orig_p=41FDDFA013EE4F31987673326FC74C20&p=41FDDFA013EE4F31987673326FC74C20&ppv=0&site=http://earnmoneysafe.com&queryString= Requested by Host: cdn101.zeroparallel.com URL: https://cdn101.zeroparallel.com/form/run.php?p=41FDDFA013EE4F31987673326FC74C20 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.18.118.235 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbc58a540866ce11bbb0754be4d38bea6121173bdc78132af1a96827aa67d694 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://earnmoneysafe.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Mon, 06 Mar 2023 21:01:41 GMT Strict-Transport-Security max-age=31536000 Content-Encoding br CF-Cache-Status DYNAMIC Server cloudflare Transfer-Encoding chunked Content-Type text/javascript;charset=UTF-8 Connection keep-alive CF-RAY 7a3d890d98290bad-AMS
GET H/1.1	200 OK	fe0e9a3fcecad33f2b3d047eba468c4b.css cdn101.zeroparallel.com/static/	139 KB 19 KB	141ms 140ms	Stylesheet text/css	104.18.118.235 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn101.zeroparallel.com/static/fe0e9a3fcecad33f2b3d047eba468c4b.css Requested by Host: cdn101.zeroparallel.com URL: https://cdn101.zeroparallel.com/form/loader.php?orig_p=41FDDFA013EE4F31987673326FC74C20&p=41FDDFA013EE4F31987673326FC74C20&ppv=0&site=http://earnmoneysafe.com&queryString= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.18.118.235 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c7d995ec75d350c5fcd8eb2369770b087a7f28d7dfd18150e754d6f7b861776 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer http://earnmoneysafe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Mon, 06 Mar 2023 21:01:41 GMT Strict-Transport-Security max-age=31536000 Content-Encoding br CF-Cache-Status MISS Last-Modified Thu, 02 Mar 2023 13:08:32 GMT Server cloudflare ETag W/"64009fd0-22cb3" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control public, max-age=14400 Connection keep-alive CF-RAY 7a3d890f7bf30bad-AMS Expires Tue, 07 Mar 2023 01:01:41 GMT
GET H/1.1	200 OK	5470093fa655b006f6d4000c1a88bda4.js Show response cdn101.zeroparallel.com/static/	784 KB 199 KB	800ms 747ms	Script application/javascript	104.18.118.235 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn101.zeroparallel.com/static/5470093fa655b006f6d4000c1a88bda4.js Requested by Host: cdn101.zeroparallel.com URL: https://cdn101.zeroparallel.com/form/loader.php?orig_p=41FDDFA013EE4F31987673326FC74C20&p=41FDDFA013EE4F31987673326FC74C20&ppv=0&site=http://earnmoneysafe.com&queryString= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.18.118.235 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 275bfedf644f0b4891919abcd7e4b915630f7274d3f0f70087064380918d6b5a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer http://earnmoneysafe.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Mon, 06 Mar 2023 21:01:42 GMT Strict-Transport-Security max-age=31536000 Content-Encoding br CF-Cache-Status MISS Last-Modified Thu, 02 Mar 2023 13:09:01 GMT Server cloudflare ETag W/"64009fed-c4101" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=14400 Connection keep-alive CF-RAY 7a3d890fd92b1cae-AMS Expires Tue, 07 Mar 2023 01:01:42 GMT
GET H/1.1	200 OK	333a4895-8126-4639-e101-aec1166f432b.js Show response create.lidstatic.com/campaign/	121 KB 39 KB	689ms 638ms	Script text/javascript	2606:4700:10::6816:26b6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://create.lidstatic.com/campaign/333a4895-8126-4639-e101-aec1166f432b.js?snippet_version=2 Requested by Host: earnmoneysafe.com URL: http://earnmoneysafe.com/ Protocol HTTP/1.1 Server 2606:4700:10::6816:26b6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b340a2db32eb20d982bb9050f9755ad90ed6ae8dcbc985c38cffbb8909b4aa58 Request headers accept-language nl-NL,nl;q=0.9 Referer http://earnmoneysafe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Mon, 06 Mar 2023 21:01:43 GMT x-amz-version-id rmG4HreyOdzXlYwtgrMSWhMtWY7.mZWf Content-Encoding gzip CF-Cache-Status MISS x-amz-request-id X5255AF1YBY02PVS x-amz-server-side-encryption AES256 Transfer-Encoding chunked x-amz-replication-status COMPLETED Connection keep-alive x-amz-id-2 uhAHQ+RtOi0uJGoI8MAywYj+zl9wXC8ddNHfbczBodVHQrrhnD+DrseKUos0vdSN0ZnMP0r4z/0= Last-Modified Thu, 08 Dec 2022 13:25:12 GMT Server cloudflare ETag W/"ca95dac469a543a56dba5bccbafa7ba8" Vary Accept-Encoding Content-Type text/javascript Cache-Control max-age=1800 CF-RAY 7a3d89160ac12bdc-FRA
GET H/1.1	200 OK	l.php Show response cdn101.zeroparallel.com/x/	0 477 B	525ms 470ms	XHR text/html	104.18.118.235 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn101.zeroparallel.com/x/l.php?currentWebsite=http%3A%2F%2Fearnmoneysafe.com%2F&referrer=&userUniqueId=986db313af7aa393d73eb94f83f6412a&keyword=&p=41FDDFA013EE4F31987673326FC74C20&promoType=FORM&refPromoId=63 Requested by Host: cdn101.zeroparallel.com URL: https://cdn101.zeroparallel.com/form/loader.php?orig_p=41FDDFA013EE4F31987673326FC74C20&p=41FDDFA013EE4F31987673326FC74C20&ppv=0&site=http://earnmoneysafe.com&queryString= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.18.118.235 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer http://earnmoneysafe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Mon, 06 Mar 2023 21:01:43 GMT Strict-Transport-Security max-age=31536000 Content-Encoding br CF-Cache-Status DYNAMIC Server cloudflare Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin * Connection keep-alive CF-RAY 7a3d89173c4a0e3c-AMS
POST H2	200	GenerateToken Show response create.leadid.com/2.11.13/	36 B 657 B	405ms 160ms	XHR text/plain	52.72.8.210 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.11.13/GenerateToken?msn=1&pid=a6edf2c9-5727-4141-823c-1089c1205ba8&_=139501134 Requested by Host: create.lidstatic.com URL: http://create.lidstatic.com/campaign/333a4895-8126-4639-e101-aec1166f432b.js?snippet_version=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.72.8.210 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-72-8-210.compute-1.amazonaws.com Software nginx / Resource Hash 0a3148a5aaab138016a9d26c94caeaa40d11cb2e81fff1a6338693c3f26a9738 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer http://earnmoneysafe.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Mon, 06 Mar 2023 21:01:43 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	iframe.html Show response d2m2wsoho8qq12.cloudfront.net/ Frame 7C33	3 KB 2 KB	149ms 33ms	Document text/html	13.32.118.65 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C9DAF551-16A5-CA85-CB72-0C5FED4F4F2D&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=333A4895-8126-4639-E101-AEC1166F432B&lac=87065484-8408-BB52-B83F-6721BE64D7B3 Requested by Host: create.lidstatic.com URL: http://create.lidstatic.com/campaign/333a4895-8126-4639-e101-aec1166f432b.js?snippet_version=2 Protocol HTTP/1.1 Server 13.32.118.65 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-118-65.fra60.r.cloudfront.net Software nginx / Resource Hash e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer http://earnmoneysafe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers Age 1866 Connection keep-alive Content-Encoding gzip Content-Type text/html Date Mon, 06 Mar 2023 20:30:39 GMT ETag W/"63ebe88f-dbb" Last-Modified Tue, 14 Feb 2023 20:01:19 GMT Server nginx Strict-Transport-Security max-age=31536000; includeSubDomains; preload Transfer-Encoding chunked Via 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront) X-Amz-Cf-Id Hq5eshMoZ0eNH_tjQeDG1OmzpJdWMOhX8jsoMH6WyVQ-Q_6m_uz4gw== X-Amz-Cf-Pop FRA60-P1 X-Cache Hit from cloudfront
POST H2	200	SaveDom Show response create.leadid.com/2.11.13/	0 622 B	111ms 111ms	XHR text/plain	52.72.8.210 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.11.13/SaveDom?msn=2&pid=a6edf2c9-5727-4141-823c-1089c1205ba8&token=C9DAF551-16A5-CA85-CB72-0C5FED4F4F2D&_=139501135 Requested by Host: create.lidstatic.com URL: http://create.lidstatic.com/campaign/333a4895-8126-4639-e101-aec1166f432b.js?snippet_version=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.72.8.210 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-72-8-210.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer http://earnmoneysafe.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Mon, 06 Mar 2023 21:01:43 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
POST H2	200	InitFormData Show response create.leadid.com/2.11.13/	0 622 B	108ms 108ms	XHR text/plain	52.72.8.210 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.11.13/InitFormData?msn=3&pid=a6edf2c9-5727-4141-823c-1089c1205ba8&token=C9DAF551-16A5-CA85-CB72-0C5FED4F4F2D&_=139501136 Requested by Host: create.lidstatic.com URL: http://create.lidstatic.com/campaign/333a4895-8126-4639-e101-aec1166f432b.js?snippet_version=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.72.8.210 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-72-8-210.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer http://earnmoneysafe.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Mon, 06 Mar 2023 21:01:43 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	iframe.html Show response deviceid.trueleadid.com/ Frame B346	4 KB 2 KB	390ms 102ms	Document text/html	35.169.79.47 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://deviceid.trueleadid.com/iframe.html?token=C9DAF551-16A5-CA85-CB72-0C5FED4F4F2D&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=333A4895-8126-4639-E101-AEC1166F432B&lac=87065484-8408-BB52-B83F-6721BE64D7B3 Requested by Host: d2m2wsoho8qq12.cloudfront.net URL: http://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=C9DAF551-16A5-CA85-CB72-0C5FED4F4F2D&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=333A4895-8126-4639-E101-AEC1166F432B&lac=87065484-8408-BB52-B83F-6721BE64D7B3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.169.79.47 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-169-79-47.compute-1.amazonaws.com Software nginx / Resource Hash 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a Request headers Referer http://d2m2wsoho8qq12.cloudfront.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers cache-control max-age=86400 public content-encoding gzip content-type text/html date Mon, 06 Mar 2023 21:01:44 GMT etag W/"63dbe867-1049" expires Tue, 07 Mar 2023 21:01:44 GMT last-modified Thu, 02 Feb 2023 16:44:23 GMT p3p CP="NOI DSP COR NID CUR ADM DEV OUR BUS" server nginx
POST H2	200	Snap Show response create.leadid.com/2.11.13/	0 623 B	412ms 310ms	XHR text/plain	52.72.8.210 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.11.13/Snap?msn=4&pid=a6edf2c9-5727-4141-823c-1089c1205ba8&token=C9DAF551-16A5-CA85-CB72-0C5FED4F4F2D&_=139501137 Requested by Host: create.lidstatic.com URL: http://create.lidstatic.com/campaign/333a4895-8126-4639-e101-aec1166f432b.js?snippet_version=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.72.8.210 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-72-8-210.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer http://earnmoneysafe.com/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Mon, 06 Mar 2023 21:01:44 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
GET H2	200	SaveDeviceId.js Show response create.leadid.com/2.11.13/ Frame B346	0 626 B	311ms 107ms	Script text/javascript	52.72.8.210 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.11.13/SaveDeviceId.js?lac=87065484-8408-BB52-B83F-6721BE64D7B3&lck=333A4895-8126-4639-E101-AEC1166F432B&methods=48&token=C9DAF551-16A5-CA85-CB72-0C5FED4F4F2D&uuid=597eea0b28ed48e2bd6a363a3b0efd7f Requested by Host: deviceid.trueleadid.com URL: https://deviceid.trueleadid.com/iframe.html?token=C9DAF551-16A5-CA85-CB72-0C5FED4F4F2D&apiurl=http%3A%2F%2Fcreate.leadid.com%2F2.11.13&lck=333A4895-8126-4639-E101-AEC1166F432B&lac=87065484-8408-BB52-B83F-6721BE64D7B3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.72.8.210 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-72-8-210.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language nl-NL,nl;q=0.9 Referer https://deviceid.trueleadid.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Mon, 06 Mar 2023 21:01:44 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless undefined| uuidCookie string| uuid undefined| ppvCookie string| ppv function| omGetCookie function| runnerGetCookie string| __xlHost object| omParamsStore object| fp object| _omFormSetting string| ____hostname string| ____leadUrl object| omFormCustomization object| omFormRefCustomization string| omUFormSession string| omUFormSessionDate string| unsubOptionTitle object| unsubLinkOptions object| unsubOptions object| preloader function| Fingerprint2 boolean| fpLoaded object| webpackJsonpstepped_react object| inputObjectCopy boolean| onFormExists object| omFormService object| omFormUsService function| _extends function| _objectWithoutProperties function| _objectWithoutPropertiesLoose function| ownKeys function| _objectSpread function| _defineProperty object| banksInfo object| holidays function| validateField object| onSubmitFunc function| jsonp_leads object| personalFormCustomization function| integromator boolean| jsonp_leads_ok function| onSubmit function| pixelHandler function| clearImmediate function| setImmediate object| regeneratorRuntime string| omFormFingerprintHash object| LeadiDconfig object| LeadiD string| label string| id boolean| sensitiveData object| defaultStyleFrame

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.zeroparallel.com/	1969-12-31 23:59:59	Name: __cfruid Value: 3f03a8a37eaab61e516b677d5935869f344f5e37-1678136501
			earnmoneysafe.com/	1969-12-31 23:59:59	Name: leadid_token-87065484-8408-BB52-B83F-6721BE64D7B3-333A4895-8126-4639-E101-AEC1166F432B Value: C9DAF551-16A5-CA85-CB72-0C5FED4F4F2D
			.deviceid.trueleadid.com/	1970-01-20 19:44:56	Name: uuid Value: 597eea0b28ed48e2bd6a363a3b0efd7f

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cdn101.zeroparallel.com/form/run.php?p=41FDDFA013EE4F31987673326FC74C20(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn101.zeroparallel.com/form/loader.php?orig_p=41FDDFA013EE4F31987673326FC74C20&p=41FDDFA013EE4F31987673326FC74C20&ppv=0&site=http://earnmoneysafe.com&queryString=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn101.zeroparallel.com/form/run.php?p=41FDDFA013EE4F31987673326FC74C20(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn101.zeroparallel.com/form/loader.php?orig_p=41FDDFA013EE4F31987673326FC74C20&p=41FDDFA013EE4F31987673326FC74C20&ppv=0&site=http://earnmoneysafe.com&queryString=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cdn101.zeroparallel.com/form/loader.php?orig_p=41FDDFA013EE4F31987673326FC74C20&p=41FDDFA013EE4F31987673326FC74C20&ppv=0&site=http://earnmoneysafe.com&queryString=(Line 15) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn101.zeroparallel.com/static/5470093fa655b006f6d4000c1a88bda4.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn101.zeroparallel.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
earnmoneysafe.com
fonts.googleapis.com
fonts.gstatic.com
104.18.118.235
13.32.118.65
194.36.191.196
2606:4700:10::6816:26b6
2a00:1450:4001:808::200a
2a00:1450:4001:80e::2003
35.169.79.47
52.72.8.210
0a3148a5aaab138016a9d26c94caeaa40d11cb2e81fff1a6338693c3f26a9738
1c6f1c03d8ce481c18affa2df9dc9fcacd6d7ead4a38b2727642d1a8c7ed6ddf
26f3674c5b265f1062db1dda7c1816442e35c79d6cfc281dbfddac0fdff39f7d
275bfedf644f0b4891919abcd7e4b915630f7274d3f0f70087064380918d6b5a
2c7d995ec75d350c5fcd8eb2369770b087a7f28d7dfd18150e754d6f7b861776
355107b5ee670961c785308a98c61b6149084edeab910995487fd10168896149
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
7007d4909ce159624421ce8e2b3a298f8711ad40ac4c33ea93edd67dff5dfe90
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b340a2db32eb20d982bb9050f9755ad90ed6ae8dcbc985c38cffbb8909b4aa58
cbc58a540866ce11bbb0754be4d38bea6121173bdc78132af1a96827aa67d694
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe4ded55789f78204754a353d124951e36b60128ca671450e55b5f328927f786