earnme.club Open in urlscan Pro
157.90.71.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tnlink.in/v3nahJc
Effective URL:
https://earnme.club/zero-8i-from-infinix/
Submission: On September 04 via manual (September 4th 2022, 2:21:32 pm UTC) from IN — Scanned from DE

Summary HTTP 1688 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 104 IPs in 12 countries across 80 domains to perform 1688 HTTP transactions. The main IP is 157.90.71.190, located in Germany and belongs to HETZNER-AS, DE. The main domain is earnme.club.
TLS certificate: Issued by R3 on August 25th 2022. Valid for: 3 months.

This is the only time earnme.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 13	157.90.71.190 157.90.71.190	24940 (HETZNER-AS) (HETZNER-AS)
6 26	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400e:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.32.27.51 13.32.27.51	16509 (AMAZON-02) (AMAZON-02)
22	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:f70... 2a02:26f0:f700:4::212:4f0d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	192.241.157.60 192.241.157.60	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.66.23.213 18.66.23.213	16509 (AMAZON-02) (AMAZON-02)
1	23.35.229.56 23.35.229.56	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
48	143.204.89.60 143.204.89.60	16509 (AMAZON-02) (AMAZON-02)
7	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
12	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
1	185.89.208.11 185.89.208.11	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
3 139	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	35.156.8.160 35.156.8.160	16509 (AMAZON-02) (AMAZON-02)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
48	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	99.86.4.86 99.86.4.86	16509 (AMAZON-02) (AMAZON-02)
46	2606:4700:20:... 2606:4700:20::ac43:49e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	54.188.185.41 54.188.185.41	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:6837	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	52.204.142.233 52.204.142.233	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.215.113 143.204.215.113	16509 (AMAZON-02) (AMAZON-02)
25 50	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
26	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1	141.95.98.68 141.95.98.68	16276 (OVH) (OVH)
90	37.157.6.247 37.157.6.247	198622 (ADFORM) (ADFORM)
45	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
45	185.86.138.121 185.86.138.121	201081 (SMARTADSE...) (SMARTADSERVER)
71	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
5	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
3	52.21.172.125 52.21.172.125	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:ea:... 2a02:26f0:ea:4b9::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	44.224.191.126 44.224.191.126	16509 (AMAZON-02) (AMAZON-02)
133	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
46	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	205.185.216.42 205.185.216.42	20446 (STACKPATH...) (STACKPATH-CDN)
85	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	52.216.232.227 52.216.232.227	16509 (AMAZON-02) (AMAZON-02)
1 2	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	52.59.71.86 52.59.71.86	16509 (AMAZON-02) (AMAZON-02)
26	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
160	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2602:803:c003... 2602:803:c003:200::27	26667 (RUBICONPR...) (RUBICONPROJECT)
44	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
76	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
20	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
5	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1	54.157.211.237 54.157.211.237	14618 (AMAZON-AES) (AMAZON-AES)
9	144.76.87.156 144.76.87.156	24940 (HETZNER-AS) (HETZNER-AS)
16	18.203.209.222 18.203.209.222	16509 (AMAZON-02) (AMAZON-02)
3	46.105.201.233 46.105.201.233	16276 (OVH) (OVH)
1	37.187.28.21 37.187.28.21	16276 (OVH) (OVH)
6	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
6	143.204.215.67 143.204.215.67	16509 (AMAZON-02) (AMAZON-02)
22 46	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
7 13	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	34.250.54.135 34.250.54.135	16509 (AMAZON-02) (AMAZON-02)
2 4	52.57.145.143 52.57.145.143	16509 (AMAZON-02) (AMAZON-02)
1	96.16.132.239 96.16.132.239	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.157.6.248 37.157.6.248	198622 (ADFORM) (ADFORM)
2 5	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
5 5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4 56	138.201.63.145 138.201.63.145	24940 (HETZNER-AS) (HETZNER-AS)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 6	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
52	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
3	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:214... 2600:9000:214f:7a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2600:1f13:800... 2600:1f13:800:7782:2ffd:4913:b6c3:d37a	16509 (AMAZON-02) (AMAZON-02)
34	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
18	88.99.70.21 88.99.70.21	24940 (HETZNER-AS) (HETZNER-AS)
36	52.222.214.100 52.222.214.100	16509 (AMAZON-02) (AMAZON-02)
1	35.241.31.249 35.241.31.249	15169 (GOOGLE) (GOOGLE)
9 18	23.205.253.64 23.205.253.64	16625 (AKAMAI-AS) (AKAMAI-AS)
9	185.85.15.23 185.85.15.23	200107 (KL-EXT) (KL-EXT)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:1c03:949a:3875:f724	16509 (AMAZON-02) (AMAZON-02)
2 3	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 3	2606:4700:440... 2606:4700:4400::ac40:98f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
3 3	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
1 1	2600:9000:223... 2600:9000:223f:9800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1688	104

13 157.90.71.190 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.190.71.90.157.clients.your-server.de

tnlink.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
link.tnlink.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
earnme.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 6 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400e:801::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.adapex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-51.fra56.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f700:4::212:4f0d (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

tg1.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.241.157.60 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: capture.analytics.hbwrapper

cat.hbwrapper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.23.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-213.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-56.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 143.204.89.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-60.fra50.r.cloudfront.net

flashnetic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

at.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.208.11 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: prebid.ams3.adnexus.net

prebid.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.254 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

139 185.89.210.212 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

digikulture-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adpone-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.8.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-8-160.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-86.fra6.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.188.185.41 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-188-185-41.us-west-2.compute.amazonaws.com

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:c::5c7b:6837 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.204.142.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-142-233.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-113.fra53.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a02:2638:1::13 (France) 25 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.68 (France)

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

90 37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

71 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adpone-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

cdn.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
streaming.playstream.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.21.172.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-172-125.compute-1.amazonaws.com

track1.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ea:4b9::2c79 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.224.191.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-224-191-126.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

133 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net

excellence-prebid.sfo2.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

85 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.232.227 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.246 (Rijswijk, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.71.86 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-71-86.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

160 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::27 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

76 185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

crcdn01.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.157.211.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-211-237.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 144.76.87.156 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.156.87.76.144.clients.your-server.de

tm.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 18.203.209.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com

s.update.ib.adnxs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.105.201.233 (France)

ASN16276 (OVH, FR)

static.adbutter.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.187.28.21 (France)

ASN16276 (OVH, FR)
PTR: js13.adlooxtracking.com

j.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 143.204.215.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-67.fra53.r.cloudfront.net

choices.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 216.58.212.130 (United States) 22 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.18.18.126 (None, ) 7 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.250.54.135 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-54-135.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.57.145.143 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-145-143.eu-central-1.compute.amazonaws.com

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.248 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 138.201.63.145 (Nagold, Germany) 4 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de

ad.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad10.ad-srv.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.94.180.126 (Amsterdam, Netherlands) 4 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:214f:7a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:1f13:800:7782:2ffd:4913:b6c3:d37a (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 88.99.70.21 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.21.70.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 52.222.214.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-100.fra56.r.cloudfront.net

choices.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.31.249 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 249.31.241.35.bc.googleusercontent.com

data00.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 23.205.253.64 (Frankfurt am Main, Germany) 9 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-253-64.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.85.15.23 (Germany)

ASN200107 (KL-EXT, CH)

media.kaspersky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:1c03:949a:3875:f724 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.125.22 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::ac40:98f5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.182 (Uppsala, Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:9800:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Waldshut-Tiengen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
279	adnxs.com 3 redirects prebid.adnxs.com — Cisco Umbrella Rank: 1637 ib.adnxs.com — Cisco Umbrella Rank: 225 acdn.adnxs.com — Cisco Umbrella Rank: 594 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6955 cdn.adnxs.com — Cisco Umbrella Rank: 1361	2 MB
206	googlesyndication.com 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 112 d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 145 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com	1 MB
160	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 264	2 MB
139	doubleclick.net 22 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 ad.doubleclick.net — Cisco Umbrella Rank: 196	1 MB
121	criteo.com 25 redirects gum.criteo.com — Cisco Umbrella Rank: 387 mug.criteo.com — Cisco Umbrella Rank: 2794 bidder.criteo.com — Cisco Umbrella Rank: 742	185 KB
113	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 476 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 11131 pixel.rubiconproject.com — Cisco Umbrella Rank: 319 token.rubiconproject.com — Cisco Umbrella Rank: 686 eus.rubiconproject.com — Cisco Umbrella Rank: 551	333 KB
93	adform.net 2 redirects adx.adform.net — Cisco Umbrella Rank: 4012 cm.adform.net — Cisco Umbrella Rank: 1538 c1.adform.net — Cisco Umbrella Rank: 614	19 KB
76	openx.net digikulture-d.openx.net — Cisco Umbrella Rank: 22970 adpone-d.openx.net — Cisco Umbrella Rank: 17996 us-u.openx.net — Cisco Umbrella Rank: 377 u.openx.net — Cisco Umbrella Rank: 655	6 KB
65	ad-srv.net 4 redirects tm.ad-srv.net — Cisco Umbrella Rank: 118680 ad.ad-srv.net — Cisco Umbrella Rank: 47508 ad10.ad-srv.net — Cisco Umbrella Rank: 342940	67 KB
48	flashnetic.com flashnetic.com — Cisco Umbrella Rank: 35918	150 KB
45	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1411	22 KB
45	adpone.com hb.adpone.com — Cisco Umbrella Rank: 21523	5 MB
36	trustarc.com choices.trustarc.com — Cisco Umbrella Rank: 732	140 KB
34	criteo.net static.criteo.net — Cisco Umbrella Rank: 658	950 KB
31	google.com 6 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 78	5 KB
25	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	921 KB
21	adsafeprotected.com 2 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 751 static.adsafeprotected.com — Cisco Umbrella Rank: 567 dt.adsafeprotected.com — Cisco Umbrella Rank: 516	188 KB
18	awin1.com 9 redirects www.awin1.com — Cisco Umbrella Rank: 16722	10 KB
18	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 83969	19 KB
16	adnxs.net s.update.ib.adnxs.net — Cisco Umbrella Rank: 10147	56 KB
16	yahoo.com 4 redirects c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 879 ups.analytics.yahoo.com — Cisco Umbrella Rank: 270 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	3 KB
14	casalemedia.com 7 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 500 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 515 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 430	11 KB
11	earnme.club earnme.club	177 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 359	217 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	206 KB
9	kaspersky.com media.kaspersky.com — Cisco Umbrella Rank: 151231	720 KB
8	teads.tv a.teads.tv — Cisco Umbrella Rank: 1269 at.teads.tv — Cisco Umbrella Rank: 4226 sync.teads.tv — Cisco Umbrella Rank: 1059	6 KB
7	aniview.com track1.aniview.com — Cisco Umbrella Rank: 1917 player.aniview.com — Cisco Umbrella Rank: 1720 go1.aniview.com — Cisco Umbrella Rank: 5038	114 KB
7	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 275 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1254	51 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	6 KB
6	spotxchange.com 4 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 526	4 KB
6	truste.com choices.truste.com — Cisco Umbrella Rank: 731	32 KB
6	sojern.com beacon.sojern.com — Cisco Umbrella Rank: 5407	599 B
6	adnxs-simple.com crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 3937 acdn.adnxs-simple.com — Cisco Umbrella Rank: 2589	110 KB
6	playstream.media tg1.playstream.media — Cisco Umbrella Rank: 51312 cdn.playstream.media — Cisco Umbrella Rank: 90576 streaming.playstream.media — Cisco Umbrella Rank: 66922	1 MB
5	avplayer.com player.avplayer.com — Cisco Umbrella Rank: 10716 track1.avplayer.com — Cisco Umbrella Rank: 18655	132 KB
5	google.de adservice.google.de — Cisco Umbrella Rank: 9270	1 KB
4	adtriba.com 2 redirects d.adtriba.com — Cisco Umbrella Rank: 61298	1 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 4705	917 B
3	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 798 s.tribalfusion.com — Cisco Umbrella Rank: 2081	2 KB
3	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 859 image6.pubmatic.com — Cisco Umbrella Rank: 606	432 B
3	adbutter.net static.adbutter.net — Cisco Umbrella Rank: 126697	3 KB
3	ad.gt id.hadron.ad.gt — Cisco Umbrella Rank: 4325 a.ad.gt — Cisco Umbrella Rank: 4037	4 KB
3	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 749	847 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 395	951 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 336	529 B
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1380	15 B
2	adlooxtracking.com j.adlooxtracking.com — Cisco Umbrella Rank: 9315 data00.adlooxtracking.com — Cisco Umbrella Rank: 8802	23 KB
2	e-planning.net 1 redirects pbjs.e-planning.net — Cisco Umbrella Rank: 5578	836 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3463	361 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1167 id5-sync.com — Cisco Umbrella Rank: 471	14 KB
2	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 1306 id.rlcdn.com — Cisco Umbrella Rank: 542	36 KB
2	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1621	3 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 17219	83 KB
2	tnlink.in 2 redirects tnlink.in link.tnlink.in	405 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1574	586 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 579	191 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 690	440 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 48594	608 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 566	537 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 452	864 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2704	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1015	463 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 370	707 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 872	646 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 1529	522 B
1	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1047	155 B
1	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 20786	448 B
1	digitaloceanspaces.com excellence-prebid.sfo2.cdn.digitaloceanspaces.com — Cisco Umbrella Rank: 456954	229 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1441	325 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1356	594 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 4179	11 KB
1	media.net prebid.media.net — Cisco Umbrella Rank: 1082	885 B
1	bidswitch.net grid.bidswitch.net — Cisco Umbrella Rank: 939	237 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1035	167 B
1	cloudflare.com cloudflare.com — Cisco Umbrella Rank: 134	450 B
1	hbwrapper.com cat.hbwrapper.com — Cisco Umbrella Rank: 14982	256 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	73 KB
1	adapex.io cdn.adapex.io — Cisco Umbrella Rank: 20893	143 KB
0	smilewanted.com Failed prebid.smilewanted.com Failed
1688	80

	Domain	Requested by
160	s0.2mdn.net	712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com earnme.club googleads.g.doubleclick.net s0.2mdn.net 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com acdn.adnxs-simple.com
139	ib.adnxs.com	3 redirects cdn.adapex.io hb.adpone.com excellence-prebid.sfo2.cdn.digitaloceanspaces.com googleads.g.doubleclick.net acdn.adnxs.com
108	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com earnme.club hb.adpone.com googleads.g.doubleclick.net d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com www.googletagservices.com pagead2.googlesyndication.com ad.doubleclick.net tpc.googlesyndication.com acdn.adnxs-simple.com s0.2mdn.net
90	adx.adform.net	hb.adpone.com
85	tpc.googlesyndication.com	earnme.club 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com securepubads.g.doubleclick.net d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com acdn.adnxs-simple.com pagead2.googlesyndication.com s0.2mdn.net
76	ams3-ib.adnxs.com	earnme.club hb.adpone.com flashnetic.com cdn.adnxs.com acdn.adnxs-simple.com
52	eus.rubiconproject.com	flashnetic.com eus.rubiconproject.com hb.adpone.com
50	gum.criteo.com	25 redirects static.criteo.net
48	fastlane.rubiconproject.com	cdn.adapex.io hb.adpone.com
48	flashnetic.com	earnme.club flashnetic.com
46	cm.g.doubleclick.net	22 redirects googleads.g.doubleclick.net eus.rubiconproject.com 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
45	adpone-d.openx.net	hb.adpone.com
45	prg.smartadserver.com	hb.adpone.com
45	bidder.criteo.com	hb.adpone.com
45	hb.adpone.com	flashnetic.com
43	acdn.adnxs.com	hb.adpone.com flashnetic.com
42	googleads.g.doubleclick.net	712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com earnme.club hb.adpone.com d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com
36	choices.trustarc.com	choices.truste.com acdn.adnxs-simple.com choices.trustarc.com earnme.club
34	ad10.ad-srv.net	ad.ad-srv.net
34	static.criteo.net	hb.adpone.com static.criteo.net
26	u.openx.net	earnme.club hb.adpone.com
26	googleads4.g.doubleclick.net	earnme.club googleads.g.doubleclick.net
26	mug.criteo.com	earnme.club
26	www.google.com	6 redirects earnme.club 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com tpc.googlesyndication.com 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com googleads.g.doubleclick.net
25	www.googletagservices.com	securepubads.g.doubleclick.net 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com earnme.club d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com acdn.adnxs-simple.com s0.2mdn.net
22	ad.ad-srv.net	4 redirects tm.ad-srv.net ad.ad-srv.net
22	securepubads.g.doubleclick.net	earnme.club securepubads.g.doubleclick.net flashnetic.com htlbid.com www.googletagservices.com
20	cdn.adnxs.com	hb.adpone.com
18	www.awin1.com	9 redirects ad.ad-srv.net
18	cdn.contentspread.net	ad.ad-srv.net
16	s.update.ib.adnxs.net	hb.adpone.com s.update.ib.adnxs.net
13	dt.adsafeprotected.com	712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com earnme.club
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
12	c2shb.pubgw.yahoo.com	cdn.adapex.io
11	earnme.club	www.google.com earnme.club
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	media.kaspersky.com	ad.ad-srv.net
9	tm.ad-srv.net	earnme.club
7	712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
7	fonts.googleapis.com	earnme.club securepubads.g.doubleclick.net 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com s0.2mdn.net
6	sync.search.spotxchange.com	4 redirects googleads.g.doubleclick.net
6	sync.teads.tv	googleads.g.doubleclick.net
6	choices.truste.com	hb.adpone.com s0.2mdn.net acdn.adnxs-simple.com
6	beacon.sojern.com	hb.adpone.com flashnetic.com
5	token.rubiconproject.com	5 redirects
5	pixel.rubiconproject.com	2 redirects googleads.g.doubleclick.net eus.rubiconproject.com
5	crcdn01.adnxs-simple.com	hb.adpone.com
5	track1.aniview.com	earnme.club player.aniview.com
5	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	static.adsafeprotected.com	712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
4	us-u.openx.net	googleads.g.doubleclick.net
4	d.adtriba.com	2 redirects 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
4	fw.adsafeprotected.com	2 redirects earnme.club
4	streaming.playstream.media	player.avplayer.com
4	c.amazon-adsystem.com	cdn.adapex.io c.amazon-adsystem.com
3	d5p.de17a.com	3 redirects
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	ups.analytics.yahoo.com	3 redirects
3	ad.doubleclick.net	www.googletagservices.com acdn.adnxs-simple.com
3	static.adbutter.net	hb.adpone.com static.adbutter.net flashnetic.com
3	beacon-ams3.rubiconproject.com	earnme.club
3	www.gstatic.com	712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
3	track1.avplayer.com	earnme.club
3	onetag-sys.com	1 redirects cdn.adapex.io d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
2	c1.adform.net	2 redirects
2	a.tribalfusion.com	1 redirects d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
2	eb2.3lift.com	2 redirects
2	match.adsrvr.org	eus.rubiconproject.com 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
2	i.clean.gg	acdn.adnxs-simple.com
2	image6.pubmatic.com	googleads.g.doubleclick.net d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
2	pbjs.e-planning.net	1 redirects earnme.club
2	5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	player.avplayer.com	tg1.playstream.media player.avplayer.com
2	id.hadron.ad.gt	cdn.hadronid.net
2	region1.google-analytics.com	www.googletagmanager.com
2	secure.gravatar.com	earnme.club
2	htlbid.com	earnme.club
1	ssum-sec.casalemedia.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	pixel-sync.sitescout.com	d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
1	s.ad.smaato.net	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
1	cms.quantserve.com	1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
1	px.ads.linkedin.com	eus.rubiconproject.com
1	id.rlcdn.com	eus.rubiconproject.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	data00.adlooxtracking.com	j.adlooxtracking.com
1	image2.pubmatic.com	googleads.g.doubleclick.net
1	cm.adform.net	googleads.g.doubleclick.net
1	ad.yieldlab.net	googleads.g.doubleclick.net
1	acdn.adnxs-simple.com	hb.adpone.com
1	j.adlooxtracking.com	hb.adpone.com
1	go1.aniview.com	player.aniview.com
1	btlr.sharethrough.com	excellence-prebid.sfo2.cdn.digitaloceanspaces.com
1	ams-pageview-public.s3.amazonaws.com	earnme.club
1	excellence-prebid.sfo2.cdn.digitaloceanspaces.com	securepubads.g.doubleclick.net
1	a.ad.gt	cdn.hadronid.net
1	player.aniview.com	player.avplayer.com
1	cdn.playstream.media	earnme.club
1	id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	geo.privacymanager.io	ats.rlcdn.com
1	cdn.id5-sync.com	earnme.club
1	cdn.hadronid.net	earnme.club
1	ats.rlcdn.com	earnme.club
1	prebid.media.net	cdn.adapex.io
1	grid.bidswitch.net	cdn.adapex.io
1	digikulture-d.openx.net	cdn.adapex.io
1	htlb.casalemedia.com	cdn.adapex.io
1	prebid.a-mo.net	cdn.adapex.io
1	prebid.adnxs.com	cdn.adapex.io
1	at.teads.tv	a.teads.tv
1	a.teads.tv	cdn.adapex.io
1	cloudflare.com	cdn.adapex.io
1	cat.hbwrapper.com	cdn.adapex.io
1	tg1.playstream.media	earnme.club
1	www.googletagmanager.com	earnme.club
1	cdn.adapex.io	earnme.club
1	link.tnlink.in	1 redirects
1	tnlink.in	1 redirects
0	prebid.smilewanted.com Failed	cdn.adapex.io
1688	130

This site contains links to these domains. Also see Links.

Domain
earn
wordpress.org
i
rasik
usanewstoday.club
mhthemes.com

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.usanewstoday.tnlink.in R3	`2022-08-25` - `2022-11-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
htlbid.com Amazon	`2021-11-21` - `2022-12-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
wl.aniview.com R3	`2022-08-15` - `2022-11-13`	3 months	crt.sh
cat.hbwrapper.com R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
cloudflare.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
flashnetic.com Amazon	`2022-07-10` - `2023-08-08`	a year	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
prebid.adnxs.com GeoTrust TLS RSA CA G1	`2022-05-26` - `2023-06-26`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.a-mo.net R3	`2022-07-04` - `2022-10-02`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.hadronid.net GTS CA 1P5	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
id.hadron.ad.gt Amazon	`2022-08-24` - `2023-09-22`	a year	crt.sh
outstreamedia.com R3	`2022-07-17` - `2022-10-15`	3 months	crt.sh
*.aniview.com Amazon	`2022-01-05` - `2023-02-03`	a year	crt.sh
*.privacymanager.io Amazon	`2022-08-26` - `2023-09-24`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
cdn.playstream.media R3	`2022-08-20` - `2022-11-18`	3 months	crt.sh
*.ad.gt Amazon	`2022-05-10` - `2023-06-08`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.sfo2.cdn.digitaloceanspaces.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-18` - `2023-05-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
streaming.playstream.media R3	`2022-07-23` - `2022-10-21`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
ad-srv.net R3	`2022-08-04` - `2022-11-02`	3 months	crt.sh
update.ib.adnxs.net R3	`2022-08-13` - `2022-11-11`	3 months	crt.sh
static.adbutter.net R3	`2022-08-30` - `2022-11-28`	3 months	crt.sh
*.adlooxtracking.com R3	`2022-07-07` - `2022-10-05`	3 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-16` - `2023-01-16`	a year	crt.sh
*.truste.com Amazon	`2022-01-17` - `2023-02-15`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2022-08-07` - `2022-11-05`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
contentspread.net R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
*.trustarc.com Amazon	`2022-05-17` - `2023-06-15`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
www.awin1.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-18` - `2023-04-19`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh

This page contains 299 frames:

Primary Page: https://earnme.club/zero-8i-from-infinix/
Frame ID: 89F7FE24B528CDB27FE4E786168368B1
Requests: 111 HTTP requests in this frame

Frame: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 96756CEC83DF832C90CDAD2A99B55065
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 872F1C632FD3B50A02681987ACB8326C
Requests: 19 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=bfcpqssjcvc&e=1957767944024
Frame ID: 0826EB4C9107CECF781E897338455B4D
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=cckwskt&e=1957767944024
Frame ID: 7164DE9A2BC523299E0C5C3BC1E1909A
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=nsaliafjnlg&e=1957767944024
Frame ID: EE9E71CABA299A71C09B584F8A0AD210
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=khwcukop&e=1957767944024
Frame ID: 27876CA9339F722FBD9CFC4A90BFAD42
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=zqobcegrs&e=1957767944024
Frame ID: 9B1BE4FCEC3E8A9F40BB1A26E912341E
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=vkfjay&e=1957767944024
Frame ID: AECC4145BF71693F807BF6226CDB8F53
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=crawfhgtg&e=1957767944024
Frame ID: 47E0E61C4FAA104159F279274EF715A4
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=vksbyedf&e=1957767944024
Frame ID: BBAF8AA4BC64CAEBB941083C04C9113D
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=hbshmnvln&e=1957767944024
Frame ID: C1F8EF6B55A8A1B8254BF2C421BB4BC4
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=xfnkvhpoaq&e=1957767944024
Frame ID: A3C46E86F507AB6F1D8EC8F451AD046D
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=zyczmwpf&e=1957767944024
Frame ID: 1FE3281E43D0915736D278B0093E2865
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=nmhtxnrtiyi&e=1957767944024
Frame ID: F5A173F757A1A07CF5ABB4B67D05AF34
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=xefudsbbp&e=1957767944024
Frame ID: 2D5943A12126AC16D1840195F4A3574B
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=jewvyzwsuwb&e=1957767944024
Frame ID: 4062CCE72B372987899890AA3C112E46
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 93BA742F5911D0E6AF6BF9B22E41B3FA
Requests: 18 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=yfqcmrenshr&e=1534108800930
Frame ID: 2ACE509EFC97F39B88F18D67F5D7C5E1
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=zsekaa&e=1534108800930
Frame ID: 6CDA3FB4EDE4709A1F2D3DEA60474BEF
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=tcsdeolg&e=1534108800930
Frame ID: 796624C4147B20173F19A329D7ED32DF
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=ulmboddq&e=1534108800930
Frame ID: 6873664F48E77DBFA4C4014DE3BDDF71
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=aabgaam&e=1534108800930
Frame ID: 60F4EBC02CD2BD45CBFA43E59194C1EB
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=pnpxbbicc&e=1534108800930
Frame ID: 05E4602A198895BD4C7683DF24A347A2
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=dbjzwyk&e=1534108800930
Frame ID: 324871A449F9D97121617CC1C7D64DE5
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=rokwzcaoll&e=1534108800930
Frame ID: BDE5B4A54D69498B1CB43BD8C6E97F38
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=rodhgwcfb&e=1534108800930
Frame ID: 2FCC567B54FC9935DD070E8B2A33B339
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=kqwlsycf&e=1534108800930
Frame ID: D129ED00B079DA6A7FD8D1F4F122B46B
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=kzkosoqog&e=1534108800930
Frame ID: 32B99A9AF0F62FD291EC3347A60A83B1
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=zhsxlhjhycs&e=1534108800930
Frame ID: FAFCEEEF529F4CC946DAF53EB180F80E
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=hfbtdeatv&e=1534108800930
Frame ID: C4F65229169EB08170DEEB750D6344C5
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=xfsjbwvy&e=1534108800930
Frame ID: EFD04C69F7841EF0875F3E00C1F4E0CC
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 451FBB08DE7188A1291AC7FAA3FDB2E1
Requests: 18 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=lqajnjktk&e=1834762243861
Frame ID: 25CF81B4D76DD107A7F09FB6401F6E37
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=spwnunpd&e=1834762243861
Frame ID: 1D3E353B48FB94B4A0C0CF93FCCBDBD5
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=tlgto&e=1834762243861
Frame ID: 6CF561762362F44042BEEA52C29AB751
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=oqiqhodruc&e=1834762243861
Frame ID: A9E7D9AA258D81EE83706E9815F8068A
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=skxljarp&e=1834762243861
Frame ID: B9F234480C8C0AD95FC21432487EF3C9
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=chzwcetmv&e=1834762243861
Frame ID: 8AD13FE364D5B281626FE6BD4C50A46E
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=jippcjfja&e=1834762243861
Frame ID: A119958008ABCDC6E08298EECFC6228A
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=dyafdikm&e=1834762243861
Frame ID: 7CB163FD3D122FFE243DA03C96E01D0A
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=gxkvise&e=1834762243861
Frame ID: B684386D6CA1D45CB3AF9586786B2938
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=inkusgvkf&e=1834762243861
Frame ID: D630BEB1A8A0AA204F1E10658AABF3A2
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=qnnzccm&e=1834762243861
Frame ID: F7D5D1CF2D79186FA4E7BC1BD34D4EF8
Requests: 8 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=ruschf&e=1834762243861
Frame ID: 1EB2DADCDA238CE1CA4E0F8BA446FE97
Requests: 10 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=sjucnsasr&e=1834762243861
Frame ID: CD14E8216512DBA0DEA9404A26E91DED
Requests: 9 HTTP requests in this frame

Frame: https://flashnetic.com/r/p.html?f=kkhcmzjfb&e=1834762243861
Frame ID: AD87AB489B687F215DD81E01A8510E6A
Requests: 9 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f
Frame ID: 607565DBFF77B00C37D47C3734400A0E
Requests: 1 HTTP requests in this frame

Frame: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BF8ABB1707BF658E0356465502074A24
Requests: 25 HTTP requests in this frame

Frame: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E8CE9D07968BCF98D3E9EF98B8790FEB
Requests: 14 HTTP requests in this frame

Frame: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 780790A7FAF3CFA9A8222DB6751B4DDF
Requests: 14 HTTP requests in this frame

Frame: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: BD7DB8198C040D822A867F4CC9ECC896
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Frame ID: 5FFB7DA691E222926CA3543D7A82A566
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv31MZpqHdL_rRJdjSd3x9GLmHRMij-uhhpBkGXqp-VEpCnxfj0WdLPqnD6fuxfu9pLhuoAEVNHHOaQxwi-Va1ybU2WSINCZ5tKXmqhEoEOs6MpMZ-qZso8GQ7NYdRK4_v1q57ftyj2e5VFRiLcUe9yVxvFxwReld7xlY5q60aopHiefwK4StGgkcF8U9AE3djTHbHT_zfXBtKOxrWzgiLNmxe65hRsF9y_eMgQv6PMrJ5H8t0pJyt57CuNaJDFwp5wJqA4UDV0qJHyS3Lo7cPQ4hR0U8vHvtZZYWQsSXJ8SAsvxkI1sAnWDlz1VrpI2w&sai=AMfl-YSwQ3sTm1uUDPUXwzHfAOkWjsqDaEgxMHb3UIc8SutGJaDlfOUOPEuMKCbs1BgbDWb5a68wfFvERsPeyub61obbqM9DCc8PBRpTnWGzGEJvQeKiffNXsSk-pdPA8xmchA&sig=Cg0ArKJSzJApJwHsxeI6EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F4B1E803B221C7BB6DF98D1EE1DA4053
Requests: 9 HTTP requests in this frame

Frame: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 90ECF8AF40244DDA32D456F18C35FBAF
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs
Frame ID: 5E665D536B2F8B8FA32909AFBFD88B0E
Requests: 14 HTTP requests in this frame

Frame: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0CA347B4E50AFE20DF0C45431F21ED6F
Requests: 14 HTTP requests in this frame

Frame: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D1A082D8B5422FED29E2C86F7D55BF55
Requests: 5 HTTP requests in this frame

Frame: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 69095239ADB76661F87644731E1923C5
Requests: 1 HTTP requests in this frame

Frame: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2C482342C7747E80725CABD010E1B7A4
Requests: 1 HTTP requests in this frame

Frame: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 5E6D812B8FD7B654E632DF656E2D3358
Requests: 21 HTTP requests in this frame

Frame: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 43D4AE202F16AB65EA5DC37D05A85F81
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYpNuh0QEwAQ&v=APEucNU4Ms4tbax9F8apIokoM5wBsGWKFKA0rgo2Fk4x3T7o1tp6d_qvhNskWHay8MPebUJ_cYspNUQUIGRlwsHsa2FLC4GC_LMoce2s3GD6rVFe6QAtry5jwS2W04lb1bvu9T4WU_ATLU4Kd8rnhpVjsQnZRt-bB_oz8KKb4vw6USb0sPVj29AtYH2rLBfjceXhpZPLcOArXCuoq4D3lAeiwzhNvFL1Ag
Frame ID: D67B4489E62C793A7CBE9A48087E28D3
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGMj1q88BMAE&v=APEucNUg4YDLnj4Fc37p56xUOBTSTlZGREAe_tADoEXZUcpH_N5eFuy_D8qhcbjcY4_wWYeBEUVkdy71Xig6oKbamKR4GAn1t1K-CdWE4-Xkpq1SquxXy22A4n1Pvdr39Vah0XASjHjg2PNlZt9SEdxjDb0tlq8ejPP9GmlMnvPblTq6w71mNN3FHyb3nF7zOF7UGMA11jL1PYc-J-jVxOl0kKrvE3b4Mw
Frame ID: B345B62172E67723481FAD96FC1E2B8D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGMj1q88BMAE&v=APEucNWQ7CMEGgu7xoWrqeWfojz1ZVpB69UNnrXKGXvXVxNO8lmiwZQOGFPExeGd2RukMipOxNke_-eHrPF9Nzu6j1THT1190aYas-B8uArUUChzDQ2XXZ6P_8uw0--Tht_lZ4vfEaKpzeJcy-vcbULxQ7w0JajWKvWwiA6b-qV2aFnTYKuFQYU1AFq4pOJmpwrzoyxUWPkCk2EFGgdSXhqe2GYV3nKDQw
Frame ID: CC72F8676E63E3CE83E97ECAA8D575EE
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIyE0QIQivniAhiyxs7IATAB&v=APEucNW5wHFlOZj-ud4HFmBJAEMykCm5pkR92_id04vAkiyhaTxNMM1l0UAXxWDjt_ENSCLPCkZmzUqdycEeXA2tiemNbTNN_A
Frame ID: 0C45AED729F85A4F99F78D6CF25B9860
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 8100D817D0A631E278DB6657F28B029D
Requests: 8 HTTP requests in this frame

Frame: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 526B04D12D499C86ADDC12B81E7D8E83
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnsJBC_m8_xAxjGv-nRATAB&v=APEucNUT_CpzTrVLgMiTG8YK9i4ZiIdmy7hqqIqzVO4ipPXJiOSLPf_gEuaRLXcphmP6DGqYshQKjPwm1TXmqMipD37N0JnUxrcGgqprk0sC-R0LoVGTqAvj34QP1Zb8NG46B2hom3-kAetzISZvyDpg51ke1kyvcsky_O9x7Bb2i0IUIaO1-vI
Frame ID: ACC7DC33779538FEB89BDC1D08B88554
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BkRCEERMMhXft9XKoiYG8Q67tXmtHrcaWcjcPGixFGdcWXm1Mc3y4EnR55hCVMTbG-9EU905rjJe19Vp1VWHE6_UCrWZ32XjCu-lwR6gcFx7vruh5bicjEqOxJTvPLBT8QbP-4JilMxL8lg0FMBaqYjWCQCw&cry=1&dbm_d=AKAmf-AWrowie5jig1t60nkZNFQQtHqziqu7ASgJ7qP72wY30PIvV-t3hDxBg_O-iPPHaCd-16RXvLPV2dwdHnXaFadh3RoeBUCvUmjry-uc8q-kuy4MvKNSnLLFpaMixnEny98F1T4XcS9a59wWA7RRSytDrdy35YWo61ppxD4zmuJ0JBXzwTcVC7KA35p89nAOnrCZG684tuzjvV8crEvMRWRUTEdbbgVAt15RS_-5gPJllLnKiUcNvKefmNij7rShYA8A67sRiM9gwPXvM6x7da0HRaYEkxP6HuQatGO_Op4Ig9LvQcnYRyyq-tD2oFuF4gtcUIAI_gpnbtyTbYB6grnAeJ2mtHZ2ODeVmleIWuEvPxZ4Zg1zOAWrZ2Pxp_qfAyX-bxOIv5DRp8Q3_2v0NJsgdfGhXxjvzus5tK84bqt-67qFGxFCetehzUlvT5a6jmGmo03SMh0teHy9XeEGELPMOkkBeE2sQeY7ERzWyc9mgVh55wfbB4z8LOjhNfpgE6QCyFMHyYzXOMLkVuCwTb4IUffoPueNEmhdIs2HSrY-XhO8piiy4TAcB_EjFN1x-baS_awmdweUGTSQ_ySPZaQOueJxEDW-En-AQR83LapG36nNv9q5l1s_GyY9MyL55qxCwlxxnhDfFnpPeSVspviyejTKotZM2nE17J4kTiPApgUHMenzKh0KFFyhTUU1REyNa-bv6ZnvHtCmvAmxUMF1fyf1MeD-SX7wf8K9C8_BfNnrTM86rXrfeRhCXcw85DKjbMHNykLge-qG-guzrtEmOeNPOEFS2eRxly4rB7qaTGNokI6YpsQPwfqu1E_NFfcHKUns-QGyjjm48O1rqIFknobwjpPU9Xs64mZnAPbvjWJg7KdtRXuJy633vAkpnAhqQo6-CyFMi8Xt_0Sg3iyxQDWQiq_XbWWRFoJfltTHoxBeCfL-9SRc2np7Mk49CmJQkyOZIrWhcxuXzfmiDDC83lOGSsFDLc8zBDZ08AEFIkf1e0pVqprR2T5hICx5pux7yInZ2L178fawt9BQNLd0tZjGt95alBpXR54M8IueObPeEIiEWmTBxZOzFwEBIrZUJjelY5HwbCnirY1mdSQqK3ZJl9wdbLtE98qRRPeKVmrGO6G2ReeRVyUN-5CiO4DLvBOwQmKG_jvukF_pGMhxqPEsZ0H5T7qHdWi1nR1TdxbTkaus8qVW9wM1PHKPLEnVW9P5poORiHK9E9iWjghfQRwCJ53Dp_LBqI2YvJbcVAwyjj-eJDEmBW19Qk4c4Q0w0nWktc5XZmBiPu5wF2V4kzeK6eScs2qTqL55G5r6ObxuNmasmM9tlcOV1WliydcnRleG3wRguztNpiTmpIv7j-GmzTVuWmYIlwKNsAiEBdyFBO1FF1x4vnMqreDWUugs5NE7DBTnkEHXDoZ5j8v1kMqBAykgb4hsBp0EJJF-5nwcXOISvw3-M_p5sGRwlpAvcyL_wF6qWtZxK8I2RnynUr4EJNJkXxqdBGGcGr2bcVi7k6ImijOhyp2Cvv8Lz4H1r91VLnvw02UPwGbsGMQbgKaMpn1sgJ3pcnEt6IpCuLf_jUBJvWbdzb3NxOiNfOXnfoIB4BWdyEOI2mfnfagy1FOQgVygRZ9gcJXuhFuSVfWzbnVCPcNq4XTK8jd8VhsQjvmHJ9kAYSIP-Q0Sm4PM40EpWz_F8aRH_g-WCdmFU455cGMOP_3Gl2AmjaWu3Fx7BHjxto2R39DMdwfe7Bh7znmOLHm0-xoIivVzfXEOaY_f3jfE0ZnmwOOspvqvcn65Rw9UQBbs0PwOqDHnFzkFTKjDL97cCr9WrwcWMoS4vxvqcUHXuYa7nakRp_OPwx46lz9iCyRUo_PRVDeLCIbeUJ-l7iaJugz1hkCsvmL1-0xqdEHm_nSVgJzrafaivreVhWoy-F6jijI4pyDFKv5rNIIz2KnOeO86X3KQssAn7UuK_Vix7hGtX8l98GutpWo8uBFVPy41xyKNC5F1Xu67GDTCbVhr4yEQxRTYjjdtnNZ-fp_bAwY7_uwbs73p7_QxP9vO2vuhltEslEuFoHBXw6sZOkrMN-qNLcLIDrCbtDZ8tfMGC16djc9GrEzZU5MBxs01pozjhh4dvfiCu4dOhSjwNxk2V6E6q_ftlJQsZlu_vO6Vg4sITgzgmSTdKxzW_w69Th5UsRkY9L-bCiT2wwjEzy4MH82eCMkHYZUdpsQ8SxSp2PsWWLEABBaMAb9ruB6eqHdqk7WAw0_ZjRK9j7vbJQuGtnoJoKpZOMShT9431SBPknhxz4yySl6TDkajs74j98meRfZEfbnrzEqetbZuwLPCqZW-s3Dkz_0uwQKvtXeIuOIBKhJUFPQ5AeRPdH0dsSHKftM_cnLKRyHCnSDnNvUs10qCN0NMIAawdXRua2gHQ8d2QuPc3EjJKf77MIipLv-PWeyGoHT3mUvGKxi40woxe2doHHRLLLpXX2zDE3nVIiTeTcj3DGcBLhDpBh-3KMe4bgl5miK943JtYRDZpz8zRypfxK8Fw5lVtlGf-XLL3e_t7DdVXGIbCsdWkyaPnhSs3uA_IXkunD8xw1t_l-4DdNzpco6wrUxN3bfkoqQDFNRbJV7t_g762XSV_dQ9VLnnWzIf7vKwWIVsawOwge6DcjwflQCwUaHfwgc0QnMur8yJrHyiZek6zlz1DFqHzRBexqwBlOIMRPcA9F38g5z4NQBJkfQUQw8YFIFKhn-lqL8NsSz8xoB0UPjsQorWCBYcAFCdL7g_WNU3JdLLZ_mk71jmrCCRqtICynJXgcA32qZUCQ_It0ukMfwnr87g4GiTeKdl7UOVLDsurJgdM1yiHJQjwL3_rzA69LQv8y04IezMiPP1iZjBOzL2NpAO4QZqqDwTHQ8g6ToViKuEGjflGalaWmwWj49AMnf4urrbWcnfCqwyCwKTMmnwdwYp_JpYCiyJAgyiXrb4n7AGQ8w1B3j3RHasMO9GDJKXL0bD02IL7SUr9pIyzT0DYbQTsM8ZyPyiZMZ-sX3OKvRee_yZ8k87LjUja9JL-XPrNAftW5KjcUhJYnYSt6cuFQkkwWmmbvqyugzoXJ8FUq70JqXh_Fe_RCgOaCH3z9Ep8EIl8o6MiEbyLeSA4n6ax-edFvHnRBAbwQ2eaqm2laFh9fEcyxvLuodisDNKk0-jggscWI5W01Qs-YgSqAVxODVsyGiE6UQG652ULggIuBDnLg&pr=8:DD0FD318B73AA6D2&cid=CAASBORopmY&rfl=2%2Chttps%253A%252F%252Fearnme.club%252F%240
Frame ID: 29FC4BB60DA7AA2ABC8BC31846C11784
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: 2E531222AE2CB4EC99454860B01AA283
Requests: 3 HTTP requests in this frame

Frame: https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLFDPBMRQYAAAMA1gAFAQjf6NKYBhDLnqP70b67xnMYjYHql4-bxtEoKjYJ_Knx0k1iUD8RV7ZqMj4nSD8ZAAAA4KNwzT8hV7ZqMj4nSD8p_KkJJPCaMQAAAEDhepQ_MO-83ww4mFBApgZIAlDSifWvAVi18qABYABoif3DAXiQ9gWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNjA4MDUyMywgMTY2MjMwMTI3OSk7dWYoJ2knLCA3MzkwNzkzLCAxNjYyMzAxMjc5KTsBHTRnJywgMTgzNjU3NjUsID47ADByJywgMzY4OTE5NzYyNh8A8IuSAvUDIWxGWVRCQWpvNDdRWkVOS0o5YThCR0FBZ3RmS2dBVEFBT0FCQUFFaW1CbER2dk44TVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkNyQUJBTGtCUVZtaVdVNWlVRF9CQVVGWm9sbE9ZbEFfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBY21Nd3dQMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall4TXpEZ0E1a3ZnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBWHlMNmtGaXhwTXdfQVI4RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGWlBBRnhmcmdDUGdGaTVEekFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRzhXamppTFg0NUQ2b0JnR3lCaVFKAV4NAQBSDQgBAQBaAQUNAQBoDQhMQUFBQzRCZ28umgKZASEzeFUtMlE6-QFkTFh5b0FFZ0FDZ0FNZkZvNDRpMS1PUS1PZ2w9SRRCQW1TOUoBTwEBCDhEOR15AEIdeQBCHXkEQnABLAkBBEJ4CQgBAUFFWQHAQUFBLtgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi_yAhEKBkFEVl9JRBIHNmkxHPICEgoGQ1BHARQACHELASkIBUNQBRRcNTMyOTM1NDTyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVgRDxALCgdDUBUOEBAKBUlPAWAEBzdpnADyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8IsBMIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7bAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTQwqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDTgwNiNBTVMzOjYxMzDaBAIIAeAEAfAE0qENIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBev0T_oFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBvgB2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADi6BkAAyAeQ9gXSBw0VdgE4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=85f1ffbfe2c73d687718e9a13ba75cf87ff9cc24&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dbfcpqssjcvc%26e%3D1957767944024,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dbfcpqssjcvc%26e%3D1957767944024&
Frame ID: 7C094EEE7D0877024EF5B1627165FEAF
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: 5A1FF347A44C71AE18FC0DF6F6D0AA32
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Frame ID: 1EED29E9B71C8C28F533DB10ED504369
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: D5FB66E77789DD659BBE8BD36ABF1702
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Frame ID: A1843FA98B161DF44228B32D2BC45EE7
Requests: 7 HTTP requests in this frame

Frame: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP0P6bwgdGQsvjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAyiJtAQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd1kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0CZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96585%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1186271738
Frame ID: 312C9EA0B915831861C9A09BD55D5D73
Requests: 23 HTTP requests in this frame

Frame: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUPy5L793l_0MwjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAQiXozgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521JRfSkAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyMUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTIx%2Fbn%3D97002%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=300805794
Frame ID: D42AE9FD4E2B45DCD075699A42197E60
Requests: 6 HTTP requests in this frame

Frame: https://static.adbutter.net/libjs/third-party-pixel.js
Frame ID: 8D4CF83567617A274A97148E4808E80E
Requests: 11 HTTP requests in this frame

Frame: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP3dAqpV0pb9ojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAYSNJeQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521MBfWkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2OUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY5%2Fbn%3D96751%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1251337577
Frame ID: 537C9C228CA8ABBB1F01B3F507B1C2F0
Requests: 6 HTTP requests in this frame

Frame: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUPwURx_nJzGQgjYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAGiOtYQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdKkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjE0OECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTQ4%2Fbn%3D97180%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=914353365
Frame ID: 768C5081783F2E380859F50683C6DB23
Requests: 6 HTTP requests in this frame

Frame: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP5X7-VffJzUojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAVyYs5AAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LBe7kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjExOUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTE5%2Fbn%3D96994%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1253409750
Frame ID: 8F91E9DBF6D966CB0C29A180636B6C50
Requests: 6 HTTP requests in this frame

Frame: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP05HambBkCwVjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAhibppQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96722%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=699077580
Frame ID: D12A54A07ADD67E17B37D89D8FEBF643
Requests: 6 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative/p/806/2022/6/30/37554855/39104ded-0abd-46b3-aa40-96feff44ba4b.gif
Frame ID: EEF971FB84270C73CC016FE9D64FBE8E
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: 86E312BC61D98CE3D94FC1C32434B058
Requests: 3 HTTP requests in this frame

Frame: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP1Svmx6DSP86jYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA6yIkUwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LRcGkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA4NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDg0%2Fbn%3D96847%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1251418248
Frame ID: 5CF887CBC724413B89F24B0AFC8A84C8
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnsJBC_m8_xAxjGv-nRATAB&v=APEucNVvMpQzNF8shX3_SWkVlSXDpvBSmec7fsQoHrObOFYuKhuU3l5KPvJn2kmf2xozfZGhlfNKf1zHlrodvCY65cURZydCLNFCyW-N2mSv7D4jS1CnJNnt19CjlGMVGFZZ3s6XJQ5mcHUrQICM2f-lE-PagLo66CqDTRVMNSaHlOYI9pSKwCw
Frame ID: 3B18936ED0CCE0BE15BC060F3DA26F24
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7uw8QApOHlc26dRTsXGCrYXgLPMjXzb3H3U9tyJETjDuf-ZZTjFsEANrsMol7uDBPpJY5FhXheb8wgeh7BuiiNM2wKwVE6rUwIzXALtpKaOkbaZHvJxxp5fgSzRi0mvIj8h46TEdIs5RG93PxqMRFo7V3iw&cry=1&dbm_d=AKAmf-A0Kq4Hb3iqW-FbmJYZu_HQOVYlJxAYGxwEIW9QobMg2GlJYd0Kkgt_1Al8pKWqMSLcyXRbKbpx92UupQKEBRhld-ZB8NX2xycs0ghEiVJ_LuauYBygvif4pExF6IzUZdnYL7pGZOd5zFa46O-_htzvdxf4vz0wGWytMYVqIjrnzzuzHwYFgv2_3op8kS4Po4gK0toh3z20LssspdTaAtTvOee_TpNAe5O1SJPGA_yHSwJxXVxz6b-lSLPW_xVor4dLLrZSRowIw_eQSTLHu0btbp7p5cT-Anx5lvf2YTWI2KfD1_CrejNF9o6fBUmmozNFiVoILOwbLi2eXujAutKW8onsrYiLzbfuounjgh1cWvGn6o_Hn0SFM5OPHy526kVO_dhiqQRQ9GYyY32Y_XSgFnlPXMmN6qtYZKYTZSkn6qfJSS8mth3i74QizX7d7XtJo7YygKwmY3vj-HZ4XNq1m37P4O_Mgs9g3AeDPxXfadVcm8K6v6fCWnOyJ7QzSswiWwlAmeREmN-3vGFy_NmdqmKAWPeyXKGIV46rQP9DtQAAH52GyDGhg9_Ily2PRaJZoqMmkBcxtg2P4Hhfs9jbk9uaFQP3rdQhelkagrlX4TDBYxeycmaxaumlynOLr4M20upJsZH98fDp6_Px_mQwFbu2z6EM8Mjsz5P0zL4LEOaVkryzkeGP3itYiCgXz_mnu9bJXqdOAo2cJe2HfdvGKbcvl6E2toUvvJBF4kRKwtVM2uOtDgCtQSsHsCuFQGmIUDwJT1HGxovEhilO3wH5JDdVOvX0sQIsyEPY3JKfxBY2EkTSvoBpWFjf307a7MggIFEz4LWEJX6_LHIN06b9Q_rUkfwDVKT5NIPjCDoR0cCL3nIsDS50DjobWTl4KW3itTXhxOb12CZ626UuIcRaBGv2M8kY61bCiQml9iEnW6kHkrQYZJ0MpgF8dok2lhOU5e7Xz1XvSIRTKmXd8lCJghH4ruNClBT5MWsvbVWIAKrCbCYqEvb5_4zVenTMGHePnYzBoqzmWqGZQ_HhaLKuBS4PYJwdVWwtmaR5qRifgBshi7_UjyHRE4jAPoUc19DHyjRaDvtQIhUIFiwVI8UN0ERspKqM0BLbZLgQGEhwehIFGhmLSIvSn-R8lFirHkC_niakdyF-xSeBUt5_8xZV7dgO8hK7kCgy9-GEkW1KjuwvxaN0lpZubHnZVxGZXj6VDGy5M1tk8adkghwSeiYXiQjuy7VnRvUrz17bnj6itdaBRaImx2C2FOd2F7ijqa858J7UiPLLxafJc76g2D-ivwtH-H-Z_9g42ftHlXYaRn9483nFbosSBk4xDVpzbLNNo7cKv4mtQr1g3lcs7O17ISGcBKgaq9BtH2ypcs_vBr9Ox6OJmat65LIu4w6gfZ0mZYz7OdEPBIWdlGIWoDaQcFXyrIYHBY9q387EKunHYJhzd2rT711C_gOI6eOU4S-u4x5uG-7OWmem2LI1OSky5_kymybAaqmTfAp6raDLUkZYhLr752VkIjJO683j2qLsLURQBIGhbUwrYXzllGpMvfP-GK5eQynjL26hh9fuxeka_f04_nbVlWyJZyUZCLed9wj0pNys3sFrboftaO0LdHdpyLAJoFRlbOD3JM-lVYowWKovOVpYGUpy8JOZ8ICeaOe0aqRVi--WEDyH_XdUjfq2eF70Ix_rDFOEzMAopXm9mPWaB7xws7FAe7g_qUNdLNVWafI0i6Fx76m50SxbzcdYhNgPBelBzYWmhic_pZs-7rToMOAZajM1z8jnOHp5IQRIRQfcijGi3aFIZdAstUhfiaDvpi63vzT0ay9sSStnkeXj4_OW_XpcvJ7KyM9f6H9e8Wa7CZ8tpfL4TxFf3F9-r-DmKn_pRIA33An7y22PygGBoAMMn7LyT2_c3AFhtZQXMoPhtyQq7wf9izqKpvVSPqjBl07aeino4URlhnpfNpHZYGI8znLhOWUBRoTzSggJLxXig6w7qumQ53SVbvEe-9RuO9ohV9cZoZw4dSijWgYGVJzM2V55ZGy95L0P9cWFgH7YKrC5Ecrh9JCQJ06U4FQABOtWE_1DCn8xnJ96KRBrqQu6lukMgm4vQrJ1nwSaYBp52btmCAuxb64HOiJM0Ps0b7m9pSUswQ5O5QNr5qQmKIXcKgYiRV0D1hF11rvSOUuVudZiGFrSp9D0MZLP0JVQ097kxMwFZPil7WEVXnj7_BR-NpshdPK2VY5lIP2v4lP0COMImQFE2kge21PNDo7UYqcmzJkpZy_4ah5XeB4mdkfWHvnRA0CcDhYtcYVW4MMI3RiBXuH-vrD_guoQH_V_udtKN5PebHdpJmSlBgB494VveuGZg69fK4Vrk4PgCslyrYIphEq-7l3Ge01ouVAhdwfE7WlLFYjEsLnTUFt2IVTwrukv9Sy5lPk-TG54yPn8Q4fL8jk3EZmR9VYOiD8Y-D7I9CdwJPq6kVCJfU7lU-iS2N4tjuFGht9BwUpaZ1WBwk3UCg2q0G2aVsDVkzk131DI7xxYnZGwxpaiz9UeG_JHjeWhqPHJGSKbP7_ena5shxMgTCEAkSztpbjp4JG5JRLr8rVvPXDNR9l7R7-karVoR0h8ikzMwLKFwXr_Z2tPUfG0CCQRoIXqyTPjXLlqnY07WCqv9Dg5K5Jb2s0NdIbaWBXhfBJzwb5srzwHoT9HKoqNOdGoO5cqCKXfa5QsoBgP6C3T4_ydpCHcVkH9VUm1MHHQcWUGkTK2xo7Hp1tfND0-jXvfmAwrU4UQm1v9whQIw2k81tQvfLbPP3rCgfwqXw72CLOLbonQendofrUTyB9xlZZx_8cddsKBZAJ_UYtB9MjV7Xcs78fprsvecOlgqwsJ69_Qlsn-gMDfguluTuLj7RtZ4obIsU8uxZEsaDS_GRdmm7P6VVyHhNTuWW2cZ6hwg8gPdYuOuuZhsTAYziBlFJOVa6eYOcr9iqS6Zir9ej_cuGG2DQlxMJk_twFxu8K2rB-XRWxw94Jw2L3UeLStyDtUwBCow2YHQtTj_qTYTg6qE1RtGGy_yTxkZaWU16hCp4z_guVErWgpjKdhuskyGXmLtNAHuALzQF3FALOJqaxOQrOOe7SFr17hmNiOZ4HGEj067z0DXGyBIh2Q872pLDHkb4gqQy-JQ8OqKpoDEi9O1v1A_0PyDBHiGrbPbxMW56Iln8T3BPfS&pr=8:36C713CDA900125C&cid=CAASBORon_c&rfl=2%2Chttps%253A%252F%252Fearnme.club%252F%240
Frame ID: 3AD267CDBF86848F12BBF775EDA811E2
Requests: 11 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: 22493BFDDE6EE76363E96CCA92FF3DE6
Requests: 25 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 60E3F39F23ED4BC5CDB8B0CFD1C65A68
Requests: 27 HTTP requests in this frame

Frame: https://www.googletagservices.com/dcm/dcmads.js
Frame ID: C7BDA1BBA7B228AC62545D37A8E525C3
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnsJBC_m8_xAxjGv-nRATAB&v=APEucNXwK_JuYiF7G5nh5rrgue_jEAZslNNFakpG5XHhQaKfGowIUtta2L69qqfBQRUe5I2yoOq4l_wNu17llTxRlVgco7tiWaRm5UyQtxuEhrpWB8ulL2kdEGe9KpMpuoUQr8yQ-P-xCwa7CeNd28ezUSH2GrBRk8UpvnYzRdWeirU7-NV3Hl0
Frame ID: 6685FDC85BEB31B27B2D4041C7978746
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNbj1an1EcanEt3OhdCnhzy2rb5EXf6u2PF-4MwX5R2gWjQ_nUvYuoJpflTv2YEopuX9lQhgTnw6dqtSX7Y9ce9cNF4lj0G4UFixN-fqNNPM9og87Z1TW6hUcx9vRTgxOAY4J6Dt75qyvALsNjWM-bMoSrtw&cry=1&dbm_d=AKAmf-BCT9zim6Tmj9xHl7Y6SxlGutemWlcwxc-alydYCCnSeFOFfCwSrD1pIsUtxOi0locUppTMAZnELp7rljkFYBZF-DeWvEy8RmZOYvJedy36887TZ3yoFDAm40AkcpJwH-7YAnONDvzs4BKTNQq4TH3HRRjUcXb-LmQ0bPT858sOOzOVYdycDxCUbqhMpTa4Hat7F68K4kjYrRHXMzTcKl40kQh9kPbKIS-L5ghzhXUZbgJ5N_ap7dzBerVW1im6PAJpDFaxrL5Cj3qzfvQNKP4jVf11QnkgBhjnVXm-Tigd_1v1IWNGBqWjc9aa6CT6VhiljNZa0HG3MXmyQmRl8V6HwUhQ2HuMkXrtCezwQ22Yu9dO8EEkSropmDrEd8Bu2C2HTxUEaEWWMxENGpEfSmiAff0u6pbRclgezItA7eGHV6D1GtQTzgMSJzLKRAO2wOAv86AgVZ-rroqh8aR4e8zJ9v3pFkyIY2WtIrJeWWLgxkf04WbNIjL6upYkaGK3YT3kwqieHleNyh25krHnJUoLiOEllQPusgtOcDBBW5e2wca8QgxT9c_Rsp4nwH9f77TD3Zee3TOtch413KZY67jb42vblFfb9AJNtN30zG7SXtQ1XQGqSvAScfZk3M2wNXA5H4-kAbl5o5AcAWl5xqWlEAoJauem8roFQ1w4PCaNTRXfG-wF56Oi3SJA_WsDKwHHLmcOCy0HUEeE9-tJS4D1oqhH8u0rDDT9q3zfEg8SWIxW67Hck2e9oBx0UZmBxqdq_keCY_i6YnlCjaTKY_gvLi1cRO2fm_iYlSLeSXLXoKUhmtCxPcYeX65U0kf_zxOgiHPl_Pcw_m5FVEPa2PpXtLHRAFBPjUWv4s6MM873rV6Slhrr7BYS7uJAi9VK845mt4qNeNevKBKFpZeS1unjhKu4fiUmAeLeXwolE4b0FFSlmJAUk0UMOunfQHjbHWq9U78XBGi8W02LkScLh6IYRSzjlrDUc_--A1iqzNZSJXr44_dGCse-e1Mzh5DjVxc7J7w2gVoqc2wxoh0v9VP6IRqxGslFsyval9LlG7h98aCafD3s2VBQ_JodvIdbo4uljwCoHSNnWbM68yAJFZBY2I4Ptwk48_bgnlhRmUDdNYqMsh51vRTRH0vVhILKEq85TyvtvXwp8VGNVNmhkyENfwTDwkECLAVLhJnTsZ8jChhewxTFjDVxHDVgjMF5tiaV4EieW2njq-ErFcy4d4aDjcbg0f0OACfgQldNTbyb-s4QGdB6Qq1PSnWBxX07qP57XL8bY2YtijloZxO_Kll7guBfkM-jB_c_io49r8LlqV-a0WgvxdTHIOZyGmHdFvhqTxKMkxAtwOhmKhzLjdU7amZm5oX7TLRTeZP01QN1-EG4gwiPvwmu3vrUBgntsigypSaGYoBMJCfed3H9y9-V2t611xPxC0m1uFkJw6FMcAcIbE_xE1wQU6e1TRc-_RMw0E-yMUh7gXAV2ZMWRH-N58yLhxwQmvHN8nQ3vxRPK5SRgT5qnxXDxt8ZnwMFdN7Oy3gt-vUg9Mf_kEdu_OSAnPx9XufQ41V6zIEj_BOmqybz2CfJ_FhT5P-6NsS-y15P9W2jinSkE3J7Qsx7269J2vAsi22QgU1K3n1azEdR3RjsihfwGCLqxpvt-BCs-gSSdKg-NJ4Miq6urSE9GsZwkln0n3eNOfZm69mO8CsMfXfLLg5rD_4okgTRsyXzeoqZ3ynDJ5okG6kDLkktvvNgADYkU74v-cAENHRt4OxG3AjT4uv3psS5Fb1J6lt28lQhwjjEvZFAi0_GvlbfJtOIhpL69YhR2Y92fVHnrBosKSxg9HfTDQNDmUFphkZNqLW2PlJyRSXkcRB0MFaPQJmhmzoAGNOfFdrKKrVKNaXgXiQV3PKMLWqwjpq-yk7xI0_DLnRFUj91XALJxgea9Oo492eKyLOhg6Y7n3FmL1WF6V3ST3gjxZQJi3z29Tko7XunFfDIkWQL_sICD3Wh5m_Ez7mlRAAwCavz28bpx1VGPRKj8OI4svNDgWAJaIWXvuFYgoTvwxF6r90em4EPwkFGmh-iPBgcba_jXVWKDf4OUpDpG5kny6GR-no0l-uxTXSVyS-FgmzMHLPpGGfIbHUsZyrDBn1Kl_FAQZNTImimZ63aE3TEOPAa3dC6lN18DmpXizprQYlPgu5eKU12k9XMfbm10FlrMQLoPcFfBVgFgfTuDmONi4PimD4wNoQOpA8G77RyvQBy5OsQMuaiU7wWBWCgkrL7nfqIkNiu9Ylz_yAbK5ZnFowrBco-Z4SmUWLrkdWpid9EYJOT-KuUuuPTxa_T4JIGn-X4U0yF7qXGAqTiOn5E-snlgHbe83AQ0zQpFkdLDH63EIuHnnlsqboBLOOpPYrBJiMXwII7P4QnEaRa6LYFt-0ogX1xj2czOTgKcsVbslFSpoJWGYUuogJcmKSh-Us6ilulqxdUykzqHns9glxShIbNWU-0978n0LF_a5ayyuzHgeWGf8IayaIOB0DcpVsOqdzcxGv0o-fWq-0PBX61_5N2tH1AwCi-oxnzD9qcHbachjmYqeJs9gJ28tLdwvV9h-eznaAl-fOxd2HuqdHwLBNpCYshjSw0rYVvmPEVEKT-jlM6B1A7NzUgSjl6HaowDPFaen--Zeb84xhPUcGbQUFXtWhl9gQvFqppYJbarBSV5p5nmjYfLSBzqy4veioZ7tEozuaTwNlktnH5J9pJEjxaUBdQJtL38iB7EjVfbBhXTgPPPL7UI1I_rFrybwmA5Jc1kpe6J7c_eOg0AMRf6dwP-NHe2nR-ypONtSw4UpcLXyV-yx15t_VKalSXDxq6VbuDtdTDCvPKhBqAAb6Q-cVkCDB2d_BzX5sNoCfV83kzXpfUu7-vSOGi_lExj8Rm28kpCgloZ1oD9hKLoOuWjvCQpEii4Gr7Dh04uEmiAPOn1bEB3ECqQFSL14CaKw6pM0dLIStSwpjtwQDIW582P_ZvXzbE87WHooxfNlJNXgEEySanNoWI3JGW02nPzZeQxzi4sOFBUD33mLYMbWADkvAUu2wSmZefEQ_KXX6exfOwCpfTiZUotDNq6NvYFKP7wHXKq_2gdjf-RfUdHJ--ZB76feo1pSXhes95gGZNU1G1YDsi4_cZvQtHMi5XnzuT1o6rxx9Kl0ghpdDKruyFCVrqiTDSFarUvCWh85V1&pr=8:E564CC02B563DC02&cid=CAASBORovoE&rfl=2%2Chttps%253A%252F%252Fearnme.club%252F%240
Frame ID: 5C2B25DA15760BFE27790100F064E8A7
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: 28D4A92F0BC24BC452B4B548E70FC0F8
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Frame ID: 5635D39BD5532D6B3B68B225876FDFB0
Requests: 7 HTTP requests in this frame

Frame: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUP3QAhFfjEMULjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAZSM8LgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96723%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1235416354
Frame ID: 68B8ECBCA80DF3885B646596B2F0436C
Requests: 6 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative/p/806/2022/6/30/37554855/39104ded-0abd-46b3-aa40-96feff44ba4b.gif
Frame ID: 8AE41FB3EE699CD39D6223DD7B5B846B
Requests: 6 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: DA65B1B6F0713629760E72350524A57C
Requests: 3 HTTP requests in this frame

Frame: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FnyvqSOsokT9k-Avqy8mGPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUPzkfOsE94mtpjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAXCUTEAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdNkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA5NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDk0%2Fbn%3D96880%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1431256302
Frame ID: 5CB0867F29D31B288D1EA3D783E4F2DD
Requests: 5 HTTP requests in this frame

Frame: https://crcdn01.adnxs-simple.com/creative/p/806/2022/6/30/37554855/39104ded-0abd-46b3-aa40-96feff44ba4b.gif
Frame ID: 6228DC2848C5BC71188E9F0E553B76B6
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: F6A7AE6994CA5D23837EB832E4947F8E
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8NiZyAEwAQ&v=APEucNULggbGckJdnosTUmUgu_KmqVFZzC0iGUH8l1MCDetLzCjLryQ98X5x08LDWrBNwtS9BQkaHDSlDRVxhwrxZ4M9V9zBpWeekTc91F17S1UKzdtSfHB5jo-NzuNh2j7j6ThE1YryBdqILkalNaw7mVLyJANW-oNCQbN1pmYXFwy5QK6Ny5Y
Frame ID: E76D38E89C7366892D303B5576EE14BC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjLzZmxATAB&v=APEucNWEnDAkk0pWCyYUCNdZxxQzvhbWqGqdJfXT43hBhLGlC7C0K26vqVfScjZpYXqyAfyW2WLb9kR77ceunGqeYFuMNTYCqlWb978ar6wu8ZduZ-XLRAotuJIO5SiiJzTTmZe4u4YsLOjJYCLY3nTw64zSe2Lhn2W4R8-cuhTs9f44NthKi64
Frame ID: 910E4E290C239E120EFBCEEB56A172C9
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: 91A3BD2D3FFFA370DAA7FDA687796A32
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: F33D032EF70E090DC2FF157025CD08FC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 4703EF2637344A5C91BFF89122F7965E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4A2B4D773328BBAC4F4794A7C82ACB9E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE34FC304CE2C456F5DEA64A82DC6C8C
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: F62826ED28474E9A6931A32513B2D8D8
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjLzZmxATAB&v=APEucNU02-nESgZfkQnrn7Ri9RNVeTCuc41NJGxhZcg_B0Fy0k8HkQdqa6GP-HYlzknzCz922GEBWYx6umF_TX1L7px_c3k0SbDhOXcIqzZ3IP8PsUCP6U-JTEx8Rf1vBZzvBEKRhwY7AzVDYZBEIOu3TDaBznUWFpv6Ok787H8nbATlaNLhTuw
Frame ID: EFA07F933FD6DAB571E6CF5F29739D3D
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5B4B46D8F71B9E6749680FF295844B8D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2BE282C20974479E00DAAE840FB628A2
Requests: 2 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dzqobcegrs%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUPy5L793l_0MwjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAQiXozgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521JRfSkAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyMUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTIx%2Fbn%3D97002%2Fclickenc%3D&uidRedirect=1
Frame ID: 01495B50CC59B9AA180C54B33FCA508F
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: 42B2B27BBCA0203658E661237F94389C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E416AA0A507B5F08A81280E0760400A4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 76127D4AC9FE068D093DF0BFEDAE0CE0
Requests: 2 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dtcsdeolg%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP5X7-VffJzUojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAVyYs5AAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LBe7kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjExOUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTE5%2Fbn%3D96994%2Fclickenc%3D&uidRedirect=1
Frame ID: F74FF4210203DCB1CEA70577BA7373B6
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: 575FD48DC512C50345D7EBBE759FC7F2
Requests: 3 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkhwcukop%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP0P6bwgdGQsvjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAyiJtAQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd1kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0CZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96585%2Fclickenc%3D
Frame ID: F6C906C3C3F7C5736880E9F255E14419
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: 683C140F76190BD9E0C7BCE5C5B4B33D
Requests: 3 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkqwlsycf%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP1Svmx6DSP86jYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA6yIkUwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LRcGkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA4NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDg0%2Fbn%3D96847%2Fclickenc%3D
Frame ID: 4F9D14BA1B615BC16C48232F2EC86BB5
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: CD883C6042E6CE6905112F98741DD8FB
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B25D8A79E75BC6B69F5CB88181B91B2E
Requests: 2 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Daabgaam%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUPwURx_nJzGQgjYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAGiOtYQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdKkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjE0OECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTQ4%2Fbn%3D97180%2Fclickenc%3D
Frame ID: B2302A7C44ED67F5B01DBBEF15D98BEC
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: 759DE235F7B558AC2A7AFDF1B337A71E
Requests: 3 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dxfnkvhpoaq%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP05HambBkCwVjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAhibppQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96722%2Fclickenc%3D
Frame ID: 3FF096CA462BC81AE83DDB9538B928D7
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: D2CC09D7DFEFCB0351ED220DE23F454A
Requests: 3 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Ddyafdikm%26e%3D1834762243861&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUP3QAhFfjEMULjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAZSM8LgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96723%2Fclickenc%3D
Frame ID: 1709ECD70930B587DDBAF8E5C57E7E36
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: 6907F380942072B58571FD3175E083CA
Requests: 3 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsjucnsasr%26e%3D1834762243861&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FnyvqSOsokT9k-Avqy8mGPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUPzkfOsE94mtpjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAXCUTEAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdNkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA5NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDk0%2Fbn%3D96880%2Fclickenc%3D
Frame ID: A1676BEAEDCCA7F9DF7E57E93CA3CFF1
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: C05982C9B915A533902BF9A3F0A9EE00
Requests: 3 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dyfqcmrenshr%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP3dAqpV0pb9ojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAYSNJeQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521MBfWkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2OUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY5%2Fbn%3D96751%2Fclickenc%3D
Frame ID: 31C907319A993B986D5904662A09B472
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: 0DBE7DCF3A7D439CC84222A07E2B2CA7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 764B4621F29F44407360936C20C3CBF3
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: 3EEBB347FE6A7526218DDE80D2121729
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 2AA6E069F4925542FEDA5C05D7366DA4
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
Frame ID: D8E27D41C8F6398651C3B74695067D9D
Requests: 25 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
Frame ID: 113095129377BF429E8EA8482943EF27
Requests: 25 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
Frame ID: 8157AC3966C45BC9C77A9114C4CC0103
Requests: 26 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: D6D08C348D3A48812FA919D7170D0F15
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: EBC6AAD4CF83CC128D34476A02BC1314
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 3272772B283BA25CE3E3FA28A71E1922
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Frame ID: 2B266889459D9F0CD05CFA4FCD06FCA9
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
Frame ID: 986CB0467F9D597579F53BDCEB1D6BEA
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html
Frame ID: AD2620DE63DEE32E4025762B5AD83F74
Requests: 1 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=474e4a8f4447D6NEqpObTyZkVQZ1HYZ3pmA3HYA0zHIe4vGCyxGBiPel20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=65059300066552001467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp14nt9hfjdlipsp%3Ftprde%3D&uidRedirect=1
Frame ID: 698A138C5D2EFC0CB5400B30BC3AE3A4
Requests: 6 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=adf7c6b5ceceKORReRtnH2DwfjNQfjFQZ0HwA1DoFIg0mAiHGgbxYk20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=38291500066552101467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpl48wjso8pzrvht%3Ftprde%3D&uidRedirect=1
Frame ID: 64C6266F2D929099DCA61A4E5C557C0E
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7157624420957819130/LR_QMO-759_64698_AWA_L461_Motiv1_CM360_SuperBanner_728x90/index.html
Frame ID: 72FBABB8E842083891C893954E378E04
Requests: 5 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=60d2a4a60c30SPH4gRtnHlRwZjHGgjpmA3pGg0DoFE9PmC7FGd8Zml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=10480400066552501467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp0kz5cq9vyno49h%3Ftprde%3D
Frame ID: F0CA6C0E4CC188242F88E9D30EF45BAA
Requests: 6 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=1115e44546182O02gRtnH2DwfjNQfjFQZ0HwA1DoFE90Ghvvmg8Pml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=37787700066552701467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpdhy0vsgeo2osnp%3Ftprde%3D
Frame ID: FEF566A6D66C70FF6D58182DB3BC17B5
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9714AA99767C6E14644B63355D094EB3
Requests: 9 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=0c5a64f00551j7CRYrNdEMQAlPQZjPYAjDGA2HQgWI1mAkRFC5RGj20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=61469100066553001467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp0wpsq0atmt01rl%3Ftprde%3D
Frame ID: 2808F161348A21560DDD1AB7D6A435F0
Requests: 6 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=616649953d598IDnroNdEWGZlNGA1PmA3pmA1FQgWI1YZu8XVmllXi0ej20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=59642400066553101467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpra7js7vbzy6012%3Ftprde%3D
Frame ID: 5B01F04B6C6B4CCDD4A13FF8018BD72F
Requests: 6 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=8792da03ba34LORJdRtnIlNmgjVGZlLmZ3Rwg0DoFI9pmXwHGCuXGk20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=50892600066553201467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp9qi2g7umd8uy8z%3Ftprde%3D
Frame ID: D39AA399687A6BF5B3CCA5A6C2E9A2F4
Requests: 6 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=5847ed2bdfcdj6NgwpObJyZjpYZlRwZ2ZmAkLYA0zHHi4vGb48Gd0fYl20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=88059700066553301467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpzisq3d9x6v89fe%3Ftprde%3D
Frame ID: 1715E460DB88766971D93FB820E931FC
Requests: 5 HTTP requests in this frame

Frame: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=416001b9e73a0THg7UtnH2DwfjNQfjFQZ0HwA1DoFEgvmb48Fg4pGdj0ej20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=64787900066553401467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fphz41rhwbol80qk%3Ftprde%3D
Frame ID: 92E063A103D29746E684EBA0A0CF5038
Requests: 6 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 7070CA0706540A30250C99E847D5D1BC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 48EFBA33072C0C69B447FD736E62BA99
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B743F042A95C1258B1B343AF4FC4CC7E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BEE5353DBB69103CA8B293C2AB4F236B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 03D209CE932C79AD8087D95B70ACFD9D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6D5C77E34684DD3F53B266DC34882E2B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 82B3007CE72F5472C012201ADE1208C6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9CB3B2C5E5DD2C945FC93CA8A8EAC9EF
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
Frame ID: 90E9E286888919F8F21C29CE725BEA5F
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AC7A1A07EF853A57E5DFCB064E221387
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 01436C954439DCAF48ADF4475780DDC6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 22C9A4D0D89CCA506D65BD3407CA3D58
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9548364294205117&output=html&h=250&slotname=7769709079&adk=3124451273&adf=2662694622&pi=t.ma~as.7769709079&w=300&lmt=1662301282&psa=0&format=300x250&url=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662301281571&bpp=4&bdt=2640&idt=817&shv=r20220831&mjsv=m202209010201&ptt=9&saldr=aa&cookie=ID%3D0e400c037c8bfdab%3AT%3D1662301277%3AS%3DALNI_MZzw-cdoPIN5zf3SH1xeA6xcBPz3A&correlator=1765505669578&frm=23&ife=4&pv=2&ga_vid=937080875.1662301278&ga_sid=1662301282&ga_hid=1565264521&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=456&ady=720&biw=1600&bih=1200&isw=336&ish=280&ifk=1447988040&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069330&oid=2&pvsid=68508337944220&tmod=1294096044&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kk8na3eovx6q&fsb=1&dtd=832
Frame ID: 10B530299B47EE73AFC9C545D09953AF
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=14829200066555301649441012072010
Frame ID: 2D9D71EA307FE93ED90557846A80400B
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=81767300066555401649441012072010
Frame ID: C46FB876E064AEEBDBE44461E74C91AD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B0F11E165A9A028CCF2F347D2DD5C34A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 07F6802B2DB21551C36A0D273D196E5A
Requests: 3 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=18038400066555601649441012072010
Frame ID: 4F2400927E66AE2607FCCC4DDC873AD6
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=48487700066555701649441012072010
Frame ID: 7CD92E3C74FAB9390B3C8B461521C71D
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=39536800066556001649441012072010
Frame ID: 4B7F2C423E5C4FC3133101A8A2A6B4CD
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=54264600066556101649441012072010
Frame ID: 687E75628302D409E3CD372DDCB2F22E
Requests: 1 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=38808200066556201649441012072010
Frame ID: 2F254ECE9377176A93A7B69F168AB6FF
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4116114141538100331/index.html
Frame ID: 62AA00F93EBE1DDB4597C7FC3E5975CD
Requests: 8 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=35926900066556301649441012072010
Frame ID: 3B9ECAE7882DA079D8FD548A4A54966F
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6882349452927450974/index.html
Frame ID: CE7C5EA99E65F3DDFE9F9342ADC93CDA
Requests: 8 HTTP requests in this frame

Frame: https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=43127800066556401649441012072010
Frame ID: E38BFAF747C45EA3A5AB0E40583274F6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FC3859D0BC788ABC296A4026BF2783BA
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: 2A398659ED3CA8580C855729E14B5709
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: BE5BB9F5398BDDA34CE0FCF6E1F53A76
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2F8EFDF0422F934FF052B43C3547BA4C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F8979033011BE56C0A024D8A031B34A6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C7BFAB10DE9D7B35F7AA59D4261291DE
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 54BDFAB989A85953608539268BE840F6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A3BDFE4E1EFA02DBC21A0C9E2003F95A
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 633C19992CEC57745AB2C4A7CE147221
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: DD580719EC81EDB8708DB786B53CB9A5
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B62354BFC0A8007796C7BE2D0911D5F4
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 7EF3200C2814EAE504BD78413501432A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 068E6C32DED91E44F0CD7AFE51B511BE
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 696F62CAF0F41BAD3C835144660384F3
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EF940E8CE2CB148BC741FC95CA2C305A
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 79CBFA3FDD4883617ABFD16382CB696B
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3D6790A2AADD0A5AFA5272F0E2AA3EC0
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 7D900C3792664E2A753BA7FAC4428EF6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Frame ID: F86CA17C2E3396807923FC1A87757D58
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 590A46C6A112AC355865D1DE583B5FA3
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5AC5C88474568B58C225332EF3928F27
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 15E4A33AFB18198EB30232C67A0F5542
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: DDAD8FD2E4EB7A0432D484F750B1F199
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7124EAB7A1A9CD4E4BBBFAF41BEB3729
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 895519D740102D994AD6F3DCF39F2C14
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 4DB93E1C3FF13FA426317DC5A62E0E77
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B8041A808055A67843FADD1466004853
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9BF14328F5FF2277AB2256947A7F7D50
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 789A06139376D5F2A1B7F3C5875547F5
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: A4E2D3681F22721721BB1E3C7E3D1D4C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F2489CEA8BEC330B2C5B6FCCB7AA3F88
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Frame ID: E8CA5A87E05950183A6E79F89BC8B093
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: BCF56A13B7EDAE31E78031EDC13B6453
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 59D73304C408FF86646A7863C78539E6
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A411ABED57B417BC216CCF953754276E
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 2E9E1DA6EAF1C48EEB52A250687C5B87
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 13AE73EBEF4246B2F2B2C25C77702CCD
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: AA501D8FF1A1B6B0B5DAB6467AF834DC
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DE0B98B0B2C927DFA30CF5C89245891A
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 488BD80C2060BB4A756CF12C563AB2E1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 66974A50C71B5E4AC50A8AE331846BB9
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 61F6E70FE97402280392EA01AF67CDF2
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 87284E52F761FCC0DC1787B75AF8394E
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5C651AF725B9086811B7244C94C8935E
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 3F5A8009121FB7A4545DB13259D661CA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3D6C418DB29EC273B63673D87E1AB9C0
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A140BACF94584ED8D4B595E0225E30F1
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 94736CC0E2AF359A578F5E626F3C2DAC
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FA9DA194C3070E93F82C52EB635E6604
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: EBA29679E5E26B76B65585425A9E2286
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B7BA1DD18F4E3E50F2CC5A5363F65657
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FA9A3853D9A8546D63EDB8DDC10BBEFA
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: E84E9C41D498886265D89FAFA81477F5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 17938323BA8980059C8FEC9132D3AC6A
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 5724C7B9F821F964EEA9807F9EC8AC9D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1DC22AA19D555FB7C43C2E2FF41DEF43
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FEAFFE2C12A257788B3EF21F346B2ADB
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 311BAFF3651BE3BDB91E184C6A1277C8
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 9F3F304EEFE7FCE8B2A497222658BEF5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1C882E05B86D4D641C82F598C2B0C542
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B0EC9EA159A65ADEF9E041C616065DA0
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: DD9BAA6FBAE6DA25B81D52A8410BC849
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2BF9DF7445FB7DFBEF70AD06FFEA22B8
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F9E0DEE3D06A81C3E6CD8D7A3552CAF4
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: C6F21F5444CD928C7AB2FEF0E5DFCE40
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 6BDB29390D5FCFE7DF1EB283A23F1CE6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B51F5D565CD644E59E4615EFC3ABC2D8
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F9F4A969A25B1AAB38BBEEDF2C5C7E35
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1C10B74E30B4DDCC51F66B0B1C33A65C
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 69804F5F9B1DE534541CBBD52E62A7F4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DBDE9102937AF0AFD0A7D25A4DB45531
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Frame ID: 968220A64FF3B823A00F0E69C859D612
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5FF07CAE7DEA86070F69AD44A1813842
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FCEF838DE10D7AB02B49E7799E88C235
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 9C8E97E805447AA48BEFFD4F1558E686
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8F0613F61B16035603CBC9CF9FA81DA8
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 8038FD2326442B432DB2751B48C1BA90
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 34DEFD829FA382E75FBAD1D040D7C9BC
Requests: 2 HTTP requests in this frame

Frame: blob://https://flashnetic.com/5a601b4d-91ee-4284-84e6-91228a0a5e89
Frame ID: E2B22C24DE059BE66108BD5238E2CD81
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2119161566907429117/index.html
Frame ID: 229FCACDFD89FAD6376B3784932F217F
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 40409CA1B9E6C2CA9A4ADA77963EDCD9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B8B684822397F6342C6931BA1EF8CD66
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Frame ID: 448F004F45A40919167156FA4A7002A1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2606A90CA80396FBB2BEA986F040BBCC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js
Frame ID: 3A9B610787279744F23100C2B1FEA4B3
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 32D00E46A7DE0897855BCE4650C2494D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7B156A9AA8EF6BE484D502535E066940
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 424AB9D629BBBA63F9E5BE013A7E22A9
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 01F07BA62B3CEBA7F1003D7A18726228
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 62B44645471E39EFA4270E1322FFEE99
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: CDB1511D0597CAC55AE0348189E8C756
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 2E5885CCBB45D287E92C6F09B9991D3C
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 22C101BE8A20D07FEBAF8EC18CB010B1
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 7DEED13CE71386CD7BA8E1D1E3DF140F
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 0D22AB22779D1B336A218A0FAB33B04E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: CF8725EFB9F544EAFC3E2545BD86A7B7
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: B7288B4C99072FB8007AF6FD8EDDAE6D
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 472DED91BF86A9D9A5E3BBE9C7126117
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: E8A2DECEACD77FA2C3272B4D0D0F3DCE
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 84F491508EA937E54F2664E43F0A1716
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 0FA897F8BB1DEE92A7485C5EB71744E1
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 1B597B6B516950B5072B8E80DF9F7AB4
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 4020D9341709A2037A12D2684B72C048
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 5478C19E529E7D64127A8F70C2513E7A
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: ECEFD17BA9DB8DFF521639233E9A5091
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 512C0DD9C846AB6111058EBE7A177B0F
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: E3D1E2AADF88D029BF43F1B880B1140B
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 4C6CD601DC8149DE174F43A7D0495329
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 3EF145A5AE2C9EF936D39CA83E8A7DE1
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 291F7D9B0BE99189BB384062CAE15A12
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 264185D37C15E00234780CAC989D37C1
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 9D74A47017F608F83D1E36750839B1E9
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: C252690EF1034802CCBB7D8B899B40BF
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 1617E7537CE6F097C9BD01525B1B869E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 96E55C37A8AA2AD612B951DCCC4F4F30
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 833BD83D510B7B00D27C7C9E7796070C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Frame ID: 4864FF1F989C47076BCB9D22924D550C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zero 8i from Infinix – Tech One

Page URL History Show full URLs

https://tnlink.in/v3nahJc HTTP 301
https://link.tnlink.in/v3nahJc HTTP 302
http://earnme.club/safe2.php?link=v3nahJc Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://earnme.club/zero-8i-from-infinix/&ved=... Page URL
https://earnme.club/zero-8i-from-infinix/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

1688
Requests

94 %
HTTPS

31 %
IPv6

80
Domains

130
Subdomains

104
IPs

12
Countries

17916 kB
Transfer

47776 kB
Size

54
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://earn%20me.%20com/
Title: Saminda

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress.org

Search URL Search Domain Scan URL

URL: http://i%20have%20no%20websites%20bro/
Title: Sarbash

Search URL Search Domain Scan URL

URL: http://rasik%20reo/
Title: Rasik

Search URL Search Domain Scan URL

URL: https://usanewstoday.club/safe2.php?link=v3nahJc
Title: Continue

Search URL Search Domain Scan URL

URL: https://mhthemes.com/themes/mh-magazine/?utm_source=customer&utm_medium=link&utm_campaign=MH+Magazine+Lite
Title: MH Themes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tnlink.in/v3nahJc HTTP 301
https://link.tnlink.in/v3nahJc HTTP 302
http://earnme.club/safe2.php?link=v3nahJc Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://earnme.club/zero-8i-from-infinix/&ved=2ahUKEwinyYX0v5X2AhW2yYsBHcAmD-I4MhAWegQIGRAB&usg=AOvVaw1N9mUF8GZmkp3HhOJmlhDy Page URL
https://earnme.club/zero-8i-from-infinix/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://tnlink.in/v3nahJc HTTP 301
https://link.tnlink.in/v3nahJc HTTP 302
http://earnme.club/safe2.php?link=v3nahJc

Request Chain 128

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=WWjk63x2MWNFcnJDSWtuSUQyYmpuZXRIYkl3dUFLUHhQOXlZYjlqSVBNbWl3WHI3ekFYMFJ6cDlxWDdFRk5jZkJvclA2eVI4anJna0EyVjlnT2VKWExzcVU2NFVjN09uaVpNNFkzOHpsYVdFOGNQRTBQZ09RNkxsdVNmbkZ2THppQ1ZKS3JEOWhRRDU1eXFYSTA1Q2dVYkxXYlBvblY1blZCdWpRQmR1TkE2UHJGUUo4RFc1dmc0bGZ2UHNKRVFpNEd2Tjl2NllEakxGM0RVcE1oVlBmRmZrRVovRjdCWURJeVVpZjZoLzdTTUUxMnZZPXw&cppv=2

Request Chain 586

https://pbjs.e-planning.net/pbjs/1/27fa6/1/earnme.club/ROS?rnd=0.47624373729372205&e=336x280_0%3A336x280&ur=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&pbv=7.10.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.google.com%2F HTTP 302
https://pbjs.e-planning.net/hb/1/27fa6/1/earnme.club/ROS?ct=1&r=pbjs&rnd=0.47624373729372205&e=336x280_0%3A336x280&ur=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&pbv=7.10.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.google.com%2F

Request Chain 646

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 647

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 729

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1

Request Chain 730

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxS0YGLUgret8.FuKMhcmwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1&google_hm=2

Request Chain 731

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGmOia40_moMJ1HK4IcOoWE&google_cver=1

Request Chain 732

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODIxMTUwMjc4OTQ2MDEwOQ%3D%3D

Request Chain 733

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1

Request Chain 734

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxS0YGLUgret8.FuKMhcmwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1&google_hm=2

Request Chain 735

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGmOia40_moMJ1HK4IcOoWE&google_cver=1

Request Chain 736

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODIxMTUwMjc4OTQ2MDEwOQ%3D%3D

Request Chain 737

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1

Request Chain 738

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxS0YGLUgret8.FuKMhcmwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1&google_hm=2

Request Chain 739

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGmOia40_moMJ1HK4IcOoWE&google_cver=1

Request Chain 740

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODIxMTUwMjc4OTQ2MDEwOQ%3D%3D

Request Chain 760

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_s_alw-on HTTP 302
https://d.adtriba.com/px.gif

Request Chain 770

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEOoaiWRVSdsbmlOj0SyTXC0&google_cver=1

Request Chain 771

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEBfQTRCBIuicowHfRXynXSA&google_cver=1&adform_v=1

Request Chain 794

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_s_alw-on HTTP 302
https://d.adtriba.com/px.gif

Request Chain 799

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGMhmGNMrkX6xhgtL9RGhz8&google_cver=1

Request Chain 800

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDllMWUzODkxM2RjY2ExOWQ3YmY3MTk5M2M3ZjE2ZjQxYTc1NDc1NA

Request Chain 801

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIaX-Fe-vWVbPrXuiXESv2E&google_cver=1

Request Chain 813

https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dzqobcegrs%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUPy5L793l_0MwjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAQiXozgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521JRfSkAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyMUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTIx%2Fbn%3D97002%2Fclickenc%3D HTTP 302
https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dzqobcegrs%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUPy5L793l_0MwjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAQiXozgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521JRfSkAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyMUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTIx%2Fbn%3D97002%2Fclickenc%3D&uidRedirect=1

Request Chain 818

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEAM-HYTvwg9Q6LJySdcwoxw&google_cver=1

Request Chain 820

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEFArhSyvwdrgax-0PJrP6Ww&google_cver=1

Request Chain 822

https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dtcsdeolg%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP5X7-VffJzUojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAVyYs5AAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LBe7kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjExOUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTE5%2Fbn%3D96994%2Fclickenc%3D HTTP 302
https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dtcsdeolg%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP5X7-VffJzUojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAVyYs5AAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LBe7kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjExOUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTE5%2Fbn%3D96994%2Fclickenc%3D&uidRedirect=1

Request Chain 862

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEFArhSyvwdrgax-0PJrP6Ww&google_cver=1

Request Chain 864

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAByLWWHYEgu9D2skIRp0k8&google_cver=1

Request Chain 865

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=d958c189-2c5c-11ed-ae5d-1be234f70306 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZDk1OGZhYjYtMmM1Yy0xMWVkLWE4OTQtMWEzY2Y5ZDEwMzA2

Request Chain 867

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEFArhSyvwdrgax-0PJrP6Ww&google_cver=1

Request Chain 869

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAByLWWHYEgu9D2skIRp0k8&google_cver=1

Request Chain 870

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=d958fb19-2c5c-11ed-a894-1a3cf9d10306 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZDk1OGZhYjYtMmM1Yy0xMWVkLWE4OTQtMWEzY2Y5ZDEwMzA2

Request Chain 896

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIaX-Fe-vWVbPrXuiXESv2E&google_cver=1

Request Chain 898

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS16enFBNkFSRTJ1R1FHZG0uZ1pDejFCOUtIRnRGdUJDV35B

Request Chain 902

https://fw.adsafeprotected.com/rfw/st/1127614/65017073/4.js?ias_dspID=3&ias_campId=1008609693&ias_pubId=pub-1062972861553303&ias_chanId=1&ias_placementId=18181649255&bidurl=https://earnme.club/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gcBKNTfN6q3MXYPRIIf0ZZ&adContainerId=brand_safety_X7QUY670NYvf-gbS4ruAAg&cbFunctionName=goog_wrapCb_X7QUY670NYvf-gbS4ruAAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fearnme.club%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:ee64977a-7d66-d271-f929-fbee132e10df,c:nfU93i,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b5678d7-p4s8r,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tgtwLOY+11%7C1211%7C122%7C123%7C1311%7C1411%7C1412%7C1511%7C1512%7C1611%7C1612%7C1711%7C1712%7C1811%7C1911%7C1912%7C1a11%7C1b11%7C1b12%7C1b2%7C1b3%7C1c11%7C1c12%7C1d11%7C1d12%7C1e11%7C1e12%7C1f11%7C1f12%7C1g11%7C1g12%7C1h1%7C1i1%7C1j11%7C1j2%7C1j3%7C1k1%7C1l11%7C1m11%7C1m12%7C1n11%7C1n12%7C1o11%7C1p11%7C1p12%7C1q11%7C1q12%7C1r11%7C1s%7C1t*.1127614-65017073%7C1t1%7C1u1%7C1u2%7C1v1%7C1v2%7C1w%7C1x1%7C1y1%7C1y2%7C1z%7C1101%7C11111%7C112%7C113%7C114%7C115%7C116,idMap:1t*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:29,oid:d8d2cb6e-2c5c-11ed-86c4-fad00dff7242,v:19.8.346,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 937

https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=474e4a8f4447D6NEqpObTyZkVQZ1HYZ3pmA3HYA0zHIe4vGCyxGBiPel20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=65059300066552001467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp14nt9hfjdlipsp%3Ftprde%3D HTTP 302
https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=474e4a8f4447D6NEqpObTyZkVQZ1HYZ3pmA3HYA0zHIe4vGCyxGBiPel20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=65059300066552001467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp14nt9hfjdlipsp%3Ftprde%3D&uidRedirect=1

Request Chain 941

https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=adf7c6b5ceceKORReRtnH2DwfjNQfjFQZ0HwA1DoFIg0mAiHGgbxYk20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=38291500066552101467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpl48wjso8pzrvht%3Ftprde%3D HTTP 302
https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=adf7c6b5ceceKORReRtnH2DwfjNQfjFQZ0HwA1DoFIg0mAiHGgbxYk20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=38291500066552101467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpl48wjso8pzrvht%3Ftprde%3D&uidRedirect=1

Request Chain 1032

https://fw.adsafeprotected.com/rfw/st/886862/62195780/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_YLQUY7TjGZ-wx_APnt2MqAg&cbFunctionName=goog_wrapCb_YLQUY7TjGZ-wx_APnt2MqAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fearnme.club&adsafe_type=g&adsafe_url=https%3A%2F%2Fearnme.club%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fd65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fd65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:5cce56d9-e083-dead-168c-7a649c183f0b,c:nfU9cp,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-b5678d7-vkpsz,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:tgtwLXU+11%7C121*.886862-62195780%7C1211%7C122%7C123%7C1311%7C1411%7C1412%7C15111%7C1512%7C16111%7C1612%7C1711%7C1712%7C1811%7C19111%7C1912%7C1a11%7C1b11%7C1b12%7C1b13%7C1b2%7C1b3%7C1c111%7C1c12%7C1d111%7C1d12%7C1e111%7C1e12%7C1f111%7C1f12%7C1g11%7C1g12%7C1h1%7C1i1%7C1j11%7C1j12%7C1j2%7C1j3%7C1k1%7C1l11%7C1l12%7C1m11%7C1m12%7C1n111%7C1n12%7C1o11%7C1p11%7C1p12%7C1q111%7C1q12%7C1r11%7C1s%7C1t1%7C1t2%7C1t3%7C1u1%7C1u2%7C1v1%7C1v2%7C1w%7C1x11%7C1y1%7C1y2%7C1z%7C1101%7C11111%7C112%7C113%7C114%7C115%7C116,idMap:121*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:39,oid:d924476f-2c5c-11ed-a1ae-caf16d553957,v:19.8.346,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 1059

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=14829200066555301649441012072010 HTTP 302
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Request Chain 1060

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=81767300066555401649441012072010 HTTP 302
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Request Chain 1061

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 1065

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=18038400066555601649441012072010 HTTP 302
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Request Chain 1066

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=48487700066555701649441012072010 HTTP 302
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Request Chain 1073

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=39536800066556001649441012072010 HTTP 302
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Request Chain 1074

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=54264600066556101649441012072010 HTTP 302
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Request Chain 1075

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=38808200066556201649441012072010 HTTP 302
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Request Chain 1076

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=35926900066556301649441012072010 HTTP 302
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Request Chain 1077

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=43127800066556401649441012072010 HTTP 302
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Request Chain 1143

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/ZAT7n4lHn2bTg_35GNK8msn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3322640959834942664

Request Chain 1144

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=SHiVXJmQQ32acpckUm9TaA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=SHiVXJmQQ32acpckUm9TaA

Request Chain 1146

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDllMWUzODkxM2RjY2ExOWQ3YmY3MTk5M2M3ZjE2ZjQxYTc1NDc1NA

Request Chain 1147

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdORjlFVFMtMU8tTUZBTA==

Request Chain 1148

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGMhmGNMrkX6xhgtL9RGhz8&google_cver=1

Request Chain 1150

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7NF9ETS-1O-MFAL

Request Chain 1155

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFlXrP3gPQeZyd5n4oAot9o&google_cver=1&google_push=AehlK4CCAIhKfvUQTV7w4PPtpCsaYKPOifHelnTGjd_IRnkGZqjxhTEfIWzaXr6yIs70Ccg8_P85SyUClNKYECRcIi6L_Q8umK4yJA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CCAIhKfvUQTV7w4PPtpCsaYKPOifHelnTGjd_IRnkGZqjxhTEfIWzaXr6yIs70Ccg8_P85SyUClNKYECRcIi6L_Q8umK4yJA

Request Chain 1157

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECC1iD4fAqp85_cc1IHCLOo&google_cver=1&google_push=AehlK4AeXNmdBedxvvJzc3zcrGTiYa39x850oJPfaIHe3E6jzkJuFZaKI9xqfDPK-SQqfXAmL13e5XnJCdQjH7Ucp5XyQuR4Ce386w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdORjlFVFMtMU8tTUZBTA==&google_push=AehlK4AeXNmdBedxvvJzc3zcrGTiYa39x850oJPfaIHe3E6jzkJuFZaKI9xqfDPK-SQqfXAmL13e5XnJCdQjH7Ucp5XyQuR4Ce386w

Request Chain 1158

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENhNSahVu-TKIKqpBm9OFHs&google_cver=1&google_push=AehlK4CXzLghJLBWoBw2QXctvGCOl_7SvRfCO-2wgXYZ1FjMDriZ_eT08dCW2QPVhjB2fRxsXS84gQYINF1st5KRTlulizHIc6wDRw HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4CXzLghJLBWoBw2QXctvGCOl_7SvRfCO-2wgXYZ1FjMDriZ_eT08dCW2QPVhjB2fRxsXS84gQYINF1st5KRTlulizHIc6wDRw&google_gid=CAESENhNSahVu-TKIKqpBm9OFHs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDc4MTc4NjAzMTcwNTE2MjM3NjA0&google_push=AehlK4CXzLghJLBWoBw2QXctvGCOl_7SvRfCO-2wgXYZ1FjMDriZ_eT08dCW2QPVhjB2fRxsXS84gQYINF1st5KRTlulizHIc6wDRw

Request Chain 1159

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENDKetOccOdFBs74yKDere8&google_cver=1&google_push=AehlK4DbRsAuOI0mjtNa3OE7GUzElIdYLGvorRcHz_wqTCE7nKS0snjOzN378svY0BUhORS4RtU0--j1SuaEvmD1D3rtpBUVVMD8WHw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ZV2ZnMXFCRTJ1RjYyejdDc0w1NzZtR3FvdFlYdGl3VH5B&google_push=AehlK4DbRsAuOI0mjtNa3OE7GUzElIdYLGvorRcHz_wqTCE7nKS0snjOzN378svY0BUhORS4RtU0--j1SuaEvmD1D3rtpBUVVMD8WHw

Request Chain 1229

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEzBv5TOLAMI1Cjrnp898ds&google_cver=1&google_push=AehlK4CuA3Kxa2UlPPwOdng6ba0bKLxPo0cd3YYz7xjdboO4vG6UN33HvQqr_4ayoGY7_9AbnmnJEyS3dY6rPPD3-blt38QySg0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CuA3Kxa2UlPPwOdng6ba0bKLxPo0cd3YYz7xjdboO4vG6UN33HvQqr_4ayoGY7_9AbnmnJEyS3dY6rPPD3-blt38QySg0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEzBv5TOLAMI1Cjrnp898ds&google_cver=1&google_push=AehlK4CuA3Kxa2UlPPwOdng6ba0bKLxPo0cd3YYz7xjdboO4vG6UN33HvQqr_4ayoGY7_9AbnmnJEyS3dY6rPPD3-blt38QySg0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CuA3Kxa2UlPPwOdng6ba0bKLxPo0cd3YYz7xjdboO4vG6UN33HvQqr_4ayoGY7_9AbnmnJEyS3dY6rPPD3-blt38QySg0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 1230

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOGKI3wv9qv9DvBo73ypjIQ&google_cver=1&google_push=AehlK4BXsywwvXFbqChlFdI1rTpkdf2TA4K3AZS6iwqhS7-XhGk4FTPIh5oFC0dJEqdvxVj6JRSgsNv6JxtXR-MKaM5pOhiQwv0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOGKI3wv9qv9DvBo73ypjIQ&google_push=AehlK4BXsywwvXFbqChlFdI1rTpkdf2TA4K3AZS6iwqhS7-XhGk4FTPIh5oFC0dJEqdvxVj6JRSgsNv6JxtXR-MKaM5pOhiQwv0

Request Chain 1231

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEC93VUBEy3IIakFLNCQcIvM&google_cver=1&google_push=AehlK4Dm5RSW65pNo-AE5rT1NQ9CrXk2Lk7oM1cAb_jbBTrrO-_TH7wXtyncTdMTvIPdU5sr6RK20z9AaqdTQ_EZAtA9udMFvGE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4Dm5RSW65pNo-AE5rT1NQ9CrXk2Lk7oM1cAb_jbBTrrO-_TH7wXtyncTdMTvIPdU5sr6RK20z9AaqdTQ_EZAtA9udMFvGE&google_hm=gdLkJchNQ8SqX8lEb8ScOow

Request Chain 1232

https://d5p.de17a.com/cookies/google?google_gid=CAESEBNWMITZthi4pzcmscDzZqU&google_cver=1&google_push=AehlK4DbS2RBqMAbaf76mcGx8qmqWSl21JmQvNLZdBpVPSdje4ZhDXd6bb9QXL3ayssJQHVxBnwKW-EpS0aYcAGWLHW0O14WKhM HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBNWMITZthi4pzcmscDzZqU&google_cver=1&google_push=AehlK4DbS2RBqMAbaf76mcGx8qmqWSl21JmQvNLZdBpVPSdje4ZhDXd6bb9QXL3ayssJQHVxBnwKW-EpS0aYcAGWLHW0O14WKhM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4DbS2RBqMAbaf76mcGx8qmqWSl21JmQvNLZdBpVPSdje4ZhDXd6bb9QXL3ayssJQHVxBnwKW-EpS0aYcAGWLHW0O14WKhM

Request Chain 1233

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMMYtiyxZ3f8NRdN-RpPpvs&google_cver=1&google_push=AehlK4ALxDhN-Ey9ckKdU3LrYaBnvepH5WBAmDouov5j6Wzj2Nf40N8Aqalx849Jq4fmOLx0NoRsqprhj5G3p6Pxa_214leZ9Us HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMMYtiyxZ3f8NRdN-RpPpvs&google_cver=1&google_push=AehlK4ALxDhN-Ey9ckKdU3LrYaBnvepH5WBAmDouov5j6Wzj2Nf40N8Aqalx849Jq4fmOLx0NoRsqprhj5G3p6Pxa_214leZ9Us HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQwMjAxOTg5NTIwMjgzMTc5NA&google_push=AehlK4ALxDhN-Ey9ckKdU3LrYaBnvepH5WBAmDouov5j6Wzj2Nf40N8Aqalx849Jq4fmOLx0NoRsqprhj5G3p6Pxa_214leZ9Us

Request Chain 1234

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEH0zErgd1b8lSITL86RG-7Q&google_cver=1&google_push=AehlK4D1Rg9H7vMelgIGjquUsr3Zu9vla1IIVslTPDKFHvXh6ysgv86mCiICC9C7huyWmrytoXUCBrIeIJOIUIhQj_iYTKJErw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4D1Rg9H7vMelgIGjquUsr3Zu9vla1IIVslTPDKFHvXh6ysgv86mCiICC9C7huyWmrytoXUCBrIeIJOIUIhQj_iYTKJErw

Request Chain 1321

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOPQdTgdnk_0JCtDsVgHUDk&google_cver=1&google_push=AehlK4AVYWyVZ0e6mUmAjiyH0urcEoz0PU9TFIh-1_eMFvNLJkA92YIkAL3YnSvl0d2M5e0mIOF3kLVrH7cRI0U6AdufaJinGiK69w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzOTUyOTY0NjU5Mjc1MTc3MQ%3D%3D&google_push=AehlK4AVYWyVZ0e6mUmAjiyH0urcEoz0PU9TFIh-1_eMFvNLJkA92YIkAL3YnSvl0d2M5e0mIOF3kLVrH7cRI0U6AdufaJinGiK69w

Request Chain 1322

https://d5p.de17a.com/cookies/google?google_gid=CAESEFDxmRJwBUTPy-9Di9Ap-f4&google_cver=1&google_push=AehlK4DaCiF7aFtN7Yn2dDuXBAQnFt2_PJv8yr37_7e3Leka6nvbOFuD3apeponksxW4my_3_SX5YEdeWOQfaGuG963a__8ipmpkwQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4DaCiF7aFtN7Yn2dDuXBAQnFt2_PJv8yr37_7e3Leka6nvbOFuD3apeponksxW4my_3_SX5YEdeWOQfaGuG963a__8ipmpkwQ

Request Chain 1324

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH3mIiRaoUP-GnABcxLg3E8&google_cver=1&google_push=AehlK4Ckj1Mv7z7IDOkd5jpcW-pGejV9zqC-r7KaLe02yB-J1gTZmxdGkM7UKfrT8oCJLaPPC8LM2HJ43ZD8Dav7XQctJz5x6mty3A HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH3mIiRaoUP-GnABcxLg3E8&google_hm=YxS0YGLUgret8-FuKMhcmwAABHkAAAAB&google_nid=index&google_push=AehlK4Ckj1Mv7z7IDOkd5jpcW-pGejV9zqC-r7KaLe02yB-J1gTZmxdGkM7UKfrT8oCJLaPPC8LM2HJ43ZD8Dav7XQctJz5x6mty3A

Request Chain 1325

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOKG-C1XE3NLek_MWxNH7T8&google_cver=1&google_push=AehlK4DKSgzeUIoxA3nVHwLSQAeUjyzCJ2P-x576VLFH1Ij5o2mfjIAvybPTY6Mgxgnby8dfD1hIY2GdfPebTT05cscdeC9aUIONoA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DKSgzeUIoxA3nVHwLSQAeUjyzCJ2P-x576VLFH1Ij5o2mfjIAvybPTY6Mgxgnby8dfD1hIY2GdfPebTT05cscdeC9aUIONoA HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 1344

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 1361

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 1406

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 1605

https://gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=YyS8-F9vM2hQV01FcGk2YTB0WnRtTlNjUkxDNGtCbHlUQ2pDMXdiaHNhejNrOVJNaHI1RVYlMkJlNVlzMDE2SiUyQllHVTZNcVkyUkwybjI3ZXJCWTY1cURpN0dsRWxRVyUyQkJCMWFDUjZlbTAwbVRESmVENWhTTjRGQUYlMkJwOTNjYXpyOVJIV2R4&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=myMcLnxtMUZLZlU5VXpQOW0ra0YvN0dQN1dRcTJKRTI1dUNyYWk1UmJEWFQ1NDZKYjdNSFB6bWFjQmhDajI3REszTURaYzdEb1NvQmR0ei9NVVZIeHlyZlN6cnNUTzJwbXFlRDhxeWYwd1F5V0duc0k3MVEva29DTzloRzBBOHl1YmdtSVBEWXZocnV4eEhVWElBTzVyNURnVFQxc0h2aEFMT3ZtYWk1QjM5YW1KQURPZUJvUS9UdzF6VlREUFlJd05NOHNjeE53cGNtZ1pDb3hSNUkyZlB1Rmh4aVNiNzgxbkZkcGV3MGJRK2Z3WnJFM2F1bis4cnNFVEVLSSs2Vk5ZNnpSelhhK2M5M0liWFR6T0k4OHBnTnBaYStOWFJvVzgxVDVUQW0ySU15TnYxWT18&cppv=2

Request Chain 1671

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=0&topUrl=earnme.club&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=RTGav3xPRlZGOTVLWVJPMUFDVkdMcm9abFBBL2Qrbmp6MTQxdmpCVEhHWHdXNDI4eVY5MDRZTFpNUGt6bGNkOHEvSEVhcncyZEpUVjIrOS9zTm8zK3c5ZjBpVzkxcVVra0FGeHhIMlpjRk54M2h2QTU1amwwVXFsY3NzQm03bVcwdENMZk9rMjZnVU5Wckxoc25Ta2ZXdEdTRzFwQUQzdUlwc1lLN3RkS1BLMlA2YVIvRmtJT0N5WjFnc2dLYU9QVmRIRkhSR2h5dE1jYVVxTG5Qb2RSRDl3QVVrd21QcFFBV1NIamNUVGhxbjJ1NEV4Y3JCejZiWnFEc2FDUzY5SnVVeTcxMXhlaHAybnVxbTd1MW90SVFJWDJzYkdjUUlJU3BSTFJFMDJjYzFiZVpLUT18&cppv=2

Request Chain 1676

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=0&topUrl=earnme.club&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=0jO4k3wzdDJQZGg2NWlQSjJwOGR3L1p0Njl1cjFRZjlSaTdaNnorTnBFVnAzK1plaEl4SHFRUFRHNGQ1WVNVSjZmUHpNQTRPWnhFbVpQdzdwdzRYT29nR0ltTldKcEs4cUJHYzg3bytlNzRCQmx2RUFRR1AwZWdMZVowK2o2UWEwNFZBMmN3NkdtTVRNRC9maHQrczRpdmVOK2dveFF0SGNMUkZLaFpaNjFIYWRBZDY3ak54T29jR0hpU0hGcFZXUzBNdzd3aFRPbHcrNnRtd2lZRmpjbjdlVGExRDhCMWl4ZjZlTExKM0tzRTY4VkpoZllLRndEZmF0d05oZTRWT25QWmlpbE83Z3RuWE4rWEJ6MjJPSzIwYSt6SXZadUhZRk1ScUpUSWJabTJuNnQ2az18&cppv=2

Request Chain 1685

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=KVSR-19UUHF0Zk01eERuQjdZMVZFQ1UwSUoyYmQ0NzBObWZ4a0JHTzhEWkg4bzRWcFRmUXFEZ1hjSzNVSDJBTGdYWTJHTkloalAwbGR1Q0tBREpoc2poRm84dlZZdE1MMFc4VVBROVg0ejBXUTNQOXU3NFEyMUVlJTJGQnpOdVJRb0xGV2U5QVRxSmVFRHRWbjZCRHVOZlJNWiUyQm5BJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=WI6FVnx4T3gxdEFPZ2lvT2pFQTVmV3pMWWZTcmJzU1pMYWY5N3AzOC9CT0NNYkRpMEg2N0F5K2lqVGo4VXJpMUV3UmhjR2s0ZUcveGZqWXduV2p5STFmdjJyVXJSdGJoSTE5K25CVkNaZDduQThGY04zblkzREtkeUpsemVQNTlERy9wdFN5Qm4vNWJnY2VYTExCK1hQaExlUzdUMUg3ZFJrRU1MMm1VUzlySEZ4bjVYcmxSSnhNWFNjckFXWDYzVlUxbzdtc0k1S3JacFNaODZ1TWhaSXhORnplbytJTUVsZXBLcnNpY3NaTEl0djJVYlR6ZEJ1SXUyM2oyUVUrWGlsZDBDaTdlS0xMajNCVjNwOXpqajl0VW1UZWNMbUo5TVhqTklGeWovMC9JWUJSTT18&cppv=2

Request Chain 1690

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=KVSR-19UUHF0Zk01eERuQjdZMVZFQ1UwSUoyYmQ0NzBObWZ4a0JHTzhEWkg4bzRWcFRmUXFEZ1hjSzNVSDJBTGdYWTJHTkloalAwbGR1Q0tBREpoc2poRm84dlZZdE1MMFc4VVBROVg0ejBXUTNQOXU3NFEyMUVlJTJGQnpOdVJRb0xGV2U5QVRxSmVFRHRWbjZCRHVOZlJNWiUyQm5BJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=6O9lrXxBYW9qZ2FLZE5uU3plSmZXSklMbXhTbjZ1Szc2U0lqZE9uUHJJZ2dDY05uUW1rU0VkVUJuR1JuZHpnbUxqdnFIeHFTOHJVZ3U4R0ZURG93Y3pCZ0xteHg2UTJwczh2bW15bTVkdnVFRkNnbjlJSkF6cXBlZUpEYWlmbGp0cmRtYkRXZ2lvY2tpc1dHclhJVUJWT29UOFVsMzJib0VYVlJRekVXSHB4alJINzREWW9vNkdna0YwTWtWTmtVT1RqNDk2K3N6V3pxNUVqR0R4LzZra25KdGVTVWgyQTBRekdCQ212WDNSTVFMSElnOSs2SG1yVmdvSHpoQ09mMitmTDlxREFZeE54MDl4b1pCelRZVDlYUE5OYjlucEw1VlRDZTQ1WmptbXZ4QWhpWT18&cppv=2

Request Chain 1694

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=0TijD19UUHF0Zk01eERuQjdZMVZFQ1UwSUolMkZGb01WUkklMkY4aVY1NG9HM1A4NEsxcUJDcGJoRExsTmMxb3cwT3NUUUlZN1BQeUFqZGI3QiUyQjUzVXZjWkt2JTJCOG9aM2kwWnglMkZmTHN3eHJ4RmlNOVoxOUpCJTJGWGxlN2pDNEdBMFFLcUVHZHNYeG0wTkNITk4lMkZlZUFNMHBvY2w1JTJCb0VnJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=bmZCr3xsMVl6WkxwQTlFNVRiVlRmd0ZrS3ArdTFLcXRvMS96TTIwZk8rK1Q1bWxPSjhOZTZySDlDTTRrK2puK01yTlBGTTkvZFdERHhyejdEUUI5NjVmanVSRUc1Nis4OVc2ajJETzl2RmxTWlBYSlhXakxlVTF3NDZGVk9OTmlzU3VuTUlVcURpMWc1WVNyanczb3NGblR4OGVQbTF6Y1dpY0ZqWHZiMlR4cyszUUpFdmZlbUZMTjA2UTFwUnQ2RWMvajJJUUFsR01UbTJROUluM2R6aHc3QkY2RFJYSnJVVEhIeXN0WHBqd25xUUE5MUZGMGNpbjQwa2Z1QWN1cUw0b3RmV1hSc205WFdYM0tXekhuem93MHRJQjlsWEpnT3dzNlpKMnN6UnEvZ3lIcz18&cppv=2

Request Chain 1696

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=umkA_F9UUHF0Zk01eERuQjdZMVZFQ1UwSUolMkZobmJJV0w2VnJGdDU1b205TE9rJTJCQmljTUxJT2R2aiUyRktMNTlTOHpVTk1zJTJCbTZnbGMlMkZnQ05SS0VXZ2U0bVdTaVkzb3FQNUNZUWwlMkJ2NVIzejFzcW1UNVBIMnJpTkF3TENqNDR3dGcyWWl1JTJGU3pFZFlqUkpxUXZ5dVhJdm1YRnhWdyUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=pmQT9HxhWUd1UzVWRjR3UXVoWTFiUXpJVDVSY1hMU2d5ZnZMQjVhSEliK1FTL3N4em1PVzdHZVlXNjVZTkRSS1NYc0VxbHM5MnpDSWFWSzJEZXRFcnhzQVpoMmplV1hheHZxT09KQlZWNFdRaEgxTXdGbkEzMFQxWjZhbEVXZG1maXlKV3VvSzhqT2pVRVhMVk44Uy90aERabVlTQmlLNlIxOXFILzVHWkdyckYramR0UWhnUEprWXJvbXIrcHBjOGdwRFhJTkpCWWRSRUpRLzNUR25aMXJnNHRiYytsY0ErR0Z6L0lJMjBXQVN0UkdWUlJ2a2M5Q3loSlAyaHAxN1U3VnV1aVFjSnNvb0k1OStNZmRjNS9IOVBPN3NBK0pvU2k1RFRiSkR1N2IzZGNnYz18&cppv=2

Request Chain 1699

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=umkA_F9UUHF0Zk01eERuQjdZMVZFQ1UwSUolMkZobmJJV0w2VnJGdDU1b205TE9rJTJCQmljTUxJT2R2aiUyRktMNTlTOHpVTk1zJTJCbTZnbGMlMkZnQ05SS0VXZ2U0bVdTaVkzb3FQNUNZUWwlMkJ2NVIzejFzcW1UNVBIMnJpTkF3TENqNDR3dGcyWWl1JTJGU3pFZFlqUkpxUXZ5dVhJdm1YRnhWdyUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=cd9GD3xJYXlhcTRnMlhrZ0xoNW9jbVJqQlh4ZkZxbXB3dS9MT2tQZHZlTTVmNms4RG9tT1JVaGJDdGVQN3BoUVRsSnFXR0R5WUkwZ1pKempLL2tUTkRrb1ZGdWxWZk9XTk5jT1N2UGVYNHUybzVIZTBZTnpUbUkwUzRWdGtMYU9Na0lWdTJTRTVoUk1GZVdwenhpSlhwQ3RoQ2RzVGtSWm5iTk5IdjZwUC9UNVlHUHhaMXEzdmVJeWRKT01ScHJ1MUtIazMwNHpkeHA1dHA1ajNFd3FuTHM0WUJxbXVWVkVVQjNkRDF5dC9PZytMcUZJR2FLeldiOFA0UzhHNmkwRGJjQ1lQc3JpWXhWM3RDQTYwclRPSDRQSS9oT3Y4K1dvUHo0VE1vc3NPeGhHZEN6ST18&cppv=2

Request Chain 1700

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=umkA_F9UUHF0Zk01eERuQjdZMVZFQ1UwSUolMkZobmJJV0w2VnJGdDU1b205TE9rJTJCQmljTUxJT2R2aiUyRktMNTlTOHpVTk1zJTJCbTZnbGMlMkZnQ05SS0VXZ2U0bVdTaVkzb3FQNUNZUWwlMkJ2NVIzejFzcW1UNVBIMnJpTkF3TENqNDR3dGcyWWl1JTJGU3pFZFlqUkpxUXZ5dVhJdm1YRnhWdyUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=AFoi63x2Z09hM2hsaGNkeUt6OENBQ2IrQ3ljdk0xYVUzQW9mU0RndUJQdGVKYk1UNnVTN3d5aW5tOXo1b3gwdkFiRkx3cDAyOWhlZFR3enRMcksyaEVoc1JUR2h3bUI0Z3o2eDBRQy85RlQ3T3p2YTR5ZStFSWpBWUhRdDdSNDVkcDEzQ25ybVlaV0VIa2ZCallyNHhYd0RBenhKOEY0bVVHYTAycDQ3TzVrZTFldVBWWTFDTkIxcWowTlN3Z3ZoZ1NtMEpPamljZWdISjJwU2VJR3RobG9nWnF3VS8xRkFWRXdQLy9CWG9rcitMNDdSOXMvMFQ3RXFkWEE2V29oSjNWQnlncStaaVhIMzB5YmRwYnFjeCtsbkViS1dRcS9RcitnNTduYURvS3hKYUloRT18&cppv=2

Request Chain 1702

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=IO5NQF9UUHF0Zk01eERuQjdZMVZFQ1UwSUo1TWdicGRzSVBzV2N3Z2x4QXZQbUglMkZxSm5GUmt0T1llbVhOJTJCekI0cjJsSDJ2WUxkSG44dDBBMW1TbVhCY0kxek53d2klMkZLalhjbyUyQmxlaEhoZEdDdTlKNTVCQzc5dFRWdEt6YkI3eHRBcnR0S2wyWUFKRWViMXp3ZG5nU0g0dUUwUSUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Rdy3N3wxY1owM0x6b3hUTWsrMGN3QWdnQU9mRzFzVk5LK1hRWGR0QTY1Y3FNVXFvZjF6TXlZNzZYMHM0eUwveXRzNDBwd0I1d084ekNTaXU3TC9HS3Q4dDE2MFg5Y25Ma0xiT0VnUDFlLzMrU1JVYVRSWTAxUzNrMEd1TjR0YTkxa3ZJUXhkSG90cFhYMHRvd2l5RGZ6c0lhUkxQNVdVSnlTYllhL2tiVkoybENhK1RYdm9raHJQWUpQdGoyRXpoaXVQNGo2VUM2K29sZWRBZ0pnMXVVeEh4NXJMNEc1V2tvNGF0Sldkd3J0dUVLRWluRTVsUEZwa1NENHlsVlViRTMwVGNlVlBGVWRIRW9DZllVQ1dUSDU4NGUxSDdUQ1BHUWlqOEJmTExZK0E2eW5rOD18&cppv=2

Request Chain 1704

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=kNxViF9UUHF0Zk01eERuQjdZMVZFQ1UwSUp3ekZ1RlFOQklBWHBFUUZDQ0NtVW9BMThFblF6JTJGWUhQU2VNeW56MDRVbWFlOFJ4eEx1TVBRTEVXWm9oVllQWnV4OTI2ZFg1SHNRaGNGRzhRWVFlRSUyRlolMkJkYjVzNUUxOVZaVmhwTUxnYWc3dU9nUkdEQnUxUUlITG5IajBBRFpyeXclM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=NuJrFXwyQzJJeDlNcVg5ek4rUGYyRG51bkhNNy9HQTlSZytlbUJjMkNiaHJIMTBEVDIrcGY0R1U5RUNuTGUydUVFTktLaHkzTnJpWjRKaXBLejF2Ym9sdXI5Wko3bkNTa3MzVGFMd1UxOXdXY1Z3ZFB5VjFhNEUxQ2JiME9vVWJUL3ZxNHF0bEhFbjlabFE2aTB1U0pieVIxbitmN2ZuRlA0cTdkaG9qUjNndytJV3llQ3k1R2RJbVhlN29pQUN5alEzb1Bkb1Mya3doOE5xanFHSWdWbVJEOVlCb1lGOGFsZVkvbWRGZ3hLT3dlazNQVjdoYnJneHpGWUZmQnQ3Y1JIenBqcFpwNDh3T0dRUEhIdmFvU1NTck05UjFBTEJ3NGlZWWZyU1BqOWlZallLaz18&cppv=2

Request Chain 1706

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DWCeQl9UUHF0Zk01eERuQjdZMVZFQ1UwSUo4RmtkOVZlOUh0QWZpcGc4TzlnR1VtNlc0c0ExcnpoZ0JHQTEzTVpsek83UTRjUkhRcEExSHZrVkwxeUR5aVhISEJZRCUyRndsQWVobSUyQmlRbyUyRklDa0xzbXVDNjRjdHMyODJJeTFDS2d1RnZMMlNNT1BkNHlsTTlRSG9Ya1U1aTNaT2clM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=gNcWFnxvL2tYTEpXb3RCQ0JSVHlCc0E3ODVFRCtycVRycWtkWk1aaGRVN2RTeldtSjFrakVUK0hoOE96TUtZd1RkRTdtbW16WVk1b0hmbjd5bkw2SlliOEV4ZWtBMzI5RXV1bGlhWldKQ0V2MEtuaVYrV2xSVUVXRVNBbVdRVzBqSkZIbWxlallBVU1nUWpvMkNPZ0hEUWRvNlgybEdza2RTWjJ6NEltdDNBaTIzNEZGTkNzSldTS2N5TmxLTENFU2ZkbTZYWHdIR3dLZG5XeFUxSEZxc3ptdVB4Q3g2b3dUNDFzdGs1QmM5VnlPQmVZaHJhOUdjQnZsSU9RODhRbHRNQ3RXTnF0L2hRdnZkY2pHcEFZcjdFb0Y0Q1N1WSs3NlUvemQ5Qmh1bG5uRStWUT18&cppv=2

Request Chain 1709

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=LKSr3l9UUHF0Zk01eERuQjdZMVZFQ1UwSUo3dUR4Z081WW5wNk5jSkd3V3duJTJGcEpKeTV3MGt5TG5FSU5uTXZuJTJCdWRBdGpvNEhRWGRGSWxENXhSZnQzOFIxV0ZNckRtZ2REQjJVTDdmdHVlUVJVckU2TiUyQm1qbkdMdXdpamd3SEU3JTJGJTJCRVRSOUZVWEVNdHJuayUyRiUyRjFjejZkbWR0USUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=U4gfT3xJcjgxZHEvanFMa3JoQTg4T2RnOW85aWFiNHJzUGtLdjF5VklhQU5uU0o3L0JZRy9Cc1Y3bi9PV0hWWFYxck03VjFIUlZTTy93bytYR0ZYOUhTWjNkU1pYSm9PTW4vUzBuTGttM2VtVUZTTDcxb0VkeXZKNWJNb1VXdnQwcHo5UHhmQmNFMVlYOU9oZkVRVVZjcm9kSVFlZzhnelhiSVhQMjZaWmlaOXNaYTBMS0E4bDRndmJxRjBETTVkODNobnZwczBpNXpwMHhBbmYrRzR5S245ZCtLZ3JqSWZvK1VFL0ZTQk9MZXFkQnRVa3grMzBIamNTbzlJNEVHU0Y2MXdaWmEvOEtIbWQ0TzZzOUdDeDJSTEc2Zjd2QXFrVEhOOGZRK1VFWFBURjV3TT18&cppv=2

Request Chain 1711

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=LKSr3l9UUHF0Zk01eERuQjdZMVZFQ1UwSUo3dUR4Z081WW5wNk5jSkd3V3duJTJGcEpKeTV3MGt5TG5FSU5uTXZuJTJCdWRBdGpvNEhRWGRGSWxENXhSZnQzOFIxV0ZNckRtZ2REQjJVTDdmdHVlUVJVckU2TiUyQm1qbkdMdXdpamd3SEU3JTJGJTJCRVRSOUZVWEVNdHJuayUyRiUyRjFjejZkbWR0USUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=3ijIiXxtQWdvb3JCNHRzaEVmQ3lEQUhVMzE5Qno2SmJMMFA2aFNVYzhYajJrdHpYbTBWdnpHWmJkVEovVmRnVzFMS2tpbHh5bm9UWW14MU11RWR2OTVWRG9kaE43Zi93R245S0hYKzJ1cUYzTTlQVXRFWkJxVHVnVnQzTVlTNWpsRENJMWRhSllBekhCNnd5MGdjR0lvMGtyaitnM0F4WktUS1VlV3RWZVF4bFVoZ3FKejhLUnZVL3IydXhYVTdobnc3a01IOVE0THhjRWtPZmJLZGNnTlV4M3VhcVN6Q29JSy9SR1Y1OUFlMGQyQWowVnNJdlBOaElCemZzMEFiRk4yT2xFWlNUNERRdU5pRFZHdWFzMkRzbENncXVIVUJwQUlwV2Q5MXNZb3dhRDVwVT18&cppv=2

Request Chain 1713

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=LKSr3l9UUHF0Zk01eERuQjdZMVZFQ1UwSUo3dUR4Z081WW5wNk5jSkd3V3duJTJGcEpKeTV3MGt5TG5FSU5uTXZuJTJCdWRBdGpvNEhRWGRGSWxENXhSZnQzOFIxV0ZNckRtZ2REQjJVTDdmdHVlUVJVckU2TiUyQm1qbkdMdXdpamd3SEU3JTJGJTJCRVRSOUZVWEVNdHJuayUyRiUyRjFjejZkbWR0USUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=1uoySnxmTWcvNXRpbkFkaElHZS9TVE9xcE1GSGlUNUdGSjFnNTBmSklma3VtL1pFaHBjcU04WTZzZnFZempaK2xSdVNKRXV5d0VxTVQvdUpwQkE4cDRJYWNnVFNqN0Yrc0VWVGZqZ1kwQkQ2Q2JFc0tMYVlaS0hBejB0R0lCREJCRVovR0RuSStwY3ZMSFYvS2kyUkZrTTNIRXYxZ0JSSEJ4TzdYcTZJRnJDa1JzOTZrc1RBbVdUZXVla1oyc0h2eExSclZnb1grYWt2aUdHM2QxTWoxVGRlK25udVhnVjJLU1p1UEFYeWVpSUZrTmJJWmVUUjh6Qm9mT1kwRDFrYW1wZUw1cFZ6eDZJaE9hVStVN2JhOUVkd08yU3F2ZTEvbzFYSzNHY2w3ZGhSbEFxdz18&cppv=2

Request Chain 1716

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=QQSPFl9UUHF0Zk01eERuQjdZMVZFQ1UwSUoybzNHbWlMeUlOOFY5NUliaXdXbGFQRGYyZG5ZUzBLTHdPTFBOeWVPTlBrUVN6cnZiR0RpZWtzV1dKRmhVT0lpWktSNjZuZ1M0STE4UllISDJ3aklqeTBENyUyRjNjREE3dVdTZFRabG5rZGJDZ3V5Nzh0akxyUDk0YjdhRW0lMkJrVUhRJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=uMTLiXxLWVZKN3Mreld4YmgvdmpzNTJHUURINkVsd0tTTWY2Ri9rMFUzUGQ1eWpTUHFyYlhDWGpDQWkyalpYMWl6R2ZtNW1NTG9tNTlXTWRDTmVqcldXYyttQzFYSlpuNVBpb3dFTmtWVDAxNHRRZEwvT24yUWVuWGFMblo5T0tUcjY2eTRaNVNYL0FpT3U1TEVIclFuWGF0RVlKQ3ErZkZjQWh4U3pxRnFGMVR0Y3FJcEZVaE1IY3pWUWN5dnU2amdxTFgwbGtRM3F3MTM4TmNvem84K3d1b0tJcWREV242T1VueW5FOXpaR0Faa2ErMFJidDhIVDZuMWdiRndRVXJHQXVDc1Vob25ISUl4RlZ5c0VyNDdNeVZMeFJRNGlxcjluc3B1b2JWb0c0U1BuND18&cppv=2

Request Chain 1718

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=QQSPFl9UUHF0Zk01eERuQjdZMVZFQ1UwSUoybzNHbWlMeUlOOFY5NUliaXdXbGFQRGYyZG5ZUzBLTHdPTFBOeWVPTlBrUVN6cnZiR0RpZWtzV1dKRmhVT0lpWktSNjZuZ1M0STE4UllISDJ3aklqeTBENyUyRjNjREE3dVdTZFRabG5rZGJDZ3V5Nzh0akxyUDk0YjdhRW0lMkJrVUhRJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Yr0mUnxTeFp0NCtOZXhvUHk1emUyRmtORjRnWUlYR3RwYUU0RTZxN28rR1dnb2JUc1JYTGwzR0ZXUzNoTE5KUWE0N1BSTnc0RVBXWURZb3FUQWtZMWw3VkQxaDNXQ2t1b0E0OWlSVjFOL3V4aWRaVmZncndIaVVVL21lNUJ4RlJMMmI5ZGNiZ3lwb3lINWRhNEVOQkU5R2w2c1hEZGowb2FvZ2ZtMk5OMlBYcnQxaG5VaUxDMDhZZEpINnBoM1VFaHJ1TDMzVFkyaEZlTXZPVi9OVFJPUTgxdFVER3Y3QWtEaUphRGRMUkx3akhDeWluVzBSdU5ERlhMQjd0RzFuRDZ2SnpGcDhiTUVmMlJoeHpaWXhUcVRMYmFCclFoV0toN2JBaVByRTZKTzMyOVZlTT18&cppv=2

Request Chain 1721

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=QQSPFl9UUHF0Zk01eERuQjdZMVZFQ1UwSUoybzNHbWlMeUlOOFY5NUliaXdXbGFQRGYyZG5ZUzBLTHdPTFBOeWVPTlBrUVN6cnZiR0RpZWtzV1dKRmhVT0lpWktSNjZuZ1M0STE4UllISDJ3aklqeTBENyUyRjNjREE3dVdTZFRabG5rZGJDZ3V5Nzh0akxyUDk0YjdhRW0lMkJrVUhRJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=jrclXnxndXp1L0lXVVhhUUhzQlFRV2xRNlU5ajNlUFh6bEhmTmVPWVFHR2lYZTkrbHFjREVKckp3T2NnR1VZSkt2YXViMDlhb2VLcVVzeENLUUUxV3kxTUpHZFdTNFBuaVZYV2xiUGJpNWZ3NitKbmtXZEtQMnJCU2lKUWtxQVQ3ays4QzkwSDhVV2lPOGtsbWhMTFlHMXZpbDVVUlpRb2VGTlRjUVRlOHVuL2dnNXhjT0RBZG9jd3RFd2x3bnRnaFdEQmJ4dDJFRDNHU1NUNGhCSStlOXF5blJIUlpwZmhEeitFeFlDUk80WEFxL0w0RldLYkFrYUVTMUZqUjZHaXZlWloxZTJiRXFoT0FnNlphUGNKdThuOTVreDdTTUlBd0VDNW5RUDNFb2RrdFNSMD18&cppv=2

Request Chain 1722

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=kuY0_19UUHF0Zk01eERuQjdZMVZFQ1UwSUo3WCUyQnM1S0tEYWhLQ3BBazFwZExFRTN0NzVWUnJWdjRFODVUNSUyRnlRSHNyTEJVcGVWbmJ2VzJTYzZ2dmMycWVYUyUyRmRFM2RQUjhIZ2NjOG5KQXVRblZRMm5NeDNieG9OdEQlMkJjU2FFYXFUaGwlMkJFd1VjSmdkNDh3bmhHY3FuVzFXaVB3JTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=-_B5qHxFaWZrUEErTVdJYi9wM1ZvOHdaa1JLcGx1TzdoNFhYUEY4NGJ2Wk1YbFovTWN0Z1g3bGNlUmdMTHdHRldzSENSSHJUSEZ0K1hsNE4rbkF0RnR5b0dDUW1DTmpBbTRZT0dzdjhuOTFYelVoOGlkbEFiSzFKb2NPY0JYZEVrZFg4bXk5YkorR2JjMUNkMHBaTVluSGh5bXJvTmZWWnFpWHh2UERxU3E5QnhMcEtPMWhlYXBPbTIxV1FMb29jNkZhWXdvNEJHNlhKMmkxWDgzT1BDQU90TWZDT04xL2x0Y2szazFDbzRkK0djaURHQ1ZadkZra2tmdmNaRityeDlvWnBDYVVJdXE3VjJIVHN5QkQ1UGt4aXdvM1RLWjEwbTYzaFhCbzdBQ09XVk9YST18&cppv=2

Request Chain 1724

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=kuY0_19UUHF0Zk01eERuQjdZMVZFQ1UwSUo3WCUyQnM1S0tEYWhLQ3BBazFwZExFRTN0NzVWUnJWdjRFODVUNSUyRnlRSHNyTEJVcGVWbmJ2VzJTYzZ2dmMycWVYUyUyRmRFM2RQUjhIZ2NjOG5KQXVRblZRMm5NeDNieG9OdEQlMkJjU2FFYXFUaGwlMkJFd1VjSmdkNDh3bmhHY3FuVzFXaVB3JTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=zov1YnxwNElobFRFcjAydXpEeFdZUDQrWlRvNWJvdkJ1L25aUTVoaE0zL3VsdzlvTzVEQnd4TXFYazRqVmtlTkxOaWZvVGN6QkQ3d3NlMEgxL0NBMUNkVHhPTktDcFZtYzlCcUlxZ2ZNZVNMSy9Dd3k5dlh5b2xjVTlSVm1GRzltTGNpM1FMeThWWjFpdWtObmFEcnJPditYZ1NHazQwWnNBNkw2M0ZtYjFMVDRBZ1kyVTNiR1VibnlyaWw1NTd4bkcrbmZvUGdDbElZQ0d1MVE1R2V2UEZoMG1xNW85QjExWENKSjdWS3h4Y24yMTliWjRNS3VpZUo3aFJWeWlpOExONWlUMXpBODlxbngzRHZUbHdJUWhjRTYvRTBzMktaSktNdjJaN0VqYjg0cDlLMD18&cppv=2

Request Chain 1726

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=4P4V6l9UUHF0Zk01eERuQjdZMVZFQ1UwSUp4MDFlZ1FtOHM5eDhBalRaemRxTmVRQ0VCcjJSTWdjMkp3JTJCQUpvdjFoaTJVVDVqOFJOQlJVdW5ZYXZSOTk0cVB2Ukh1VkFoRUNSVDVwejVLYjhoNmdBaW5KY0tTaCUyRktsQVFjTUJjMkxLJTJCelFVSnI5eldIaU03em5LeTJyTVklMkZ4dyUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=_KSROHxPTEZmZ0VOYXJUOFFQdWFNV1ZraW9TZ0V2cE5jc0VDakJTd3cxTzZGQjkrODdTZ0VqbHhSLzArRDRNTXB6QTBDVlRYZmp1OHdKY0NtTUhockNxN1VlMWpmdWQydmtNYndHZGZ2RmErM1JheENPM3VpTXYrMnZ0azVLRGNVK1ZyUzBWTnpoeHVScTRXU3MxdHlnVHFaSGI3MXc0OUhnV2NyMU1uQjBqdWdCNnhNMHMxVzlBbTdhTzk0Nk1pMTl5Z0lKWlRTNEZjcjIxZ1owNkx2N05IQVBCZnNuaHNmSjVpODZWM3dWMmE4N2FUVWlFYWEyMnFXMThjeG9pdzlUdHhHL1U1M0JPQmpvdFQraEdCV1doQk9ITDFEa3Bjb0FueEw5NkNGMlk3d0FoQT18&cppv=2

Request Chain 1728

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=pEHyA19UUHF0Zk01eERuQjdZMVZFQ1UwSUo3TVRJVE5rbTkxNWxBQWg0JTJCSHVmUXI2VyUyQm53MlhaRk11ZlJaNDZ6bENmR2d3TmdtQTFSeGxuWDQySmN2bHRiMnNJQXJlb3VzZDVIU1pBb1VzS2VZM3R0NG1ZJTJGTUhCeXFqYjE2Z04xJTJGOFZFZVNoWlowUTQ2QTZ2aXM4VFdDckxmQSUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ChoLnHxuOWY3OGltVTUyaDVQSEt4WjJieHRablFINkt5TmlJenp2R0FqOTlxY0dKTVpTUkdhcnBORzFSK3cyK0RMK3NmWXQ3bGdvT2V0V2hRTGh3UUoxR3Y4cmNmb2l4QXNsZVNYZk8rbTFQK05PcXgxMFIzUDdnQjZPd21mY1p5Y0FaYkJSNlR3OTJtTGNpT1RJRzNkVm00S3Yyc1B0SVdMSG5NcmNKbnplZ3ZSZkR3cUZXaG5WaHRaOTFPTVlydEQyT0d2WVF6QWRLOWZhUmNGc2ZCby9Td3BLbzBjbUdWZTFpZ1RZZUVaTVBDZlFSQjIxaFladnhFTitLa042M2U2S3ZoMjhUckt1UERidThVaHNJKzFzQXJobmdQT29GdG5rRStTTnhsMHRZTE5RMD18&cppv=2

Request Chain 1729

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=pEHyA19UUHF0Zk01eERuQjdZMVZFQ1UwSUo3TVRJVE5rbTkxNWxBQWg0JTJCSHVmUXI2VyUyQm53MlhaRk11ZlJaNDZ6bENmR2d3TmdtQTFSeGxuWDQySmN2bHRiMnNJQXJlb3VzZDVIU1pBb1VzS2VZM3R0NG1ZJTJGTUhCeXFqYjE2Z04xJTJGOFZFZVNoWlowUTQ2QTZ2aXM4VFdDckxmQSUzRCUzRA&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=lLFiwXxYRHNoYU5laWJaVE9TZXZ6YW96VWV5WFh6U3VaNS9sS1o2K0NrZWw4cEQxd0RIM1lqcE9QK1d0SWh3WUlvU0MzUGRWWkhRWVFKTzg1NkRQVVR6QXA5TzA3MkNUZklHZ0NkOGtuTmhRT2RVTTlUR3FrS1JjUUdmeStXeUhwQU02OERCbS9FU0N6VWpEQWx5ZkNySGh2b29tUXM1T0d3RjdTT3B4T080QXVkc1pHMXZaVzB1bk5paWVwM3VTYlZsQXg2WVhuVzNacDViNEhjQ1JZWmZ1Z2x2YUMvM0VFWFNmUURUYmhTVHJFRUE4aENreFFVMUVLVldzaWdlT3RsMVNQS3pkOGc3WG5Xc3lXMFJ5VU1PL0lzT0FFcmtvOGFGYmtZZGdnS0owVGlRST18&cppv=2

Request Chain 1730

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=OdtSdl9UUHF0Zk01eERuQjdZMVZFQ1UwSUo4MEI2Z3IyV21ZRFRkTUZGQXBzUDlua0J2TVJFN1VXdGM3Z0JRNEhUOXhEbHhJdlRqWUdMTEVMaUUyVVQ4cEx4MW94bkgwT0pyaG9LUHJ6Qzc3RkxCQWFJWVF2T0Q0SmFtdTR2RUxUWHAlMkJNRnBNcUI4aWVkRHEyJTJCN3RnNGdxMmRRJTNEJTNE&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=9rME-HxQSUYwdW9WS2U3MHE5Y1dGMytkSWtxUlFIOWJ4b1JnWVZ2NGlXMVJRUTJYVUh0aG1ST2pxdHBvcEthWWdrOXQxRUt5OE1HQzJiK2FPdTVzYVJ0VEtyU1QzUGQzcnU1dUg1SlNrU2huS1MvNTNTaU04M1AyN04wM2tJQkFrWVRxTUlnZ05aTUVBZTdDbWtuZTBJTmczR2Nhd1lOeVlDNEJmNVE5Z3U5WjdPQjB2S3pKU05HV2x6c1pzazVYUE84b00wdnByNXBmeE5qZVp2L2VCVzhVeU85bU9OQTM1aXluenpxVzB2OXBDak96eTlYbjJDY1RqbkkvMFdmcW5MRm1uR3VXRmtxd3ZRWVBMZldRQmo2Q0R1UEx0d0wwM3hwZzlSQ3JxMzNiOG0wQT18&cppv=2

1688 HTTP transactions
45 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

safe2.php
earnme.club/
Redirect Chain

https://tnlink.in/v3nahJc
https://link.tnlink.in/v3nahJc
http://earnme.club/safe2.php?link=v3nahJc

665 B
704 B

73ms
13ms

Document
text/html

157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: HTTP/1.1
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 439
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:17 GMT
Vary: Accept-Encoding

Redirect headers

cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 683
content-type: text/html
date: Sun, 04 Sep 2022 14:21:16 GMT
location: http://earnme.club/safe2.php?link=v3nahJc

GET
H2 200 url
www.google.com/ 954 B
1 KB 80ms
43ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&source=web&rct=j&url=https://earnme.club/zero-8i-from-infinix/&ved=2ahUKEwinyYX0v5X2AhW2yYsBHcAmD-I4MhAWegQIGRAB&usg=AOvVaw1N9mUF8GZmkp3HhOJmlhDy

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 480
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 14:21:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H2 200 Primary Request / Show response
earnme.club/zero-8i-from-infinix/ 70 KB
18 KB 84ms
57ms Document
text/html 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/zero-8i-from-infinix/
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://earnme.club/zero-8i-from-infinix/&ved=2ahUKEwinyYX0v5X2AhW2yYsBHcAmD-I4MhAWegQIGRAB&usg=AOvVaw1N9mUF8GZmkp3HhOJmlhDy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: ab5aacb15f7643c6a017ed7562252f4066194b17f312c0673d228faaaecbe44b

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 14:21:17 GMT
link: <https://earnme.club/wp-json/>; rel="https://api.w.org/" <https://earnme.club/wp-json/wp/v2/posts/27>; rel="alternate"; type="application/json" <https://earnme.club/?p=27>; rel=shortlink
vary: Accept-Encoding
x-pingback: https://earnme.club/xmlrpc.php

GET
H2 200 wp-emoji-release.min.js Show response
earnme.club/wp-includes/js/ 22 KB
6 KB 15ms
15ms Script
application/javascript 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: f1143f1f599ebd68106d21c1f9068dc92a6b5ef352cb350698785374f8ce22c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zero-8i-from-infinix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5918
expires: Sun, 11 Sep 2022 14:21:17 GMT

GET
H2 200 style.min.css
earnme.club/wp-includes/css/dist/block-library/ 87 KB
11 KB 30ms
30ms Stylesheet
text/css 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zero-8i-from-infinix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: br
last-modified: Wed, 13 Jul 2022 02:57:39 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10946
expires: Sun, 11 Sep 2022 14:21:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 56ms
20ms Stylesheet
text/css 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

961d69dd0e8a2f52ae99473f60e510978dd3c6cda2365e665977afc10c975492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 12:50:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 14:21:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 14:21:17 GMT

GET
H2 200 style.css
earnme.club/wp-content/themes/mh-magazine-lite/ 45 KB
9 KB 30ms
29ms Stylesheet
text/css 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-content/themes/mh-magazine-lite/style.css?ver=2.9.2
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: b67fe64923a586061ca8b4ee5086f981d05f483f4a1bd87f6ccecb8570f8dffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zero-8i-from-infinix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: br
last-modified: Sun, 26 Jun 2022 02:57:58 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8842
expires: Sun, 11 Sep 2022 14:21:17 GMT

GET
H2 200 font-awesome.min.css
earnme.club/wp-content/themes/mh-magazine-lite/includes/ 30 KB
7 KB 30ms
30ms Stylesheet
text/css 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zero-8i-from-infinix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: br
last-modified: Sun, 26 Jun 2022 02:57:58 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6658
expires: Sun, 11 Sep 2022 14:21:17 GMT

GET
H2 200 jquery.min.js Show response
earnme.club/wp-includes/js/jquery/ 91 KB
31 KB 31ms
30ms Script
application/javascript 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: b2b2642c0bdba2196a847323b443f3f01751a4258ca62dca29dd9a37fc50267f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zero-8i-from-infinix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 31593
expires: Sun, 11 Sep 2022 14:21:17 GMT

GET
H2 200 jquery-migrate.min.js Show response
earnme.club/wp-includes/js/jquery/ 15 KB
5 KB 49ms
49ms Script
application/javascript 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 6a38e3d7419dba4aa6a97c4f2da1b393ecf486ab18ae55ad252c49922dddb5f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zero-8i-from-infinix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5300
expires: Sun, 11 Sep 2022 14:21:17 GMT

GET
H2 200 scripts.js Show response
earnme.club/wp-content/themes/mh-magazine-lite/js/ 40 KB
12 KB 50ms
49ms Script
application/javascript 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 89013866b8ebfdf82160764b685d3348dbc619e7342d161756f8153252ac3ae8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zero-8i-from-infinix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: br
last-modified: Sun, 26 Jun 2022 02:57:58 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12569
expires: Sun, 11 Sep 2022 14:21:17 GMT

GET
H2 200 aaw.emc.js Show response
cdn.adapex.io/hb/ 500 KB
143 KB 65ms
35ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adapex.io/hb/aaw.emc.js
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1421e72aa04580502fe9938be0b6be58be485ae895a3563bcf6f5a2536e326b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33221
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 30 Aug 2022 05:01:55 GMT
server: cloudflare
etag: W/"630d99c3-7d1e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8nu3V5%2FEw%2F0efQYyfzi61wLzG0APUGbtsEAw50AYjg0gEy9kBQ6O2m3vhvqwn5WWTdrt5De%2FdXysdJMi4rq%2BwaR%2B9425%2BE%2FtYCiRyiDQIqst8PKHT2hnhgdcnsiC6AC%2FuJYeHT%2Br3IW%2B22N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-ray: 74575ee7bda19bbc-FRA
expires: Mon, 05 Sep 2022 05:03:30 GMT

GET
H2 200 adsstarbid.css
htlbid.com/v3/earnme.club/ 0
348 B 205ms
135ms Stylesheet
text/css 13.32.27.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/earnme.club/adsstarbid.css
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
last-modified: Mon, 13 Jun 2022 06:46:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=600
accept-ranges: bytes
content-length: 0
x-amz-cf-id: BdWlAu30BfSJGuRbQNGe5pVE5q54IGITbLDCuVy4Z6wOIyYMMmzQgg==

GET
H2 200 adsstarbid.js Show response
htlbid.com/v3/earnme.club/ 304 KB
82 KB 413ms
413ms Script
application/javascript 13.32.27.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/earnme.club/adsstarbid.js
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5412fd0ad071050bf43ac5a91295c6220d2123177c9689708c78281e1f018f21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
last-modified: Mon, 13 Jun 2022 06:46:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
etag: W/"9647c5c1a666ba0a22e8023ae37727b7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
cache-control: max-age=600
x-amz-cf-id: jCRYmWaoJUdWfGgttvqx7UeC9CuTl5YtLOe4XbsPa9-AZRe7GGTynQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 103ms
41ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d162942e00d8e9beb4aad8a89aa7cd40336e4c5875d4cce97d4cf4bfd883db21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28557
x-xss-protection: 0
server: sffe
etag: "1323 / 446 of 1000 / last-modified: 1662156382"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 04 Sep 2022 14:21:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
73 KB 67ms
31ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

430686436041ca4751355318414690e3c7a42e79dc0136c2ea1af10df86740ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73819
x-xss-protection: 0
expires: Sun, 04 Sep 2022 14:21:17 GMT

GET
H/1.1 200
OK spt Show response
tg1.playstream.media/api/adserver/ 27 KB
7 KB 258ms
130ms Script
text/javascript 2a02:26f0:f700:4::212:4f0d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4::212:4f0d Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3c12fe8a2233d0ecfd991358b04cf3045935d06eba9ccef85c014980308697ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:17 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type: text/javascript
Cache-Control: max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length: 6873
Expires: Sun, 04 Sep 2022 14:26:17 GMT

GET
H2 200 comment-reply.min.js Show response
earnme.club/wp-includes/js/ 7 KB
3 KB 50ms
50ms Script
application/javascript 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-includes/js/comment-reply.min.js?ver=6.0.2
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: f56b17285faca3467dfa08b636bf34f8e5cf58a008b456b7ebf3bd4b037ad750

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/zero-8i-from-infinix/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: br
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2525
expires: Sun, 11 Sep 2022 14:21:17 GMT

POST
H/1.1 200
OK / Show response
cat.hbwrapper.com/ 15 B
256 B 313ms
94ms XHR
text/html 192.241.157.60
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cat.hbwrapper.com/
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: capture.analytics.hbwrapper
Software: Apache /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://earnme.club
Date: Sun, 04 Sep 2022 14:21:17 GMT
Access-Control-Allow-Credentials: true
Server: Apache
Connection: close
Content-Length: 15
Content-Type: text/html; charset=UTF-8

GET
H2 200 trace Show response
cloudflare.com/cdn-cgi/ 309 B
450 B 40ms
14ms XHR
text/plain 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflare.com/cdn-cgi/trace

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbe0410e9d8a9ebd491893b7d67349cd142bc752be8f09fa2942875e396715fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 74575ee84c4c909a-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 166 KB
43 KB 98ms
21ms Script
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 04 Sep 2022 13:35:07 GMT
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront), 1.1 c88540a8a2d41c2f38fed4cab35cb4f0.cloudfront.net (CloudFront)
last-modified: Thu, 01 Sep 2022 20:50:54 GMT
server: AmazonS3
age: 2771
etag: W/"d9d3c87337955401df6a2e4474e61700"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, VIE50-P1
content-encoding: gzip
x-amz-cf-id: zW_JFCsr64jL9jX4m8DK-PlspjhpQUZaN5mHc2xblV0xg5kVr8m-1g==

GET
H2 200 tag.js Show response
a.teads.tv/analytics/ 19 KB
5 KB 67ms
8ms Script
text/javascript 23.35.229.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/analytics/tag.js
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d9de14770fcd48eb127eefe75a2eca6167f8f380b6308a113125eb5645169b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: FAPL_wTzO6B92asTZLcsQA5j4jAsD17M
content-encoding: br
last-modified: Thu, 01 Sep 2022 14:20:42 GMT
x-amz-request-id: RYWCQJA90NMFGVJX
etag: "b1ef884d17656ee9761c3eac58efad1b"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, max-age=3600
date: Sun, 04 Sep 2022 14:21:17 GMT
accept-ranges: bytes
content-length: 4878
x-amz-id-2: b62FUoWfN/WlelzsFAXs/XrH3RH+s3enKC+nsQiZlosnljNOiCRq1UD9lRXjkvDZK67mZ9/LOIU=

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 60ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://earnme.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 502253
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 18:50:24 GMT

GET
H2 200 t.js Show response
flashnetic.com/ 52 KB
15 KB 65ms
10ms Script
application/javascript 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=4955811662301277528
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f956b62c91583dd5c50d53011a10d365d6d439cad546e62ff93d51bb5dbf9df6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: IDIun4MnSvyw3bwvcOmDjtggUGfg5UGf
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 08:55:05 GMT
server: AmazonS3
age: 50333
etag: W/"914bb3d60941b0ef68b8dd009b705a99"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
date: Sun, 04 Sep 2022 00:22:25 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 30VQnRI7y73uZygTI8rdkcl9yjYH0mSUXcb5B_jcEsudxaHjxtPSRg==

GET
H2 200 fontawesome-webfont.woff2
earnme.club/wp-content/themes/mh-magazine-lite/fonts/ 75 KB
75 KB 11ms
11ms Font
font/woff2 157.90.71.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://earnme.club/wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: earnme.club
URL: https://earnme.club/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.90.71.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.190.71.90.157.clients.your-server.de
Software: /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://earnme.club/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Origin: https://earnme.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
cache-control: public, max-age=604800
last-modified: Sun, 26 Jun 2022 02:57:58 GMT
accept-ranges: bytes
content-type: font/woff2
content-length: 77160
expires: Sun, 11 Sep 2022 14:21:17 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ 31 KB
31 KB 56ms
34ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://earnme.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 18:53:22 GMT
x-content-type-options: nosniff
age: 502075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31320
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 18:53:22 GMT

GET
H2 200 t.js Show response
flashnetic.com/ 52 KB
15 KB 52ms
12ms Script
application/javascript 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3633361662301277542
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f956b62c91583dd5c50d53011a10d365d6d439cad546e62ff93d51bb5dbf9df6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: IDIun4MnSvyw3bwvcOmDjtggUGfg5UGf
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 08:55:05 GMT
server: AmazonS3
age: 50333
etag: W/"914bb3d60941b0ef68b8dd009b705a99"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
date: Sun, 04 Sep 2022 00:22:25 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 8x_utAXcdsmDSO2yPGaT_SgWvn0IiR19rjUP69f5Mh-TTOtmD3n6tw==

GET
H/1.1 200
OK fpc Show response
at.teads.tv/ 0
334 B 82ms
36ms XHR
text/plain 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=c96eb76&
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:17 GMT
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Sun, 04 Sep 2022 14:21:17 GMT

GET
H2 200 t.js Show response
flashnetic.com/ 52 KB
15 KB 54ms
17ms Script
application/javascript 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=1039101662301277546
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f956b62c91583dd5c50d53011a10d365d6d439cad546e62ff93d51bb5dbf9df6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: IDIun4MnSvyw3bwvcOmDjtggUGfg5UGf
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 08:55:05 GMT
server: AmazonS3
age: 50333
etag: W/"914bb3d60941b0ef68b8dd009b705a99"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
date: Sun, 04 Sep 2022 00:22:25 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: XLaXIl11iRKWL1K3D7TOIKTAT8U_6dHYjcHkBfBQQSI0cakvWTPyuw==

GET
H2 200 a691551fbc5b6d1467740a0dd337c3fb
secure.gravatar.com/avatar/ 1 KB
2 KB 37ms
7ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/a691551fbc5b6d1467740a0dd337c3fb?s=80&d=mm&r=g
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 04 Sep 2022 14:21:17 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="a691551fbc5b6d1467740a0dd337c3fb.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/a691551fbc5b6d1467740a0dd337c3fb?s=80&d=mm&r=g>; rel="canonical"
content-length: 1323
expires: Sun, 04 Sep 2022 14:26:17 GMT

GET
H2 200 1b2daba8dacc4f9d190e646138ec84bb
secure.gravatar.com/avatar/ 1 KB
1 KB 37ms
7ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/1b2daba8dacc4f9d190e646138ec84bb?s=80&d=mm&r=g
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Sun, 04 Sep 2022 14:21:17 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="1b2daba8dacc4f9d190e646138ec84bb.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/1b2daba8dacc4f9d190e646138ec84bb?s=80&d=mm&r=g>; rel="canonical"
content-length: 1323
expires: Sun, 04 Sep 2022 14:26:17 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 2 KB
2 KB 37ms
36ms XHR
application/json 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fearnme.club&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: Server /
Resource Hash: dac43e8e6be50c7198edeeab728182a92cc02c46c1ac421e4c314a87caf1a732

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 10:46:55 GMT
via: 1.1 c88540a8a2d41c2f38fed4cab35cb4f0.cloudfront.net (CloudFront)
server: Server
age: 12862
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://earnme.club
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: VIE50-P1
content-length: 1755
x-amz-cf-id: SpK_yn9pTvVLl_Z4wpo-oPhbMuXnBEDhzXObQfrIStiph2WljiMYUw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 63ms
19ms XHR
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: tKimXuvhjexkvOlm5D.ynBWfUtiJgbbH
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 68964
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 24 Aug 2022 19:06:24 GMT
server: AmazonS3
date: Sat, 03 Sep 2022 19:11:54 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: VIE50-P1
x-amz-cf-id: 1Wvnc0m6fAYYjAmkj_7yVNwrBOud4C46kVynHtwSTgdGW9awh2LD0g==

GET
H2 200 pubads_impl_2022083001.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
129 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131975
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 08:35:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Sep 2023 14:09:07 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 507 B
223 B 80ms
48ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d99cdf31736850b9bccf74d72829f0b2520ee71733345c2b56f2b69c15a429a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0
expires: Sun, 04 Sep 2022 14:21:17 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 120ms
16ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 04 Sep 2022 14:21:17 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 115ms
11ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 04 Sep 2022 14:21:17 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 114ms
10ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 04 Sep 2022 14:21:17 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 112ms
10ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 04 Sep 2022 14:21:17 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 113ms
11ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 04 Sep 2022 14:21:17 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 113ms
11ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 04 Sep 2022 14:21:17 GMT
server: ATS/9.1.10.25

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 75ms
75ms XHR
text/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=kv2HCA7b7hj2n&cb=0&ws=1600x1200&v=22.8.252032&t=2000&slots=%5B%7B%22sd%22%3A%225d9f4ea8-d6f3-4c4d-a13a-a56c806f8a0b%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_1%22%7D%2C%7B%22sd%22%3A%225707503e-2e5f-453b-8041-d7f1836e0b84%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_2%22%7D%2C%7B%22sd%22%3A%22f547d6a2-137e-45e1-b7fe-337df957c177%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_3%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.23.213 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-23-213.vie50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
via: 1.1 c88540a8a2d41c2f38fed4cab35cb4f0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-P1
x-amz-rid: VTCGV2WM9BJKKKHVNXZD
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: YnYo3GaUSusrSrTjcVsBBQehOqYxPDgAK3kKE_KupzAgUuuyves60w==

POST
H/1.1 200
OK auction Show response
prebid.adnxs.com/pbs/v1/openrtb2/ 8 KB
6 KB 250ms
188ms XHR
application/json 185.89.208.11
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.89.208.11 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: prebid.ams3.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: fa99a3bb59d8c6162990d462563edcc49135fd6484c7a4781bc0e44c3894f720

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:17 GMT
Content-Encoding: gzip
Server: nginx/1.21.3
X-Prebid: pbs-go/0.224.0
Vary: Accept-Encoding, Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
359 B 69ms
22ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://earnme.club
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
167 B 56ms
15ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Sun, 04 Sep 2022 14:21:17 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://earnme.club
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 361 B
1 KB 84ms
16ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

17bffe616d8a1e024f86111d240eee3ad8d03076f543e82e1b552704c8f30e86

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:17 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: a33582ba-cb52-4153-be45-ab0c2eadefe6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 361
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
563 B 120ms
84ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=773924&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2251d55a7fccf0658%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.google.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F%22%2C%22domain%22%3A%22earnme.club%22%2C%22publisher%22%3A%7B%22domain%22%3A%22earnme.club%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%227.10.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F%22%2C%22tmax%22%3A3000%2C%22syncsPerBidder%22%3A5%2C%22fpd%22%3Atrue%2C%22pbadslot%22%3A%22%2F22181265%2Femc_300v_3%22%2C%22adunitcode%22%3A%22f547d6a2-137e-45e1-b7fe-337df957c177%22%2C%22divId%22%3A%22f547d6a2-137e-45e1-b7fe-337df957c177%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225218251852fa375%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22773924%22%2C%22sid%22%3A%22970x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22773924%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Femc_300v_1%22%2C%22gpid%22%3A%22%2F22181265%2Femc_300v_1%235d9f4ea8-d6f3-4c4d-a13a-a56c806f8a0b%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%22544ab5779a475d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22775312%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22775312%22%2C%22sid%22%3A%22336x280%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Femc_300v_2%22%2C%22gpid%22%3A%22%2F22181265%2Femc_300v_2%235707503e-2e5f-453b-8041-d7f1836e0b84%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%2C%7B%22id%22%3A%2256d76d7b4043814%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22775313%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22775313%22%2C%22sid%22%3A%22336x280%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22181265%2Femc_300v_3%22%2C%22gpid%22%3A%22%2F22181265%2Femc_300v_3%23f547d6a2-137e-45e1-b7fe-337df957c177%22%7D%2C%22bidfloor%22%3A0.01%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adapex.io%22%2C%22sid%22%3A%22s1602%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223ea0b54f-932e-46fe-84f8-6ca895f8fe89%22%7D%5D%7D%5D%7D%7D
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7f1af03fd77b83111dbb2d4cd94e3479037fec5f249d1bcaa1185b63c92d97b

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zO3A3Dbq3XFnMciad0vNrmuQ50v1BHNmzOm6MxBt%2BZpz7CQAMSzjXxI3TgFHiiSBkWMjF1LsgBqtkJPtxvA%2BNyr4f6hj3fptmVymIb%2FMAjtiorSQh%2BoYKUkGxJ1DRiGs8PYesKW3"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://earnme.club
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 74575ee9bdfd6940-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 arj Show response
digikulture-d.openx.net/w/1.0/ 73 B
375 B 96ms
25ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://digikulture-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=279c2177-cd9d-4918-91ac-e6f3128200d3%2C54f4b43e-34c7-4f70-b898-4925a38ff150%2Ce3e6328e-8087-49cf-bed2-f56f87111956&nocache=1662301277675&pubcid=3ea0b54f-932e-46fe-84f8-6ca895f8fe89&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&aus=970x90%2C728x90%7C300x250%2C336x280%7C300x250%2C336x280&divids=5d9f4ea8-d6f3-4c4d-a13a-a56c806f8a0b%2C5707503e-2e5f-453b-8041-d7f1836e0b84%2Cf547d6a2-137e-45e1-b7fe-337df957c177&aucs=%252F22181265%252Femc_300v_1%2C%252F22181265%252Femc_300v_2%2C%252F22181265%252Femc_300v_3&auid=556580797%2C556580798%2C556580799&aumfs=10%2C10%2C10
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: f693ff6e729b3968f4fb770167d50f30cfe5f4f893bda5b288e9405b5093a181

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://earnme.club
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
237 B 167ms
87ms XHR
application/json 35.156.8.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.8.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-8-160.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6caeac58650e614eedd1331cd86eed2ec9e3341e4b6b8b46660c069c93d5d608

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Sun, 04 Sep 2022 14:21:17 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
content-length: 49
content-type: application/json

POST /
prebid.smilewanted.com/ 0
0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
885 B 204ms
155ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e154cb118d2cbe6b220f545fd23983979ee732484e21ee61fafb31e3bc0643c0

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 78ms
65ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 074c0274ebca8c0e9e0104ad11ea2038c0cb1a30ec9ba9ad6da0d511153c7e1f

Request headers

Referer: https://earnme.club/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 76ms
60ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 28e8096b890e49b4e5e638e51800745fe7de489aa19474d51a4749dac1837167

Request headers

Referer: https://earnme.club/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 83ms
66ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 0a279d2716140e9d451e17c1eb85e9dd5822cb847079963eb4442a69e7bc684a

Request headers

Referer: https://earnme.club/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
294 B 74ms
57ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 2a57e3e70f456b1c1828f5acb6e8226fd3ad04ba2e294d59f54e407f3253a270

Request headers

Referer: https://earnme.club/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 83ms
66ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: c122bf16f9de05d15fa26e56ff7155276c61e15dbef505c6d4c885927205c5ac

Request headers

Referer: https://earnme.club/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-length: 66

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
96 B 77ms
61ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 755da2e15ee6c129e5cdc49ca4fbeba9577dbd04080e81d52ea8070aab706824

Request headers

Referer: https://earnme.club/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-length: 66

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 442 B
1 KB 120ms
44ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294686&size_id=2&alt_size_ids=55&p_pos=atf&rp_schain=1.0,1!adapex.io,s1602,1,40bacd6c-0264-4508-b452-7243dfd78cfe,,&eid_pubcid.org=3ea0b54f-932e-46fe-84f8-6ca895f8fe89%5E1&rf=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_1&tg_i.gpid=%2F22181265%2Femc_300v_1&tk_flint=pbjs_lite_v7.10.0&x_source.tid=279c2177-cd9d-4918-91ac-e6f3128200d3&l_pb_bid_id=855e42400efeae4&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.15626474171496674
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e48c13ee0c78a3b3b63beef462793be55ea25c0d85a214298b58b2a2a9171c9e

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:17 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 442
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 443 B
1 KB 133ms
58ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294692&size_id=15&alt_size_ids=16&p_pos=atf&rp_schain=1.0,1!adapex.io,s1602,1,40bacd6c-0264-4508-b452-7243dfd78cfe,,&eid_pubcid.org=3ea0b54f-932e-46fe-84f8-6ca895f8fe89%5E1&rf=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_2&tg_i.gpid=%2F22181265%2Femc_300v_2&tk_flint=pbjs_lite_v7.10.0&x_source.tid=54f4b43e-34c7-4f70-b898-4925a38ff150&l_pb_bid_id=865168726c2ca7a&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.9864008447530677
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 53f37a2953106459fce99aff159c5e95b5433d63fbb976960c585d272960e2cd

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:17 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 443
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 443 B
1 KB 160ms
82ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294696&size_id=15&alt_size_ids=16&p_pos=btf&rp_schain=1.0,1!adapex.io,s1602,1,40bacd6c-0264-4508-b452-7243dfd78cfe,,&eid_pubcid.org=3ea0b54f-932e-46fe-84f8-6ca895f8fe89%5E1&rf=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_3&tg_i.gpid=%2F22181265%2Femc_300v_3&tk_flint=pbjs_lite_v7.10.0&x_source.tid=e3e6328e-8087-49cf-bed2-f56f87111956&l_pb_bid_id=87d0ff47bfaae4b&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&slots=1&rand=0.6666757455952552
Requested by: Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.emc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8fd2d8c35411ccc150c9cb5fa7b57bdeb88b318b0a6e5835b9041edfd7fbf087

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:17 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 443
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 ao0y4krv21gsuol1v4o82.json Show response
flashnetic.com/c/ 1 KB
2 KB 26ms
8ms Fetch
application/octet-stream 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/c/ao0y4krv21gsuol1v4o82.json
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=4955811662301277528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 853301ff4184ec094ac37c2f661f4c97036efb0b691640d86fe62cf76a06ede4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: bwlWRCe6Q3.5SQahN6RMIRYB_XadTtHR
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
etag: "463137f3b78d2d60b1578b0b43b4726c"
age: 38029
x-cache: Hit from cloudfront
content-length: 1451
last-modified: Fri, 22 Jul 2022 12:08:56 GMT
server: AmazonS3
date: Sun, 04 Sep 2022 03:47:59 GMT
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 4kv5BQw2v0ceql6tItGi87Canoh7-rWSeFmTwe-4_QTxF5EWblJQyg==

GET
H2 200 tvdi2ru09cf0ymc0mwei9.json Show response
flashnetic.com/c/ 1 KB
2 KB 25ms
9ms Fetch
application/octet-stream 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/c/tvdi2ru09cf0ymc0mwei9.json
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3633361662301277542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb8b60b144ca4d9a6e4ba7f33d0b726192b7ca2970dbb2b0c5c3deac8ef027d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: CRY8rHhiY3KLcijrqpaYdVNqx7CcWa7a
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
etag: "e083c2ac23044aea7f9d96f55cf4f9d7"
age: 15685
x-cache: Hit from cloudfront
content-length: 1455
last-modified: Fri, 05 Aug 2022 10:50:38 GMT
server: AmazonS3
date: Sun, 04 Sep 2022 09:59:53 GMT
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: ChVyKL8HozvyU7LxBIPL6jY9HUYTpY2svwmwbNlozEI6saBiHL5ugw==

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
36 KB 59ms
8ms Script
application/x-javascript 99.86.4.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-86.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding: br
etag: W/"148e21f812b555a13b2a9c6b616141f4"
age: 36639
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 58acf9e97c03c481f490be71338f7f57
last-modified: Tue, 17 May 2022 11:35:33 GMT
server: AmazonS3
date: Sun, 04 Sep 2022 07:20:26 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA6-C1
content-type: application/x-javascript
x-amz-cf-id: tQDKuDvAUqMuhQ0kNgWfROccflRe7FhWq9BSuwAfE4eKIWg_RwiX9A==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 54 KB
11 KB 54ms
15ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=405
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0c9bdb145b0b53faf94370bde14632e6cb5afe49b489485c5843cb47e6d34ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7034
x-amz-request-id: BSPKP3FZQ84N0AXA
x-amz-id-2: EOleUutVP+S0P4xw6nqLJ6/SO56/N+8CGWkUQ/6dLGqwa6MIwd44tVoxdRgx27FjY/4Knr7LhHc=
last-modified: Thu, 01 Sep 2022 16:23:00 GMT
server: cloudflare
etag: W/"256cf8374d796a9492329749463dd1e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59pz7o1cIR1d4lPaR%2FdD%2Fo1gujquxGs3WQ4ofjGKMRlUqfJZH0L5NbBvlddDp7Dhi1bYI83G%2BCDC%2Frv4qwFsTWvjvq9%2FHDVinUnmupNxYA2mpzABlgqYxxJFpS8l1tCd%2Bm%2FrMFYX27mXFOgpIEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 74575ee9ec219066-FRA
cf-bgj: minify

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 48 KB
14 KB 52ms
24ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 31 Aug 2022 11:00:45 GMT
server: cloudflare
age: 1518
etag: W/"b17c28d6fd88a6b12feea5c52e9a7485"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 74575ee9db6e9299-FRA
x-amz-request-id: QDJ9R5CVV2749CKB
x-amz-id-2: uVNmhB5CKjvW2kk6nRvAAf2zFKzUZJGA7DDEuDmwhdWc2UFdhoWIxBcT17B4tBgSKZtq5vmjCwU=

POST
H2 204 collect
region1.google-analytics.com/g/ 0
344 B 87ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LY1N2M6E7Y&gtm=2oe8v0&_p=1134922891&cid=937080875.1662301278&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662301277&sct=1&seg=0&dl=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=Zero%208i%20from%20Infinix%20%E2%80%93%20Tech%20One&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uv85s8wiydoa62b7a5wma.json Show response
flashnetic.com/c/ 1 KB
2 KB 9ms
8ms Fetch
application/octet-stream 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/c/uv85s8wiydoa62b7a5wma.json
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=1039101662301277546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1189e840cf15b6d9c35689554948a7455767181e755dfc538c4912efc768eaa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: aEhsT0GDGpPi9mViV7aXWQrJZi1cK5aU
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
etag: "2621ab8c7a0251b8f0351db2f020cc63"
age: 49512
x-cache: Hit from cloudfront
content-length: 1455
last-modified: Fri, 05 Aug 2022 10:50:57 GMT
server: AmazonS3
date: Sun, 04 Sep 2022 00:38:27 GMT
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: eJfITuOp4WF6G6DMmcyVg2xvianvZf6nlSgItVMRm2VDZzlSpmaBfA==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 154ms
24ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 86ms
25ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 556 KB
140 KB 974ms
974ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3900837087679291&correlator=3415737159647037&eid=31068498%2C31068928%2C31067358%2C31068367&output=ldjh&gdfp_req=1&vrg=2022083001&ptt=17&impl=fifs&iu_parts=21735448363%3A22367406785%2Cearnme.club&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=320x50%7C970x250%7C970x90%2C320x50%7C336x280%7C300x250%7C250x250%7C200x200%2C320x50%7C336x280%7C300x250%7C250x250%7C200x200%2C320x50%7C336x280%7C300x250%7C250x250%7C200x200%2C320x50%7C336x280%7C300x250%7C250x250%7C200x200%2C1x1%2C1x1&fluid=height%2Cheight%2Cheight%2Cheight%2Cheight%2C0%2C0&ifi=1&adks=2564538650%2C174271564%2C174271567%2C174271566%2C174271561%2C3490001028%2C3490001051&sfv=1-0-38&ists=3&fas=0%2C0%2C0%2C0%2C0%2C1%2C8&fsapi=false&eri=4&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D300%26wrap_l%3D300%26ccp%3Dunknown%26sesdepth%3D1&sc=1&cookie_enabled=1&cdm=earnme.club&abxe=1&dt=1662301277829&dlt=1662301277279&idt=466&adxs=-9%2C632%2C456%2C989%2C632%2C-9%2C-9&adys=-9%2C178%2C350%2C343%2C4395%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C0%7C1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fearnme.club%2F&loc=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=0x-1%7C1080x0%7C678x0%7C326x0%7C1600x0%7C0x-1%7C0x-1&msz=0x-1%7C1080x0%7C678x0%7C326x0%7C1600x0%7C0x-1%7C0x-1&fws=2%2C0%2C4%2C4%2C0%2C2%2C2&ohw=0%2C0%2C678%2C326%2C0%2C0%2C0&ga_vid=937080875.1662301278&ga_sid=1662301278&ga_hid=1134922891&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66605eb4654e28ab60da1eca0cca51b376d75165475f029600c552c3b3018e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142904
x-xss-protection: 0
google-lineitem-id: -1,-1,5483746265,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138365009135,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://earnme.club
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 937 B
291 B 304ms
304ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fab8b78105977c1477820d23e1720304f1471bf13a53e405b5cb9b04d00ae39a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 261
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://earnme.club
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9675 6 KB
4 KB 155ms
22ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:17 GMT
expires: Mon, 04 Sep 2023 14:21:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022083001.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022083001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e452e427426a73874dc18f54731b508406883dd902393dc5e393625ab22fd574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 10:55:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 444351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13587
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 08:35:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 30 Aug 2023 10:55:26 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 872F 83 KB
28 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=4955811662301277528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d162942e00d8e9beb4aad8a89aa7cd40336e4c5875d4cce97d4cf4bfd883db21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28557
x-xss-protection: 0
server: sffe
etag: "1323 / 58 of 1000 / last-modified: 1662156382"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 04 Sep 2022 14:21:17 GMT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 872F 368 KB
103 KB 66ms
27ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=4955811662301277528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1208
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F2gV6hM39MfGctZtoLvfHF1dk5Mw2U49zjB6S7Xy%2Bkvp2G0wgL3aO%2F%2FwXLPI%2Bc6QqPc8T3uMEM%2BUOnQTLfmvqxdCNepsrP%2FYo1byrTsIhFAnBfSGtsoXggNpKA0dc%2FbOddzxy0jYIGpDm9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eeaf97f9b80-FRA

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 0826 9 KB
2 KB 8ms
8ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=bfcpqssjcvc&e=1957767944024
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=4955811662301277528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: fUxBWwPK7Qp0IxegXs0ciRrqIEtWfOE5mTtxKNmy7pJuKr2SI237QA==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 7164 9 KB
2 KB 9ms
8ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=cckwskt&e=1957767944024
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=4955811662301277528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: to_nuSHOdG9eOv-IfJGLBMqtZnNcPcWiNkq-mApNY9kBRK6UhVR8ww==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame EE9E 9 KB
2 KB 9ms
8ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=nsaliafjnlg&e=1957767944024
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=4955811662301277528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: dOyv7euCU6bD_E-7C3nDOegYxsLgbhhQck3o05-WWY7ES0OznpF-dg==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 2787 9 KB
2 KB 8ms
8ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=khwcukop&e=1957767944024
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=4955811662301277528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: UpeSLi39owAS8zESFhSkKkhevF415iAOX-3gH8MS2muDQbSaETLgIw==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 9B1B 9 KB
2 KB 12ms
8ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=zqobcegrs&e=1957767944024
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=4955811662301277528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: mV2Rxnvd2Fthn2F6eTC8ZIx9wAoa777A0xZvC0QAqPIBw0rNPxicbQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame AECC 9 KB
2 KB 11ms
5ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=vkfjay&e=1957767944024
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=4955811662301277528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: h1xzBnlH99zB4S3nTuZY75WRHgFNq-dZMpCmohvnYNxXFSh71ZfDoA==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 47E0 9 KB
2 KB 10ms
5ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=crawfhgtg&e=1957767944024
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=4955811662301277528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: hOboaj_p1FxqVp06nU1-gu69doEjBGqtW4u6VAyJ_EV2A3raQ8GxCQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame BBAF 9 KB
2 KB 11ms
6ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=vksbyedf&e=1957767944024
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=4955811662301277528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: 3xB4ZHS2XnDrpKjS5qaCXxHAStUtMj_BHNzyqqEE4A_E7Lvd9fdx6g==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame C1F8 9 KB
2 KB 12ms
8ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=hbshmnvln&e=1957767944024
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=4955811662301277528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: xEowqypF_Y9JxAQveJUDwjIyRjU5iGmoygJyyyuHS7vQj18EHRhPaQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame A3C4 9 KB
2 KB 12ms
9ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=xfnkvhpoaq&e=1957767944024
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=4955811662301277528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: ko0g3OVpQpuqKTivTfrcHKAlLxdSr8ZCPGWKC4MEMgAvqLjrjxf4IQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 1FE3 9 KB
2 KB 11ms
10ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=zyczmwpf&e=1957767944024
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=4955811662301277528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: Ng6Fwjy7VKqMNQuQwjNU8d1g62XrltK76ih6Ypanh8IFrePcpuHOCQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame F5A1 9 KB
2 KB 10ms
10ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=nmhtxnrtiyi&e=1957767944024
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=4955811662301277528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: wR_eL5ljnp6pVqBn_pperuUdvxWN574pqPaBKkCG5lULnN4y5-xsmg==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 2D59 9 KB
2 KB 10ms
9ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=xefudsbbp&e=1957767944024
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=4955811662301277528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: R9ganQjRFSMw0cHwLcFd7ff2WMFfuCEuHTxsS-nuxUwzmDhvdPnXMg==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 4062 9 KB
2 KB 9ms
9ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=jewvyzwsuwb&e=1957767944024
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=4955811662301277528
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: 8LdBOKWFaiRteypLfQUvQHvEaK7-go5eL6Q_DW-B6jDxrcJc1i3wxA==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 93BA 83 KB
28 KB 31ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3633361662301277542

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d162942e00d8e9beb4aad8a89aa7cd40336e4c5875d4cce97d4cf4bfd883db21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28557
x-xss-protection: 0
server: sffe
etag: "1323 / 449 of 1000 / last-modified: 1662156382"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 04 Sep 2022 14:21:17 GMT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 93BA 368 KB
103 KB 46ms
35ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3633361662301277542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1208
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRlnLL2QwDBHHqqsEds%2BM4GwaipP5kOka5TSjCTnUx17DScHlELPlyibet4l%2B3S9bbQw5EQfLsGHkakXAJzqJEgtmcWzKgmeQgoFu548JiMjz%2BNUWeAfNLkYrmpbLrszLZ9MaaldO5pSP4M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eeaf9829b80-FRA

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 2ACE 9 KB
2 KB 9ms
8ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=yfqcmrenshr&e=1534108800930
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3633361662301277542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: S7igTa200rp0DswvgsnwT0Z8VYNcr8359ZxIjdAB2vHZ2ydpnhvHjQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 6CDA 9 KB
2 KB 9ms
9ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=zsekaa&e=1534108800930
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3633361662301277542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: UPzQDtMlImhbBeAiS_jL3S43-o3P1QwrEWZlh65GI2HBPpXAotQhFQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 7966 9 KB
2 KB 10ms
9ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=tcsdeolg&e=1534108800930
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3633361662301277542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: ZY4wiz2-qCZaF9mAPBYuUVanHkrgpMG6oaR_I1hhrhqhVTmTo3EGtQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 6873 9 KB
2 KB 10ms
10ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=ulmboddq&e=1534108800930
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3633361662301277542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: TavH2beDR5_SH9LxhSWcgUphbq9yVyk2D6rACihM82tYDGFw11aSvw==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 60F4 9 KB
2 KB 10ms
9ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=aabgaam&e=1534108800930
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3633361662301277542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: oz110bU6Qnew0QCy02lA9mZDn48aEGPeUHSiM7Bq2_o40Ootvhs6Mw==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 05E4 9 KB
2 KB 10ms
9ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=pnpxbbicc&e=1534108800930
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3633361662301277542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: W90JirteekAo6jSYUnsAa6sv7SYJkBPWBEgO9zNdcfyhEtmT0BDvpw==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 3248 9 KB
2 KB 9ms
9ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=dbjzwyk&e=1534108800930
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3633361662301277542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: VnKZvmDyDTplNWWT8rweMW-8PLZYPmfp-iXvSoymIoW3TYYvwYR_4Q==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame BDE5 9 KB
2 KB 8ms
8ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=rokwzcaoll&e=1534108800930
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3633361662301277542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: ooSBwfaGkeiRhINDKLZ3Gr-HSuSY1OAFaW4DgLibdrjkE2Qwv0d2SQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 2FCC 9 KB
2 KB 17ms
8ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=rodhgwcfb&e=1534108800930
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3633361662301277542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: MEvNgfT96iiK0BtVsAyoz5o3bRXfRI0uQ5_LTqroZDXsCvpewMqQMg==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame D129 9 KB
2 KB 17ms
9ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=kqwlsycf&e=1534108800930
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3633361662301277542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: HzfWnNedBDAENFKfws5mggPlOe8h4gnFJOlt-qimHKgpAvUXUE9wRA==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 32B9 9 KB
2 KB 17ms
9ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=kzkosoqog&e=1534108800930
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3633361662301277542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: jDEO62Kpye2dDrN6u1eaNzv1ymmfyZ0UrM6A-7mN_RekREC_7PWkwg==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame FAFC 9 KB
2 KB 16ms
10ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=zhsxlhjhycs&e=1534108800930
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3633361662301277542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: sSPCEiGG-AA8La-yKTF7UobQasuLnBH_KHisPb_DWEEsccsgmAm1-Q==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame C4F6 9 KB
2 KB 15ms
10ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=hfbtdeatv&e=1534108800930
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3633361662301277542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: HPf6JsmZM-G2dAOOWwSrz5fCYcsENbD68MNt2vxm0uWYvQ1FioXTZg==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame EFD0 9 KB
2 KB 15ms
11ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=xfsjbwvy&e=1534108800930
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3633361662301277542
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: GxWt3X-2ez-iHf3klo4-FvhdEb1S7kxfyOu55Wkdc00VSusFwRJ2nA==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 451F 83 KB
28 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=1039101662301277546

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d162942e00d8e9beb4aad8a89aa7cd40336e4c5875d4cce97d4cf4bfd883db21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28557
x-xss-protection: 0
server: sffe
etag: "1323 / 447 of 1000 / last-modified: 1662156382"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 04 Sep 2022 14:21:17 GMT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 451F 368 KB
103 KB 30ms
30ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=1039101662301277546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1208
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQOsczJJpvRroujmk2fPFvZW4oo50OshEM%2BbTPCJ%2BhKkdIfHfymQ%2B2f7Uik4zBjfNby335pnRvjMNHQwnFWvG2xF%2B6peNDbcob4y%2F2xYU29f1DeeRzcMYTFMMfM8lFgIZeulNxQuoNPanms%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eeb19af9b80-FRA

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 25CF 9 KB
2 KB 18ms
9ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=lqajnjktk&e=1834762243861
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=1039101662301277546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: 33LWZert7IXDZ7QbvewV0CMcJr_QgiMiRXtcSJUcd_jad18Tghwsjg==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 1D3E 9 KB
2 KB 18ms
10ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=spwnunpd&e=1834762243861
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=1039101662301277546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: -1ny_kIAmRv7X8VRyvo3NZGpTNPhimxRk1yPXCaNtJG6Oks0TlnMkQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 6CF5 9 KB
2 KB 18ms
10ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=tlgto&e=1834762243861
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=1039101662301277546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: jf1GlgQ_MZStS0_Ghwt29PwNI69EDLpD51NSaOh9Wtf1iGiWo1vbvA==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame A9E7 9 KB
2 KB 15ms
11ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=oqiqhodruc&e=1834762243861
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=1039101662301277546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: _qNpYanmi_i5UVbcBAbEeHbiZsIsB4J07y7rTCAYxL7-Tm4cPG_WPQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame B9F2 9 KB
2 KB 13ms
11ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=skxljarp&e=1834762243861
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=1039101662301277546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: Ww63KDjgLj6K8Cpd4iiwrAHb0Yxb1po1BF_UmlcEv6Nug7NUqAWNXQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 8AD1 9 KB
2 KB 13ms
11ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=chzwcetmv&e=1834762243861
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=1039101662301277546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: mifrU7irjBnbM6b9e_LbYEjRJ8xv0S33wX6v8FvlxKihtf_TEpvOmQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame A119 9 KB
2 KB 12ms
12ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=jippcjfja&e=1834762243861
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=1039101662301277546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: nbl9uREx3U8CFL68soXgQw6uHJt8dPrpXJTYDKV_5HxOU2fqs386-g==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 7CB1 9 KB
2 KB 12ms
8ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=dyafdikm&e=1834762243861
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=1039101662301277546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: fB7RuaaIFBqC2b39H3YISOf2JEWYLY-L41YCjyqMjcLjOW1OCay4kw==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame B684 9 KB
2 KB 13ms
9ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=gxkvise&e=1834762243861
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=1039101662301277546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: vvNkt3l7uZ5Md3MHoH5dng0wFxgP3YJcYZXKa3uY5g__M7S_auT-CQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame D630 9 KB
2 KB 13ms
9ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=inkusgvkf&e=1834762243861
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=1039101662301277546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: JCY3vNoY4HnyLjqCwX1o8eZz80eVPh5BsWcOo6u6ZieNMoeUgqDvew==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame F7D5 9 KB
2 KB 12ms
0ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=qnnzccm&e=1834762243861
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=1039101662301277546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: 67Q-pVBgZuswYj2_mlCtRQt0EtF06zPkspTZTb9GSDYjebrIH2JQhQ==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame 1EB2 9 KB
2 KB 12ms
0ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=ruschf&e=1834762243861
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=1039101662301277546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: m4Muj3H_kys8UHDPDpxHvLP7y6ROAbnsiZVioI0ERSg7kXtiT1ek8Q==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame CD14 9 KB
2 KB 21ms
5ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=sjucnsasr&e=1834762243861
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=1039101662301277546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: sOrYpKp0TgQbEg5NxC6OHn9TNNRBtbcN8Fia-9SmuUe9zWIpzli2ZA==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 p.html Show response
flashnetic.com/r/ Frame AD87 9 KB
2 KB 23ms
8ms Document
text/html 143.204.89.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://flashnetic.com/r/p.html?f=kkhcmzjfb&e=1834762243861
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/t.js?i=uv85s8wiydoa62b7a5wma&cb=1039101662301277546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42071
content-encoding: br
content-type: text/html
date: Sun, 04 Sep 2022 02:40:07 GMT
etag: W/"5cf55433b12622d72185936eb7379e13"
last-modified: Wed, 08 Jun 2022 20:58:01 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
x-amz-cf-id: 5tpKiT2LP6uebZIKr9bNgeVynlI-laRJrBKKRRdCav_wKXv9-eWzoA==
x-amz-cf-pop: FRA50-C1
x-amz-version-id: oz6fpl87UspghpuOURN0N_mgHQvwK1bf
x-cache: Hit from cloudfront

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 75 B
269 B 194ms
191ms XHR
application/json 54.188.185.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.188.185.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-188-185-41.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: b0f9ee26598f590e7d508f7b17d01b9b2313b782a2ee83cef5a7891f91cc849a

Request headers

Access-Control-Allow-Origin: *
Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: https://earnme.club
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.20.0
vary: Origin
content-type: application/json

GET
H2 200 avcplayer.js Show response
player.avplayer.com/script/2/v/ 251 KB
60 KB 175ms
8ms Script
application/javascript 2a02:26f0:3500:c::5c7b:6837
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/v/avcplayer.js
Requested by: Host: tg1.playstream.media
URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:6837 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduGB2AlLYWO9z1o9MZw3py8-TiNXy0xSw8Y-H7jVVYgkTfXYOmbJIkYFFscMkPtM6TY0pxalGwhD7xlrfFFZLZYF7lWag
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 61326
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
server: UploadServer
etag: "9dff0335699f04080269947f40c366ae"
vary: Accept-Encoding
x-goog-hash: crc32c=DITkQg==
content-language: en
x-goog-generation: 1646327924579580
cache-control: public, max-age=300
x-goog-stored-content-length: 61326
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 04 Sep 2022 14:26:18 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 345ms
101ms Image
text/plain 52.204.142.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&cb=1662301277961&r=earnme.club&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d65=&e=playerLoaded
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.142.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-142-233.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 578ms
192ms Preflight
application/json 54.188.185.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.188.185.41 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-188-185-41.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin
Access-Control-Request-Method: GET
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: access-control-allow-origin
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://earnme.club
content-encoding: gzip
content-type: application/json
date: Sun, 04 Sep 2022 14:21:18 GMT
server: nginx/1.20.0
vary: Origin

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
594 B 43ms
9ms Fetch
application/json 143.204.215.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-113.fra53.r.cloudfront.net
Software: /
Resource Hash: a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 01:05:08 GMT
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront), 1.1 89cb19c6f2c9ed0983294d3b12e80e42.cloudfront.net (CloudFront)
age: 47770
x-amzn-requestid: d69ecc94-595c-424e-933c-444525b6bb14
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6313f9c4-330c625670f6d8f05161f890;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA53-C1
x-amz-apigw-id: X6P2qF0EDoEF30w=
content-length: 30
x-amz-cf-id: HjS-JDPGj05gX9WxTbktFWuYmg_NwPO4Ap2JTG0KutttA5aNugNESw==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 52ms
16ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 04 Sep 2022 14:21:17 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 576293
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=WWjk63x2MWNFcnJDSWtuSUQyYmpuZXRIYkl3dUFLUHhQOXlZYjlqSVBNbWl3WHI3ekFYMFJ6cDlxWDdFRk5jZkJvclA2eVI4anJna0EyVjlnT2VKWExzcVU2NFVjN09uaVpNNFkzOHpsYVdFOGNQRTBQZ09RNkxsdVNmbk...

352 B
639 B

49ms
19ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=WWjk63x2MWNFcnJDSWtuSUQyYmpuZXRIYkl3dUFLUHhQOXlZYjlqSVBNbWl3WHI3ekFYMFJ6cDlxWDdFRk5jZkJvclA2eVI4anJna0EyVjlnT2VKWExzcVU2NFVjN09uaVpNNFkzOHpsYVdFOGNQRTBQZ09RNkxsdVNmbkZ2THppQ1ZKS3JEOWhRRDU1eXFYSTA1Q2dVYkxXYlBvblY1blZCdWpRQmR1TkE2UHJGUUo4RFc1dmc0bGZ2UHNKRVFpNEd2Tjl2NllEakxGM0RVcE1oVlBmRmZrRVovRjdCWURJeVVpZjZoLzdTTUUxMnZZPXw&cppv=2

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

640c7329d6fa76a0ae3487f6b1a5b85287cc51bda33dc83e65bd0ed0a37d8f71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1485149
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=WWjk63x2MWNFcnJDSWtuSUQyYmpuZXRIYkl3dUFLUHhQOXlZYjlqSVBNbWl3WHI3ekFYMFJ6cDlxWDdFRk5jZkJvclA2eVI4anJna0EyVjlnT2VKWExzcVU2NFVjN09uaVpNNFkzOHpsYVdFOGNQRTBQZ09RNkxsdVNmbkZ2THppQ1ZKS3JEOWhRRDU1eXFYSTA1Q2dVYkxXYlBvblY1blZCdWpRQmR1TkE2UHJGUUo4RFc1dmc0bGZ2UHNKRVFpNEd2Tjl2NllEakxGM0RVcE1oVlBmRmZrRVovRjdCWURJeVVpZjZoLzdTTUUxMnZZPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 718049
content-length: 0
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 45 KB
16 KB 452ms
452ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3900837087679291&correlator=3415737159647037&eid=31068498%2C31068928%2C31067358%2C31068367&output=ldjh&gdfp_req=1&vrg=2022083001&ptt=17&impl=fifs&iu_parts=22181265%3A22367406785%2Cemc_300v_1%2Cemc_300v_2%2Cemc_300v_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=970x90%7C728x90%2C300x250%7C336x280%2C300x250%7C336x280&ifi=10&adks=763504407%2C2241301684%2C1563700436&sfv=1-0-38&fsapi=false&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_bd%3D0%26anh%3Dtrue%7Crefresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dtelekom.de%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_adid%3D888f3c78c93a74e%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_cache_path%3D%252Fpbc%252Fv1%252Fcache%26hb_cache_host%3Dprebid.ams3.adnxs-simple.com%26hb_bidder%3Dappnexus%26anh%3Dtrue&eri=4&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D300%26wrap_l%3D300%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D3%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D200%26waae%3D400%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D0s&sc=1&cookie_enabled=1&cdm=earnme.club&abxe=1&dt=1662301278077&dlt=1662301277279&idt=466&adxs=315%2C989%2C650&adys=154%2C1156%2C4908&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C2&ucis=a%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fearnme.club%2F&loc=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=1080x0%7C326x0%7C1600x0&msz=1080x0%7C326x0%7C1600x0&fws=0%2C4%2C0&ohw=0%2C326%2C0&ga_vid=937080875.1662301278&ga_sid=1662301278&ga_hid=1134922891&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9995f7b591f7fbb199201d85cf5fec4ada31d66e919a3b41797f392157a355ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16014
x-xss-protection: 0
google-lineitem-id: -1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://earnme.club
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
325 B 59ms
15ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3203177.ip-141-95-33.eu
Software: /
Resource Hash: b789904f1040c2ffaa49c39466ca30151485a1755e8af916d5c08fff599a4d61

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Sun, 04 Sep 2022 14:21:18 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 77ms
14ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Sun, 04 Sep 2022 14:21:17 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 541991
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/earnme.club/adsstarbid.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d162942e00d8e9beb4aad8a89aa7cd40336e4c5875d4cce97d4cf4bfd883db21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28557
x-xss-protection: 0
server: sffe
etag: "1323 / 337 of 1000 / last-modified: 1662156382"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 04 Sep 2022 14:21:18 GMT

GET
H3 200 pubads_impl_2022083001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 872F 379 KB
129 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131975
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 08:35:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Sep 2023 14:09:07 GMT

GET
H3 200 pubads_impl_2022083001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 93BA 379 KB
129 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131975
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 08:35:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Sep 2023 14:09:07 GMT

GET
H3 200 pubads_impl_2022083001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 451F 379 KB
129 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:09:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131975
x-xss-protection: 0
last-modified: Tue, 30 Aug 2022 08:35:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 04 Sep 2023 14:09:07 GMT

POST
H/1.1 200 579.json Show response
id5-sync.com/g/v2/ 216 B
621 B 62ms
16ms XHR
application/json 141.95.98.68
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/579.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.68 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216657.ip-141-95-98.eu

Software

Resource Hash

9e35264eb8d8b5366d1667190d1cc816b8494caff314d4638a76c476bbe3846a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Sun, 04 Sep 2022 14:21:18 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 89ms
20ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:18 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 872F 18 B
308 B 304ms
40ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=93702037131

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 872F 171 B
553 B 249ms
58ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://earnme.club
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 872F 144 B
1 KB 358ms
358ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

322dec810cfe0cd1251de3c9422bb5467d3be06b74edb09f3791d928df82a3ab

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:18 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 175309c7-a450-4274-81b1-e01ba447ff35
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 872F 436 B
888 B 99ms
99ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F21671350435%2C22687820958%2F300x250-earnme.club&tk_flint=pbjs_lite_v6.15.0&x_source.tid=ee84e28f-945f-4c3c-b400-20bc165dcd1b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8878799643168362
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b8be3a9deba1f5211cd3452e1903769d14527c69b6626e6a21aced17d934545f

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:18 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 436
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 872F 0
405 B 101ms
54ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 872F 73 B
145 B 31ms
25ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ee84e28f-945f-4c3c-b400-20bc165dcd1b&nocache=1662301278343&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=%252F21671350435%252C22687820958%252F300x250-earnme.club&aucs=%252F21671350435%252C22687820958%252F300x250-earnme.club&auid=557749685
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e7a76e6a18f5731e86e4ca1311256e8d1f46cfbeb9c07fc41db096313168398e

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://earnme.club
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 67ms
20ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:18 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 93BA 72 B
147 B 24ms
23ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=14af27e1-f8b7-4caa-94c0-f5dc8313793b&nocache=1662301278363&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=%252F21671350435%252C22687820958%252F300x250-earnme.club_._2&aucs=%252F21671350435%252C22687820958%252F300x250-earnme.club_._2&auid=557892318
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: c9d572a7ef7f92b0ba383519d26e1a6296c52ce5b8911a2377d7fa59583f72b9

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://earnme.club
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 93BA 0
333 B 184ms
20ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:17 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://earnme.club
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 93BA 0
406 B 100ms
53ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 93BA 440 B
892 B 105ms
104ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F21671350435%2C22687820958%2F300x250-earnme.club_._2&tk_flint=pbjs_lite_v6.15.0&x_source.tid=14af27e1-f8b7-4caa-94c0-f5dc8313793b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7976164013667555
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6ebad5a338d69559a5d326d8be302c5288cc2045cef7ea6f6ec1c57d019ba41d

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:18 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 440
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 93BA 18 B
308 B 274ms
39ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=7618955171

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 93BA 145 B
1 KB 174ms
147ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

da2f283bc63982ada827afdc989ee2e7f76e04b6697a466bf737cb772167e6f6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:18 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 88a5e470-794b-41cc-9e94-4d0d302328f2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 451F 73 B
101 B 41ms
23ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=341a0f2e-e00f-4710-beb6-78e76b6bbe19&nocache=1662301278377&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=%252F21671350435%252C22687820958%252F300x250-earnme.club_._3&aucs=%252F21671350435%252C22687820958%252F300x250-earnme.club_._3&auid=557892328
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 3420f6a93b72d3cc53cd9945a97479ef9c82f2470eb12f14fce796be23608308

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://earnme.club
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 451F 171 B
553 B 209ms
58ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:17 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://earnme.club
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 451F 440 B
892 B 100ms
100ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F21671350435%2C22687820958%2F300x250-earnme.club_._3&tk_flint=pbjs_lite_v6.15.0&x_source.tid=341a0f2e-e00f-4710-beb6-78e76b6bbe19&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.25407467520546834
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: df1aa02f6d8660492185fd7474dcca3dafd0da3d786330a7ea6a47f5dc92ba06

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:18 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 440
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 451F 136 B
827 B 44ms
16ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a53a550b26535c60e2bc31737d457b09245c63f25c4f799b0f5cd31ff6262c2d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:18 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 352d62fc-7396-4c9e-8bfb-c4044f3dcec1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 136
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 451F 18 B
309 B 252ms
31ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=624667005

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 451F 0
405 B 103ms
55ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 51ms
20ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://earnme.club
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:18 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 hls.min.js Show response
player.avplayer.com/script/2/2.55/libs/ 247 KB
71 KB 8ms
8ms Script
application/javascript 2a02:26f0:3500:c::5c7b:6837
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:6837 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

unused62: 8096267
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdu6xL9vZrltTUvDKnXQzibfMA-uDG79tRFMOGfB_TO6CYIv2e3b12_ByRZhYw4vma0s_tGz-_OW10A0nnFeqrd3Bz98iA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 71831
last-modified: Sun, 10 Jan 2021 14:52:52 GMT
server: UploadServer
etag: "7888b98658e8cef4a98786556ccdab66"
vary: Accept-Encoding
x-goog-hash: crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language: en
x-goog-generation: 1610290372874389
cache-control: public, max-age=300
x-goog-stored-content-length: 71831
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 04 Sep 2022 14:26:18 GMT

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 251 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 256 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 273 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 237 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 238 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 logo.png
cdn.playstream.media/ 1 KB
1 KB 100ms
13ms Image
image/png 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.playstream.media/logo.png
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: 875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
last-modified: Tue, 19 Jan 2021 07:48:16 GMT
server: nginx/1.17.10
etag: "60068ec0-4f1"
x-hw: 1662301278.cds052.fr8.hn,1662301278.cds278.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1265

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ctrack
track1.avplayer.com/ 0
71 B 302ms
94ms Image
text/plain 52.21.172.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=100&e=cpll&cb=1662301278417
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.172.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-172-125.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame F7D5 368 KB
103 KB 39ms
39ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=qnnzccm&e=1834762243861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgFmHI%2B93P45Npx7zbCvfBYjfJCgIQ791kUt6Db1%2BjU2hAUDBwsgrHtyzhg7bI3TgtoTeKZc6a4lIl%2FBwT%2BGOJQAtRoxb6t0Fe5Iv1T6H4oDc%2BKEATFwtj8DuYadbuq3iidlwV4xPGOhmFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eee2f3c9b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 1EB2 368 KB
103 KB 33ms
33ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ruschf&e=1834762243861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxltLUQuig3O2qhBkCiG3Xn8umMA%2Fx%2BVg6RAjlBVePLscRV3TLSwjY%2F%2BrnNw5V08tcEzZdqiuvtJmcFzUiXkeygiYjwujCZ%2FJFK2chuCTbune9lDyb4xPK2XN7Q8BGym8sYGD5UIyPWbPVU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eee3f559b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 0826 368 KB
103 KB 37ms
37ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=bfcpqssjcvc&e=1957767944024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCV1Br%2B1WnX0NF1%2BCarr5Heh0ksCfqYHduqXpLGIWzDXgAWCHSvqyRluJSlw3JBc3YFeJ7Lrm0gturfPqNG1Bg8JsGBjVb9LZqIONBRKazJ3Ipf5VM2aPbONbYf9VgGN04ZVDMw1f8gE%2Bco%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eee4f6f9b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 7164 368 KB
103 KB 30ms
30ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=cckwskt&e=1957767944024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1V%2BLScWRcy%2FUQDSPDAQQ4Rq25%2BZrhx5loHfslaR1znWShHy%2F3O4T8XXpswgylwV0HvoNjpI%2FGZRCl1mRiOoqs1aSFtgcklC7ZtyKoR8C%2FoMaO6ABuRyrmaEAHSNaO1pFvp8ez1VmP%2F8dw9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eee7fcd9b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame EE9E 368 KB
103 KB 29ms
28ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=nsaliafjnlg&e=1957767944024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQrfQMheOj4o1HXmlSG6XP3SQ7hieZTz7dAMZdbaNBHlndvJ5NJO5I5uggm%2BvldMo%2FuT3%2BuKKN3aySprFiXwx5ayBfRh7xQQsBEAIGnihErxQsftULqSPs%2FaFByV1Mef9poNLPx8r3uaX9U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eee7fdd9b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 2787 368 KB
103 KB 43ms
42ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=khwcukop&e=1957767944024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZUlxsv6YInOtPzAtlqBfJ9yx3bQ8POzT80Xmm1IEp8dtWlvkNAkG9BCfKrqNCEam8K6sSvyXlqhLMP7qlA2nb8T77F6iujDxb57NTNQNJrg9rIUF7LdbDvSIntO0OOOvBYh8zhCX7tKYn4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eee8fed9b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 9B1B 368 KB
103 KB 41ms
40ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=zqobcegrs&e=1957767944024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyI4D5d1ytdIYGwriyRJmaRka%2Fr732lSQDoBDNPHd%2BlxTX%2B077BgSEQsaDqqYhWM2QjLczfW5b4iQ6f4wOu5cANLI95Bqn37TTa2KSiPkP5E27Hn5e0cRQLMXO0bQV0B%2B5Ndt0c91zRFeb8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eee98009b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame AECC 368 KB
103 KB 26ms
26ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=vkfjay&e=1957767944024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEtCzJj6rzLR%2Bps86Tr7szIM451ImQig%2BmWU3nKB%2BA%2BFpSQlN9O0uT8%2BdVevjYYbHb7wQWIIhrO8cYSCDIFj%2B%2BrvhcYIdR1TSooee%2BpL93U%2B0D%2BuLDodm92V1Yjhtx4G4H0WsVQ5ubZroRg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eee981c9b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 47E0 368 KB
103 KB 30ms
30ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=crawfhgtg&e=1957767944024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zu7Ma3l%2FEoKLmOU1a0CDtDmXDbKjhb8BvX7Rjn5RRzjrUJn7FrPDl0vMvg7BNqyumgqTufQ%2Bc%2FWW1LHpOUVTgSmCUmIkPULJrk0gkr3sMkYtCbB%2FDpdJ8ZDZKk03HD0IL60I3ZMytKcusJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eeea8359b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame BBAF 368 KB
103 KB 29ms
28ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=vksbyedf&e=1957767944024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FpslPgdHcy2PDXHXpKBxIBAG0deoJqqISyRSQ%2BLf5L06su9s03p0h4rIN2M3pLgVFeEUawvUh5DShQR3q%2FrEZElUS0V8IxuoUWFurDsUyrXLCfMUh7hvJBco7KNmaPALVlxDgRBnn6x3z8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eeeb8449b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame C1F8 368 KB
103 KB 34ms
34ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hbshmnvln&e=1957767944024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fKk91itLxuVhQHXHtwxSRLFIrecrqPMS%2FeZtJh5P2gvAGMX34LT%2B5L%2BMzpC6Uf1v260R%2BANeKqIGbBYzvEm5N0OjDK7gvNNCcYLO%2BvQoZxA80%2Fhjj%2BQqZFpgHJiV4ig%2FET0FMsNJ5T4CFA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eeec85d9b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame A3C4 368 KB
103 KB 29ms
27ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xfnkvhpoaq&e=1957767944024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xf4%2BaGPjB68RC6VB9OLUAaKF2GlWZcv%2FElAQEMYAi4T2NXAS2%2FErantW7%2FrWFGzb1Gjb1aC0UsR%2FDcWi8wsOs1Q6ldMkPUz6chSrpISK3vmAFweHZ9fZYVbS2uF8Iz%2BXQHnsxrLN26e1Q4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eeed8709b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 1FE3 368 KB
103 KB 30ms
25ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=zyczmwpf&e=1957767944024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVBeII%2BYS3eDs3fFRYF9SySgA6g0sqaoWzxY6A37%2F8JNyEzhebNrnobxynwhsJkmIcIsjRBPV%2BzO62li8Z%2BhJzaeiwvNZmLFGa8rxUOtsTku6iXGaV5a12IN4TokCSCPEveGvk%2BZkeyjQTs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eeee88f9b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame F5A1 368 KB
103 KB 24ms
24ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=nmhtxnrtiyi&e=1957767944024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pL59oQakoG6%2FfpjeOi%2FD5GNFonrVbj6IzaJPQG2AMBV1FG0ldnDW%2F%2FXqQiwTowM0hbgV2DL6v7JHiZFJS1m9goR0YG2ukngKlXREZ4RXeBVUkD7sUU0NPAzB6OMcw2TT4jevYj%2BYNB7kksw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eeee8989b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 2D59 368 KB
103 KB 25ms
24ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xefudsbbp&e=1957767944024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qd4PZYPl7shnowC82%2Bo9m9J%2FVJKbyuxfAnk2iqmgo%2FXjZOF00ULU7NHlsWOZmF%2FbDHuQZRsSAQep3Munz4HTTXnk44S18S8Ias%2BJL3JsFOW%2BWv%2FOEGDYqazvYSKOgvpBkuvRLPXXvIypSbg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eeef8aa9b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 4062 368 KB
103 KB 40ms
40ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=jewvyzwsuwb&e=1957767944024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aIJV%2BWK3LSgbAP6c8GadFMeUMjghRrwPLFD7Yst5OdL6rLxYrsYvGUVq21Ato8rE4i9X3zsHfAHY8S9%2BXu2TFhD4iOury6UA%2Fer4StdRSmn76TasiuV0L9f0fIchJ8Q%2BlJYn34RvVqz4Koc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eef08bf9b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 2ACE 368 KB
103 KB 28ms
27ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=yfqcmrenshr&e=1534108800930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZ0VY2M8iZzGwONudP7%2FqvzFO7W0sOrh7IoKiX4Epx9lpnzRTESEyXJRiyUJLh6H8rjHGHXR7fWGwLOtQvWSBhSud1%2FVg1QJFyqgYPbK0FiUY0y5KTnaVlGBw6aUj0WWozKjNjACnUhN1u0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eef08d09b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 6CDA 368 KB
103 KB 40ms
40ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=zsekaa&e=1534108800930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oyp4FOH4UOS2gAGOEcqAKN2g3fv%2BQUuoaa7cb1nWTZk2fpuDRaW22%2Fx3JMSocntOTJclEkWZzvEC3RT59lFOyHqSh%2BgPveTopmPc74udMpnsq9padDEcXHXAkQXVDqwVBXyMb8L5LxLADeE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eef28f49b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 7966 368 KB
103 KB 35ms
34ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=tcsdeolg&e=1534108800930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZNiFSMPSQBkdOWStMqdDm5K8C82yICF6xQGwTWdIiNO19UgmmBr3ddshoLO%2BRDbN%2ByySgb2iC%2BZLVRRTsiYqMQtDsRZQPSt%2BJk1bFT8%2BIVmGRLtVvfcZTRYCS5B3Z8dNSrImVwOqlZyCts%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eef28f69b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 6873 368 KB
103 KB 31ms
30ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ulmboddq&e=1534108800930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xp5zuplb299II41UUrjD%2FgTuaxY4rDizJH0YPOwV0b4b%2B4vYfApNNCIE%2FDsc2rO8Mo8rL1VyhIC8R4ZzBMI5NABRleAsVHiZv0%2BAmgXPAySUFiNg82XppqSCXPmCOJ4ahFYaopUfqYRCngg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eef29039b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 60F4 368 KB
103 KB 32ms
32ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=aabgaam&e=1534108800930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8jrhXceaTVoP71LmEFRdmTJzedzKxf10Wo0jaUuGWlqpOFmhap04LwbeEqjqvykCQD5jeXFmf1unuthtCaJH9eFzcvzq9l2Fo%2FqA1sgry5LE0i7euFpp2KOA%2F61zQtgUQdXULFBNMafZOs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eef39239b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 05E4 368 KB
103 KB 27ms
26ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=pnpxbbicc&e=1534108800930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7t51C50IzPCFe0YAtDTVT0%2F67eUw4GKuHTQiYY8LUGPuN2bJKbXk3aPZwxdsQ6kiEkPHDNB6b8LppN%2F125UrGlLSM3lP594kJgBvX4ddrdZdLhLF2zaqyhNzs7tZK3%2Fcd4KyhyjPK9HA%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eef493f9b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 3248 368 KB
103 KB 28ms
28ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=dbjzwyk&e=1534108800930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRE9GgB9NR43P1fvDO7UISRCh1sjtgmOeGU3c5Vld6tup5%2B4kxyfw6IluPe1DsJIepfW%2BtTHVYerWSEeWIdJLjTPO07LV59rjVo2Sx%2BKD8N9Zxy2kbwrLxGAHznoRwmUU47TYyNNK86iGeo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eef59599b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame BDE5 368 KB
103 KB 29ms
26ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rokwzcaoll&e=1534108800930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4abYvUAtnnhb3BHnlUu%2BBMbqAdbmUZkB1PWdiEBIKv74QVeW62RbGQOgKRJtqwNq8FpTjkHgn8wPtscNv75DlTekzehvLdyayhjEBIFVkrdVj%2Fnf1EAM5gCy7aWXVzJtYC2%2FVVLWlQd7zU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eef696d9b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 2FCC 368 KB
103 KB 26ms
24ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=rodhgwcfb&e=1534108800930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChxejwzClOo8dCtUw7IhU4nwVeaCdKOQCO6AI3dikwVHrSRU%2BlV4aZl7pffoflLycMaj1WMuwX7dRXwglN6kZYKES5bdl7l2zxQhmYsekEsZulfbeLnbP1L3pg9oMnHE87pGPShhdWTuYus%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eef79899b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame D129 368 KB
103 KB 25ms
24ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kqwlsycf&e=1534108800930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DBm28GGlw60bPWdka52Da7s%2BLhcofS9zSamFBPnm7h4iVNK%2BZfVN%2Bb8EQO84q3X0yzBr86nRSMW0sm0sCRTLQWpNA3P6w1U0ZHMX59QAwssQF8JZARFr2oa9hjtv2pWzNQwSsWjIiP8QHxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eef79909b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 32B9 368 KB
103 KB 35ms
33ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kzkosoqog&e=1534108800930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SO2%2FHLxfhb8cpzH819n5ncT%2BzGCO19jWVWbEWBcbI00z7ClOmn8HlaAW4fCnlPL8J7bYF%2FTE3gK3jot8Ycw4gQvVLZiGc9QQUzEhGdDgmNsgW6AQxdPQXi2HtOGngQB6wf4DWARAd1zgtXc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eef89a49b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame FAFC 368 KB
103 KB 24ms
23ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=zhsxlhjhycs&e=1534108800930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7t6Rw8%2Bil8zEtisi8TdXcIb01IfwwhSNZXXfINinf5fNiYMdx4gR6qnnOqWMlrdKkvQHS78hZvRQL2kcF8ngow%2BYjPQOQiDg9OFAmovwUJbYwomLskRuQGy8aiWLo9cV4%2FSMk2yk8AFOutY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eef99b59b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame C4F6 368 KB
103 KB 34ms
33ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hfbtdeatv&e=1534108800930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0y3vRxyp5FeeqOvgBArm8%2FgIbqG0iQ%2F6ipa9wuon89YvKGjo1zGbPRv6%2FC8dID76813Ua80kGKIv06241%2Fhfhbrqp669LdmGEwrXe5XRv%2FtSNn%2F%2B2LgMTsetw4QcP8ko0UdxRT%2FFSYqO7s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eef99c99b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame EFD0 368 KB
103 KB 23ms
23ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xfsjbwvy&e=1534108800930
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0A1HYGago2OIZz%2FvaIP0ZW%2FCgcqWCVoyfaQrYlOOXJAFK1pfW%2FNOn7VcojbZsiYeYA0iprnI8W4G8CTbXV7AoM6n7hhVLbOmYcwHDfZcXd3DpCz3d0YXUdXErvVNW9X1dTU%2FuNONg8XceCo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eefa9d69b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 25CF 368 KB
103 KB 30ms
29ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lqajnjktk&e=1834762243861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szu%2FYPZdqKscSamF%2FyMeaR09O3A6J7kxXOlupajfoevSGpeBdbyWpposDt%2FhVXbGDlefNfcqE2Y7VWiBez4hI1HTWJYwJkxQJDw5AICVbyoKCw%2Fyq5JY4XUxowg38ew5%2Fk1x6Wn2iZ4SPAw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eefb9f69b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 1D3E 368 KB
103 KB 30ms
30ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=spwnunpd&e=1834762243861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RF9bxA5fWxAxSsUwkqccfe2FyfNQp22mPfOWns85Ah2T%2FBCDX16UEvs%2FfiYbOw27dRN1ZLNierEJzZXka0KJIwzizmwpsdgZ%2FPvYLgq4o1ZdK%2BBzkVaXkjUcGmraSqvM%2F3A%2Bsho3Xf5nWY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eefca039b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 6CF5 368 KB
103 KB 37ms
36ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=tlgto&e=1834762243861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hbnXZds3Cy%2BTx8QuwTrszyk%2FW%2Fr%2BVfivZM6ocUeqqKZj8V3H5ChtO%2Fjaqtdt%2BBs0qw0mMqkd%2Boc3xuegX6%2FTBB9hSRQonhud%2FoIrZvBz5NaetTLVjslq%2B8ffpLqi7vLJAElJNao941Xy%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eefca219b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame A9E7 368 KB
103 KB 26ms
26ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=oqiqhodruc&e=1834762243861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LFOojGfV239P6kWgGufxSO6jXR7qN2cBYQ3TlWGJbIgry1Z%2FJQgYy7BQgdZDR2Xmw72A4LRjcXWdk9VAvfsKw4UFStWosrPC4O2X7J6%2FWIKyAQCIzUCpCtTJmR10EPE7fjvF70RHfwrt5U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eefda349b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame B9F2 368 KB
103 KB 28ms
28ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=skxljarp&e=1834762243861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKPJWfM7mJEk45oLWAzj4etHp19p1D0pf0OcQRlp0JhZ6y6NSJy6l01sLo5doT8KjMnfSgMRULm4v8c8ijsUCoFk8ctXh42Vx0GjWKWw%2FMNf21fE8oHSWgcl%2Fe60ApWMtiOCsIou90XPmZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eefea4c9b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 8AD1 368 KB
103 KB 27ms
27ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=chzwcetmv&e=1834762243861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7k0GNwNQMuTHnj7L482FlJ3m5km09gvG9gfiqWcgtjgq2KkRlLb6oq1RseUbjKSfK9qxNFUrBUI60V4GO7rGgyjEHJCL8AC04EgAJzp%2ByeFwc9Vz%2FRGOeK2nOm3Z%2Bf5bfp0f%2BLiwtLoDys%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575eeffa759b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame A119 368 KB
103 KB 44ms
42ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=jippcjfja&e=1834762243861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXjOFPPO0HE4LNWMK1gD%2BCfp99yIyKW8jtFRui7%2BvaVDbQuvCPkamGB5IEqH5LqUW2uLyGLVLd0N7OYV13JJS5bEputI%2FF3qSc6LQHXWhGENTv0sr028%2FaXDjkLS1oyb2CCPYBO8TnNWOoI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575ef00a969b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame 7CB1 368 KB
103 KB 29ms
28ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=dyafdikm&e=1834762243861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kAKqHxYZDYQnprlZjj9KK8NpTiqo9eH5COHDoDraub83IYkqCerIyxRF%2F5PhGNvBSse7QDPcSYYIirTq2RgOzJ6pP17Zx4i5nLW8HNz5GBKuIRnUm49UlerAnWOWDFuBAoLqjPXJUYkiOI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575ef01aaf9b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame B684 368 KB
103 KB 34ms
34ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=gxkvise&e=1834762243861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQSvIA7T562rYg2l9stj1DJe0DtrPdg8PDZUcvEFZy7zztKBb2ucMWdDkf9pHf9g5ZSIxr5hsluXCFbZzevpXHcCV5zCZE2VqhAa5gIc0bh6hXNdZlibHWM%2Bd8CMK2%2BTcg9qDc1nIHJl%2BFM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575ef02ad69b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame D630 368 KB
103 KB 30ms
29ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=inkusgvkf&e=1834762243861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3vGLvZfpd8TZzz06ILZDoEuH1WtoMnxMXaruS0riJDLpnXbLHbWLxphTg%2Bqr2HwfB2SU5Obma6k8uhBFrL4r8axSgwywv7CcYe9Gca5cePU8MVqw1OW%2Br9Un9nLMmotAMfe1KupA3MIo%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575ef03b039b80-FRA

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 6075 388 KB
110 KB 112ms
25ms Script
application/javascript 2a02:26f0:ea:4b9::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:ea:4b9::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 5968deed67db36c17098f115d0fd4318e4ef3616b6c3541da921599e64689040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvGm-U5Chf7bJhPTuEjZ6f0uvUXeu9gxZ_NKrjEQqkB1T9MD9WBzE2B_mv3EUi9c8Q1UrU2p2-9ahnbiJbz9PkSo6iHctH7
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 111996
last-modified: Tue, 30 Aug 2022 07:41:05 GMT
server: UploadServer
etag: "39abf610a1c41bfb1963220128a9136d"
vary: Accept-Encoding
x-goog-hash: crc32c=ixGcvg==, md5=Oav2EKHEG/sZYyIBKKkTbQ==
x-goog-generation: 1661845265455307
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 111996
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 04 Sep 2022 14:26:18 GMT

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame CD14 368 KB
103 KB 27ms
26ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sjucnsasr&e=1834762243861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FT0WZWCY60VBxXVkuwQIQZQp46srEN8H5rG%2BehnT3kU88eY5qiAOvAk9KFgDTs93NtaPHrpVa%2BAbySSJ7eO5VRZwK3MbPCtyr0gWgWBDa3tMDk5nMRJhjx26fNgIiMPgXGXZI8uaf9US%2BME%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575ef05b5f9b80-FRA

GET
H2 200 prebid6.15.0.js Show response
hb.adpone.com/ Frame AD87 368 KB
103 KB 29ms
29ms Script
application/javascript 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adpone.com/prebid6.15.0.js
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kkhcmzjfb&e=1834762243861
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1209
x-amz-request-id: 37W9H6301P27KTJ7
x-amz-id-2: FS7SDi7Wj517BcNrAYiTcae7RpwnJQ3smPdj1tlP5eAKsclo/yN5EKaZe12zS6Qbz69NszpojIQ=
last-modified: Wed, 30 Mar 2022 09:13:54 GMT
server: cloudflare
etag: W/"ead6e8c23bf835688215d35a6b357336"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wU2zR2dzCgZeeecLZJ1XZrIoMv7fnb4MfUZnp1uOn%2B67Iq6vC8CA2EHJVexA%2BNXjmQ%2FU1gaiXx62vjsOgrJ2Pg9JVqtZ41QG%2FHlaDeR4VWelYktKXVXztCJ8NeFh52EI%2FKPj%2BujblqY5as%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: xeKiFDHa4caZh3hM.m43HLu9jNtrHamp
cf-ray: 74575ef06b869b80-FRA

GET
H3 200 container.html Show response
712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BF8A 6 KB
3 KB 57ms
23ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:17 GMT
expires: Mon, 04 Sep 2023 14:21:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E8CE 6 KB
3 KB 54ms
24ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:17 GMT
expires: Mon, 04 Sep 2023 14:21:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7807 6 KB
3 KB 54ms
27ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:17 GMT
expires: Mon, 04 Sep 2023 14:21:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 405 Show response
a.ad.gt/api/v1/u/matches/ 10 KB
4 KB 581ms
191ms Script
application/javascript 44.224.191.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/405
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=405
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.224.191.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-224-191-126.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ec26f4fc87d31274bdfd75bd0825a76d73abcd82ea4b19369e7a6064585285fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.20.0
content-type: application/javascript

POST
H2 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 98ms
48ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 872F 107 B
122 B 53ms
24ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 872F 107 B
122 B 50ms
22ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 872F 18 KB
10 KB 399ms
399ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?u_h=1200&ga_vid=937080875.1662301278&u_his=2&prev_iu_szs=300x250&u_w=1600&idt=922&nvt=1&vrg=2022083001&lmt=1662301278&adxs=474&dt=1662301278887&abxe=1&dlt=1662301277869&cookie=ID%3D3571a7845a76f147-2225e47413ce0040%3AT%3D1662301278%3AS%3DALNI_MYzo20xf9QnmzFd4KPkIHFoZCXRnA&ref=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&scr_x=0&isw=300&bc=31&msz=300x0&gdfp_req=1&enc_prev_ius=%2F0%2F1&ga_sid=1662301279&fws=256&u_cd=24&impl=fifs&oid=2&dmc=8&ohw=0&iu_parts=21671350435%3A22687820958%2C300x250-earnme.club&pvsid=1838023014114108&adks=1124019640&url=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ga_hid=1112752680&u_sd=1&u_ah=1200&ga_fc=true&adys=1377&frm=23&ptt=17&u_aw=1600&ish=250&ucis=ev9vw0rxp5h0&psz=300x250&sfv=1-0-38&correlator=4059765285323877&nhd=1&ifi=1&fsfs=1&ea=0&top=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&fsapi=false&bih=1200&output=ldjh&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&biw=1600&scr_y=0&btvi=1&sc=1&eid=31069182%2C31069184%2C31069289%2C31067358%2C31062930&vis=1&eri=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e348bfdcf611ffb6171346c8d2aae87b4f8ef13ee0838829e931e4a704b91e38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9969
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://earnme.club
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 872F 14 KB
11 KB 154ms
123ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022083001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00544505dd5d4fbd0d42aa45a7aa9651e5f06dc7b415055993b16f7118e4b4fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11182
x-xss-protection: 0

GET
H2 200 container.html
d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BD7D 6 KB
0 72ms
24ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:18 GMT
expires: Mon, 04 Sep 2023 14:21:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012208121708000/ Frame 5FFB 221 KB
61 KB 62ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 250150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61526
x-xss-protection: 0
server: sffe
date: Thu, 01 Sep 2022 16:52:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b1753c5424806777"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 01 Sep 2023 16:52:08 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 5FFB 14 KB
5 KB 98ms
59ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 250150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5202
x-xss-protection: 0
server: sffe
date: Thu, 01 Sep 2022 16:52:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "23fb7130d171a0c1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 01 Sep 2023 16:52:08 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 5FFB 94 KB
28 KB 98ms
60ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 250150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28840
x-xss-protection: 0
server: sffe
date: Thu, 01 Sep 2022 16:52:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd6960dd2dd8774b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 01 Sep 2023 16:52:08 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 5FFB 5 KB
2 KB 101ms
63ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 250150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1914
x-xss-protection: 0
server: sffe
date: Thu, 01 Sep 2022 16:52:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b6863aa0ddd5cf3"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 01 Sep 2023 16:52:08 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 5FFB 40 KB
13 KB 102ms
63ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 250150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12954
x-xss-protection: 0
server: sffe
date: Thu, 01 Sep 2022 16:52:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "008ca125395468a7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 01 Sep 2023 16:52:08 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5FFB 8 KB
892 B 51ms
20ms Stylesheet
text/css 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c261555eab7ae93e60d96a5c5f4f177d11262c0c16e6a1422cf9afadfade15be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 13:25:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 14:21:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 14:21:18 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F4B1 0
0 51ms
51ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv31MZpqHdL_rRJdjSd3x9GLmHRMij-uhhpBkGXqp-VEpCnxfj0WdLPqnD6fuxfu9pLhuoAEVNHHOaQxwi-Va1ybU2WSINCZ5tKXmqhEoEOs6MpMZ-qZso8GQ7NYdRK4_v1q57ftyj2e5VFRiLcUe9yVxvFxwReld7xlY5q60aopHiefwK4StGgkcF8U9AE3djTHbHT_zfXBtKOxrWzgiLNmxe65hRsF9y_eMgQv6PMrJ5H8t0pJyt57CuNaJDFwp5wJqA4UDV0qJHyS3Lo7cPQ4hR0U8vHvtZZYWQsSXJ8SAsvxkI1sAnWDlz1VrpI2w&sai=AMfl-YSwQ3sTm1uUDPUXwzHfAOkWjsqDaEgxMHb3UIc8SutGJaDlfOUOPEuMKCbs1BgbDWb5a68wfFvERsPeyub61obbqM9DCc8PBRpTnWGzGEJvQeKiffNXsSk-pdPA8xmchA&sig=Cg0ArKJSzJApJwHsxeI6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 04 Sep 2022 14:21:18 GMT

GET
H2 200 prebid.js Show response
excellence-prebid.sfo2.cdn.digitaloceanspaces.com/ Frame F4B1 228 KB
229 KB 76ms
11ms Script
text/javascript 205.185.216.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://excellence-prebid.sfo2.cdn.digitaloceanspaces.com/prebid.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

0e0d5aaebcb9185499dabbc6f1e6979b963ba0a9e683603e0662e96302be9983

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
last-modified: Sun, 14 Aug 2022 17:57:51 GMT
x-amz-request-id: tx00000000000008019ccc3-006314b1cc-3ade62ea-sfo2a
etag: "b8c335a03c0847286b2f70d097c5a38a"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw: 1662301278.dop167.fr8.t,1662301278.cds157.fr8.hn,1662301279.cds010.fr8.c
content-type: text/javascript
cache-control: max-age=2941
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
accept-ranges: bytes
content-length: 233961

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F4B1 142 KB
44 KB 74ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:19 GMT

GET
H3 200 container.html Show response
712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 90EC 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:17 GMT
expires: Mon, 04 Sep 2023 14:21:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012208121708000/ Frame 5E66 221 KB
60 KB 39ms
31ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 250150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61526
x-xss-protection: 0
server: sffe
date: Thu, 01 Sep 2022 16:52:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b1753c5424806777"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 01 Sep 2023 16:52:08 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 5E66 14 KB
5 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 250150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5202
x-xss-protection: 0
server: sffe
date: Thu, 01 Sep 2022 16:52:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "23fb7130d171a0c1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 01 Sep 2023 16:52:08 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 5E66 94 KB
28 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 250150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28840
x-xss-protection: 0
server: sffe
date: Thu, 01 Sep 2022 16:52:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bd6960dd2dd8774b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 01 Sep 2023 16:52:08 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 5E66 5 KB
2 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 250150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1914
x-xss-protection: 0
server: sffe
date: Thu, 01 Sep 2022 16:52:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6b6863aa0ddd5cf3"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 01 Sep 2023 16:52:08 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012208121708000/v0/ Frame 5E66 40 KB
13 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012208121708000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 250150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12954
x-xss-protection: 0
server: sffe
date: Thu, 01 Sep 2022 16:52:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "008ca125395468a7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 01 Sep 2023 16:52:08 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5E66 8 KB
892 B 21ms
21ms Stylesheet
text/css 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c261555eab7ae93e60d96a5c5f4f177d11262c0c16e6a1422cf9afadfade15be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 13:21:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 14:21:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 14:21:18 GMT

GET
H3 200 container.html Show response
712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0CA3 6 KB
3 KB 15ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:17 GMT
expires: Mon, 04 Sep 2023 14:21:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D1A0 6 KB
3 KB 13ms
12ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:17 GMT
expires: Mon, 04 Sep 2023 14:21:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5FFB 2 KB
3 KB 79ms
15ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 09:48:38 GMT
x-content-type-options: nosniff
server: cafe
age: 16361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 05 Sep 2022 09:48:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5FFB 295 B
399 B 80ms
15ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 07:50:56 GMT
x-content-type-options: nosniff
server: cafe
age: 23423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 05 Sep 2022 07:50:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5FFB 0
0 57ms
24ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQiUaiooHYb2eZLcyPzBY-2dVwiCMTdFhXb95YrTRDuSaPMSk6N4NnFlLVoPL_qiEgDjGf0
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5FFB 0
0 61ms
59ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9BcQXbQUY9a7OOHH3gPq-oTABOT96YNs9dLd3vUOv62GhvYtEAEgvszXamCVwqaCsAegAeWxocYDyAEG4AIAqAMBqgSUAk_QHWQ6z-7m3gZ3iwoobdUeYGuGjJWoUdYvIpQMpHgqvZdIEvIkBWLIR5DPCAv41js1Xm9aSM5yZ5HwyEdHknLV2dsvuROOHc6p48vPIxgP3cL1HLl3utLZjUc-S7bLttuiQ0YmGAfIOuRulTF240YUNgh9ySneS-dOoxDbLzjE5WvnEP0D2P0xztHvHvFpUtjIXYdZU6LnOpiSTyBkAxXlRed0Cdgx5u-JcFx70-8aXoNDv1-ErO2-hgFyGXI09SewLiObVEQ29FBEYp3hHtMECWCr-WF2mRpls4WGJ4pZHHyp6MgAKp_jgzdLGfIUqaThg6yhUl59Vz0hM_k4pKMCKDPG3OghCgGqWWs-_epA1rzLDcAEndnO9-YD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB4PO3jmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRCp5YcB0ggSCIjhgHAQARgdMgPrggE6AoBA8ggbYWR4LXN1YnN5bi02MjE2NTE5OTQxNDEwOTAwgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTk5NTk3MzA3NTQwMzgwMjYYxt1t&sigh=iPxkAYUhZaA&uach_m=[UACH]&template_id=5020
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5E66 2 KB
3 KB 79ms
16ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 09:48:38 GMT
x-content-type-options: nosniff
server: cafe
age: 16361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Mon, 05 Sep 2022 09:48:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5E66 295 B
353 B 79ms
16ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 07:50:56 GMT
x-content-type-options: nosniff
server: cafe
age: 23423
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Mon, 05 Sep 2022 07:50:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5E66 0
0 56ms
24ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRUkET_LcUGKGf-SXb6HNUguBAn9QJg8d0Pl50ChRkesKI4iUuvo3wb_f7ojJSklvqgpCdd
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5E66 0
0 67ms
66ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFEClXbQUY9m7OOHH3gPq-oTABKuZ15Zs-Za7z-0Pw--PnK4jEAEgvszXamCVwqaCsAegAZKZq_wCyAEG4AIAqAMBqgSTAk_QjVcBdRptueux_SX6qdYI0uu5WR-qSYlmFNDcL9qzxXhZ5E99jgIadOgHGwS5nbZrSz24Klrvgp2Hvkjl-6m2La4VRtLMlb4UjIa3dOC46af5Pu1yrmnqlz2DZzbo5xk3MfpXydT9bBPX11GplVISLtV0CJC3-5KmNfLXmC11Cq_QbvzPeFaPcZ_1oTjfvjbg0qiISTMcC09ghKzde72nwTxutPOQ01etw_qIfoaq58sHCs7xlkZvrNIE14_lwTcxwdCQ_OAD0v79uZpwnuGyBDtErUwdNqSfyzqAh86vtx1KHyeHUcjowmAgAnTUvDjn_VAol2-8QcRby04pmjlzL9w0MAW8V-7y7VzqKE4PK6McwASg2KeK3QPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH1ubUgwGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBC76gvSCBIIiOGAcBABGB0yA-uCAToCgEDyCBthZHgtc3Vic3luLTYyMTY1MTk5NDE0MTA5MDCACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItOTk1OTczMDc1NDAzODAyNhjG3W0&sigh=REtY-oDx-6o&uach_m=[UACH]&template_id=5020
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 5FFB 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5FFB 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d84b0211d62e15e0241df2ab13157fca362b1421319bac442f494fe50ccab011

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5E66 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5E66 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 84fc1a47fb8d68b7a785967b89645b6a89297d240170cc5530a4edcef5d91559

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 93BA 107 B
122 B 24ms
24ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 93BA 107 B
122 B 24ms
24ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 93BA 90 KB
37 KB 350ms
350ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4208870347843066&correlator=3050551375095719&eid=31068457%2C44761478%2C44773129&output=ldjh&gdfp_req=1&vrg=2022083001&ptt=17&impl=fifs&iu_parts=21671350435%3A22687820958%2C300x250-earnme.club_._2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=3371645434&sfv=1-0-38&fsfs=1&fsapi=false&eri=1&sc=1&cookie=ID%3D0e400c037c8bfdab-229054e913ce0039%3AT%3D1662301277%3AS%3DALNI_MaID-l7AWBimzRoMHlG1lu6trDbFQ&abxe=1&dt=1662301279038&lmt=1662301279&dlt=1662301277896&idt=951&adxs=474&adys=4359&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=ctbbym1fhy8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ref=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&top=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=937080875.1662301278&ga_sid=1662301279&ga_hid=1811286127&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e651a4b9fe404b2dfb84e4a324730875c5207ab9230b338a59e9225d20d98e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37986
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://earnme.club
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 93BA 14 KB
11 KB 91ms
62ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022083001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

740e0453046ae81a1f198a17c1024016b34d7ebb528869159737e635ddbb2f58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11072
x-xss-protection: 0

GET
H2 200 container.html
1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6909 0
0 90ms
26ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: Mon, 04 Sep 2023 14:21:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 451F 107 B
122 B 22ms
21ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 451F 107 B
122 B 24ms
23ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 451F 91 KB
37 KB 362ms
362ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1629497221745310&correlator=1134424974808779&eid=44773129%2C31064018&output=ldjh&gdfp_req=1&vrg=2022083001&ptt=17&impl=fifs&iu_parts=21671350435%3A22687820958%2C300x250-earnme.club_._3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=941951635&sfv=1-0-38&fsfs=1&fsapi=false&eri=1&sc=1&cookie=ID%3D0e400c037c8bfdab-229054e913ce0039%3AT%3D1662301277%3AS%3DALNI_MaID-l7AWBimzRoMHlG1lu6trDbFQ&abxe=1&dt=1662301279054&lmt=1662301279&dlt=1662301277923&idt=972&adxs=989&adys=2939&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=itlfwkfhvw8c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ref=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&top=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&frm=23&vis=1&psz=300x250&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=937080875.1662301278&ga_sid=1662301279&ga_hid=870182862&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcad33d15a1a517c86bebdfdbb5441a64a13448af519a10aa10b08c93adb8ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38274
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://earnme.club
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 451F 14 KB
11 KB 74ms
60ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022083001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd449f6374d9f3bf9dee958e0f3e7debc4332403f21f62dab437eb9c1d3fe326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11120
x-xss-protection: 0

GET
H2 200 container.html
5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2C48 6 KB
0 40ms
25ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: Mon, 04 Sep 2023 14:21:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 20ms
20ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 1EB2 18 B
311 B 38ms
38ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=84558255145

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 1EB2 73 B
101 B 24ms
24ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=a4d2a9ec-894c-4739-8262-12af3c68ad4b&nocache=1662301279123&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278430&aucs=adpn-adtag-1662301278430&auid=557892328
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 9e30e787b6a4cb1cc7770078a538fe02efc49bfa5d9a2e91bab3fea3308c1a8c

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 1EB2 171 B
556 B 84ms
84ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1EB2 138 B
987 B 73ms
73ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5dadfcecb536de94c9f5a5812cfd232b6b4f91a41ac0b8d94e03d30b0c8bb65c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: d20bff26-08ed-44de-8e4a-a15a00ce756b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 1EB2 0
407 B 54ms
54ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 1EB2 14 KB
8 KB 103ms
103ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278430&tk_flint=pbjs_lite_v6.15.0&x_source.tid=a4d2a9ec-894c-4739-8262-12af3c68ad4b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9840735132263259
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e03a5c2ad1d8a489b94e6e8aa9f7aaf548a711e1e54612e146baa9762b31756a

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 7516
Expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 21ms
20ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame F7D5 0
407 B 50ms
50ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F7D5 138 B
987 B 21ms
21ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f561883b96dbed59c05eb01e58e236668a4a66fc5aa180ca7002997cc6d3d57f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7379f824-de9e-4ccb-afeb-31e2231b6e9b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame F7D5 18 B
311 B 39ms
39ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=17151997354

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame F7D5 73 B
101 B 23ms
23ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=e5d0d1fc-7dfb-47a3-a37c-7d43065d5d55&nocache=1662301279140&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278421&aucs=adpn-adtag-1662301278421&auid=557892328
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 274dfd0486ba0bef509d26b4b2509c7b149d8a447b5133dbc337a4640612cf9b

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame F7D5 310 B
765 B 99ms
99ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278421&tk_flint=pbjs_lite_v6.15.0&x_source.tid=e5d0d1fc-7dfb-47a3-a37c-7d43065d5d55&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3222782218372773
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 11793e513503667611d1b09576e5b9575a1dcc80f68af2f3a7e56505655dc811

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame F7D5 171 B
556 B 88ms
88ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 0826 12 KB
6 KB 181ms
181ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

bee8a17b32f0d6e6d59a3245fbd4c39c28b7b85ae07dceb1f044f6691fa862e9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8da05e17-05bf-4223-a4e5-3b3638f3ef71
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 0826 171 B
556 B 73ms
72ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 0826 18 B
311 B 44ms
43ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=47164000786

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 0826 73 B
101 B 23ms
23ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=ce716938-f3f3-4045-9ad0-cb836f545f7a&nocache=1662301279149&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278439&aucs=adpn-adtag-1662301278439&auid=557749685
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: d6d8d60caee61a05e122b53b41ce9facf41903f14e05ba7611dd1ac8010fc453

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0826 310 B
765 B 114ms
114ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278439&tk_flint=pbjs_lite_v6.15.0&x_source.tid=ce716938-f3f3-4045-9ad0-cb836f545f7a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7328573257340196
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 43decec48022e7c63bd86e646c5902c4dbd1650b341f9378537c772f2b8406bb

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 0826 0
407 B 56ms
55ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 21ms
21ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 19ms
19ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 7164 0
407 B 55ms
54ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 7164 310 B
765 B 139ms
96ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278467&tk_flint=pbjs_lite_v6.15.0&x_source.tid=898d2805-0343-4028-bd7f-4907566ea69c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5439850049876573
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5fa13fd4d5c83d7cd065ea22d6046bd254e1441e2709a0bcc546827b2d86b80e

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 7164 171 B
556 B 115ms
81ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 7164 18 B
311 B 34ms
34ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=26746304592

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7164 19 KB
12 KB 186ms
183ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c20dbd16a2ab6f11b63b8c5cebc1d4c7a711d2dea7c77c6540483d9f31eafd41

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b0006c1f-2cd4-4d01-8bd3-d0bdd99b50d9
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 7164 73 B
101 B 21ms
21ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=898d2805-0343-4028-bd7f-4907566ea69c&nocache=1662301279159&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278467&aucs=adpn-adtag-1662301278467&auid=557749685
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 5c72c8504a9b6e57dd1d1c36e0d9975788482101baab4d8188093cb287e358b8

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 19ms
19ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame EE9E 18 B
311 B 34ms
34ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=12072195833

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame EE9E 0
407 B 55ms
55ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame EE9E 73 B
100 B 23ms
22ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=31e196cf-6077-4a97-9931-41565a2558d4&nocache=1662301279166&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278475&aucs=adpn-adtag-1662301278475&auid=557749685
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: d82ef0e23bfda8d2203c0635e8a791bd2090968dd68277f51d73e4eeef581849

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame EE9E 310 B
765 B 139ms
96ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278475&tk_flint=pbjs_lite_v6.15.0&x_source.tid=31e196cf-6077-4a97-9931-41565a2558d4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08739862432484191
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f6ae6b07c337cfc7673415ba141f51938a46750a38bcbae9c7f4e53ee0128540

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame EE9E 171 B
556 B 112ms
78ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame EE9E 139 B
988 B 32ms
14ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5fb48e6a58d8a8675f2b230633e5e7483d7b6835a09fe4f21d8a300ec9d5a951

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e94af8d3-46fc-4c11-931b-6d15f6a25937
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 20ms
20ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame AECC 171 B
556 B 124ms
89ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame AECC 20 KB
12 KB 226ms
208ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

7da1fbad6f4b62772fc4837f892e891a649f1fec234dda4d9da493720abcd325

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 839e1799-9e70-4590-80e1-9c61b89f5737
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame AECC 310 B
765 B 153ms
108ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278494&tk_flint=pbjs_lite_v6.15.0&x_source.tid=3b4d0a2b-6985-4d28-be0d-36db9e3d6678&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.858464787728491
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c3667a48785621b8f3449b5d58569d7e468c91c954eb89930e60797e8c3ece3d

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame AECC 0
407 B 50ms
50ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame AECC 18 B
311 B 50ms
49ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=32204666981

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame AECC 73 B
100 B 28ms
28ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=3b4d0a2b-6985-4d28-be0d-36db9e3d6678&nocache=1662301279177&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278494&aucs=adpn-adtag-1662301278494&auid=557749685
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 62a6ea4f4b2336e0ee130058685a3114e26242e80d318b4f8fbc88d7fb795d8c

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 2787 73 B
101 B 21ms
21ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=bb961032-8a1e-4096-80b8-1ec19b792490&nocache=1662301279218&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278481&aucs=adpn-adtag-1662301278481&auid=557749685
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: b1977610fe360d184c2c6b5dc993928465c2b0da2fc63520a20a0c6a2ea16940

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 2787 171 B
556 B 93ms
92ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 2787 310 B
765 B 121ms
108ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278481&tk_flint=pbjs_lite_v6.15.0&x_source.tid=bb961032-8a1e-4096-80b8-1ec19b792490&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.018493046640267075
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b004b56de6f2e573fd7b3d53e557a8180fe72002d937d1e9183e68adf1a61319

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2787 13 KB
6 KB 162ms
161ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

00258aceaeebf1213cd9966816bf2368b72ff62f16a28d30c685d463becb788c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: fa11b546-fe14-473a-8144-ac719bc90478
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 2787 18 B
311 B 35ms
34ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=87191090155

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 2787 0
407 B 53ms
53ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 22ms
22ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 9B1B 310 B
765 B 119ms
106ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278487&tk_flint=pbjs_lite_v6.15.0&x_source.tid=e3888edc-eb8c-400a-be5d-902565335898&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.17767971719991071
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 64cf23885cb5733e196a93ae78b5c0eb657a5a254a7e7d5d857461b65309fd20

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 9B1B 73 B
101 B 20ms
20ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=e3888edc-eb8c-400a-be5d-902565335898&nocache=1662301279228&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278487&aucs=adpn-adtag-1662301278487&auid=557749685
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 45c9a4c5a5a462873793bbd1fd7878f52f9b54c58a3808e9776535e17fb1f674

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 9B1B 171 B
556 B 101ms
101ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 9B1B 18 B
311 B 35ms
35ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=96849833101

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9B1B 12 KB
6 KB 149ms
149ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

3aa35cda3424825b2d14500636dfacc4e64f8cd1d0d0f980fd78fadaab20fbb2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a2eeed91-6d86-43ac-a8cc-8063b10a9c75
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 9B1B 0
407 B 52ms
52ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 22ms
22ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 5FFB 28 KB
28 KB 46ms
16ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://earnme.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 323065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 20:36:54 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 5E66 28 KB
28 KB 41ms
15ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://earnme.club
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 323065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 20:36:54 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 19ms
19ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame BBAF 171 B
556 B 81ms
81ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame BBAF 0
407 B 54ms
54ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame BBAF 310 B
765 B 103ms
97ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278509&tk_flint=pbjs_lite_v6.15.0&x_source.tid=229c7f56-0d16-4a13-8343-4f71a00eb2b8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8736659715309825
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 63ba293fc740fb6f1b4cc76013dba543263d030a3ae9aa099471736fc4286229

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame BBAF 73 B
101 B 20ms
20ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=229c7f56-0d16-4a13-8343-4f71a00eb2b8&nocache=1662301279259&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278509&aucs=adpn-adtag-1662301278509&auid=557749685
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 9a50ad0ca396beb78f1ba7d052bb9a63624ff6520527190e5a8e8cd1b91d0ca1

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame BBAF 18 B
311 B 35ms
34ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=35918450441

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BBAF 13 KB
7 KB 180ms
180ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

3b0bc36f527b511251af347e357dd43096c3c242906588e96cf0fbb7b8611ff4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: fc602047-727c-454a-b453-295402983564
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 19ms
19ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame C1F8 18 B
311 B 47ms
47ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=75267500412

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame C1F8 0
407 B 55ms
55ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C1F8 138 B
987 B 79ms
16ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6fba09a93a4f6197684101fef0f415ad00fb0dee1a59fdd557089d9acaf4848d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0b869c9e-927d-4701-8aa0-4335f3427a2b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C1F8 171 B
561 B 143ms
138ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame C1F8 73 B
101 B 22ms
22ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=f40d549b-7b58-431a-b969-aa3de4dd678b&nocache=1662301279269&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278517&aucs=adpn-adtag-1662301278517&auid=557749685
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 743459c8eff4a1e53b1604de38e517efd3bcd75c9286b90053e95c50e3d9f347

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame C1F8 310 B
765 B 131ms
103ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278517&tk_flint=pbjs_lite_v6.15.0&x_source.tid=f40d549b-7b58-431a-b969-aa3de4dd678b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8025116290518963
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 56cd3fc1c9b108bcee6f7ab85eb921d4fe5af08e8825e553c65bda6f3a753e63

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 19ms
19ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 47E0 18 B
311 B 38ms
38ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=53739258726

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 47E0 137 B
986 B 66ms
14ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6cbf3e7040043cc14ff89276fe067a34d0fb805e0a933b0dc73c1ace1ce3a2ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4e0f51ee-d63e-45a2-b6d4-ac6aab8f4aa5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 137
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 47E0 171 B
556 B 90ms
90ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 47E0 0
407 B 50ms
50ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 47E0 310 B
765 B 122ms
109ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278501&tk_flint=pbjs_lite_v6.15.0&x_source.tid=85a00b65-ce72-4827-8fdc-47b51d5c4e7b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7522572258901457
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fe59b6ed26397d76de6534ad48c308b016e797d49ffa6c2e42090a9b32fa96ee

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 47E0 73 B
101 B 23ms
23ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=85a00b65-ce72-4827-8fdc-47b51d5c4e7b&nocache=1662301279295&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278501&aucs=adpn-adtag-1662301278501&auid=557749685
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 9bd0f35c4ee20f483eb007212473f67c8029f9b7f326ee6e5d91c56e4ea2f8f0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 20ms
20ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F5A1 138 B
987 B 61ms
14ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0ae668cdd696bebd955cc6dc5f93c260bcbcbb515cbcb7145fceba3fda72e80d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 082d699a-9233-4c5a-b494-c9831263dc6d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame F5A1 310 B
765 B 147ms
117ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278543&tk_flint=pbjs_lite_v6.15.0&x_source.tid=65646c60-dde3-4324-a0ce-888390db725f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.44243421789864024
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 825ec614cbf8d5a3d1e4e8a3cc76f513fd9780a7076f4c4e9ea4f008697e7b34

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame F5A1 18 B
311 B 35ms
35ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=55152385733

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame F5A1 171 B
556 B 84ms
83ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame F5A1 0
407 B 59ms
59ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame F5A1 73 B
101 B 25ms
24ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=65646c60-dde3-4324-a0ce-888390db725f&nocache=1662301279303&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278543&aucs=adpn-adtag-1662301278543&auid=557749685
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: fea14d1d794264272f94f2294f52e1df757b05cd6c00cc67f5d890bc4e3c963d

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 22ms
21ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 2D59 0
407 B 66ms
63ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 2D59 18 B
311 B 39ms
37ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=55011238249

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 2D59 310 B
765 B 109ms
108ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278549&tk_flint=pbjs_lite_v6.15.0&x_source.tid=9ec7e945-385d-4a3b-88cc-6991a1a27843&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.16634280845581895
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 694bf9218f362e6dc6cd3dd24342d4ad35e9626ebce40ffdfa3d0594e2614534

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 2D59 171 B
556 B 94ms
94ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2D59 139 B
988 B 44ms
28ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c490df7b9187c8d51f819a05ea9225437caf8d3e112a8a103bed8ffb844e3ec2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 60c3efd8-877c-4091-b164-97798a099c5c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 2D59 72 B
100 B 21ms
21ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=9ec7e945-385d-4a3b-88cc-6991a1a27843&nocache=1662301279344&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278549&aucs=adpn-adtag-1662301278549&auid=557749685
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 50e2d3c99a5108b8e0e663b640e64ec8e147c19ee542b4f588b8b8829d973151

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 20ms
20ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 2ACE 0
336 B 20ms
19ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 2ACE 73 B
101 B 23ms
23ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=b205ecc9-d570-4f7a-a65e-6fe0f15e78c1&nocache=1662301279351&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278565&aucs=adpn-adtag-1662301278565&auid=557892318
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 0a334c49e7a2e7081145d49823d822417dfe1456cfcef16d5bba9290f34e6032

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 2ACE 18 B
311 B 35ms
35ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=75582925246

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2ACE 12 KB
6 KB 215ms
202ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

448fd4139f39990e8ecc35115c75bf30ebfbbdf7af3ff61642a93395379b1184

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 69e5954a-d6c0-496c-928b-84bf254c491b
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 2ACE 0
407 B 60ms
58ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 2ACE 310 B
765 B 119ms
119ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278565&tk_flint=pbjs_lite_v6.15.0&x_source.tid=b205ecc9-d570-4f7a-a65e-6fe0f15e78c1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9580459731947477
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 48445ebd57b08f7c79a763ea6f298547bfdfd8d29f1aacc1b7c8ed8eeef9f64b

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 20ms
19ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 4062 171 B
561 B 84ms
83ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 4062 73 B
101 B 25ms
23ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=be826879-2962-42dc-9119-33503770800e&nocache=1662301279363&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278558&aucs=adpn-adtag-1662301278558&auid=557749685
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: b7ab369b8ffb17bacfb0041f1657a3cd6d3c84c446531e6f726fd6e26177c6de

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 4062 18 B
311 B 40ms
38ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=16956576181

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4062 138 B
987 B 39ms
24ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

95575cd1f83035fcac0e58511c6f04d2874046a4e07d11bd584980ca31a3ea78

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ea132785-f35c-4f4b-b295-ddee082858b6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 4062 0
407 B 56ms
55ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4062 310 B
765 B 99ms
99ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278558&tk_flint=pbjs_lite_v6.15.0&x_source.tid=be826879-2962-42dc-9119-33503770800e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5662905939171223
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 367e2af43809edcff2e4f2c6da127b3eae182e5e5ce918cd93bb61d87ba60c7e

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 23ms
21ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 6CDA 18 B
311 B 50ms
49ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=50437732633

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 6CDA 0
407 B 50ms
50ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6CDA 138 B
987 B 34ms
23ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c97a0704edb32b2b517a99079e7c0dc76c63b48b29ddac9b66a828c4988c1249

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ff237152-85e8-4f4a-8e26-024b1ae07396
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 6CDA 73 B
101 B 23ms
22ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=461de03d-cf71-47d0-b2b0-d5c011874bb6&nocache=1662301279374&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278572&aucs=adpn-adtag-1662301278572&auid=557892318
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: b8454ccf07df995887867bc627836fe8961796f4a1ca6282c0a7ecec2d5fcedd

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 6CDA 0
336 B 20ms
19ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6CDA 310 B
765 B 143ms
117ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278572&tk_flint=pbjs_lite_v6.15.0&x_source.tid=461de03d-cf71-47d0-b2b0-d5c011874bb6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.42799321319803796
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6bf3c89a3c323e01473a4f52450d9ffd0f0b16f3054f4608b5d284bbc3187c40

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 60F4 0
336 B 21ms
17ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 60F4 18 B
311 B 37ms
35ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=5955435587

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 60F4 12 KB
6 KB 206ms
201ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

caa078f9db5e28a34545a384f43aa2c5d24f965dd303c138d701fb8c6274541a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d5ec7fb6-41c5-4e7d-8f96-bf276df7bc59
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 60F4 74 B
102 B 46ms
45ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=e2c4b3ef-8d36-4eb5-a741-e046da638333&nocache=1662301279383&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278592&aucs=adpn-adtag-1662301278592&auid=557892318
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 3e1ad7f6908aa6757ccbac4f4da0abbbafd1705a76981126f40530d62c8ea309

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 60F4 310 B
765 B 160ms
125ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278592&tk_flint=pbjs_lite_v6.15.0&x_source.tid=e2c4b3ef-8d36-4eb5-a741-e046da638333&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7765549431913306
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7f9f775834eeb1a2db9dafabc9927a32efe858b537990996ed44e62b1ded874f

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 60F4 0
407 B 50ms
50ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 20ms
19ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 20ms
19ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 7966 14 KB
8 KB 177ms
118ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278579&tk_flint=pbjs_lite_v6.15.0&x_source.tid=c4f51084-7619-4571-8cda-cbc054137aaa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.785424840054338
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 92093ecec7545ef1898fdfa0a3593a6818b61098d41d20795049db900d742a1f

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 7492
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 7966 0
336 B 18ms
18ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 7966 0
407 B 52ms
51ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 7966 73 B
101 B 22ms
22ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=c4f51084-7619-4571-8cda-cbc054137aaa&nocache=1662301279393&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278579&aucs=adpn-adtag-1662301278579&auid=557892318
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 0bc006d41c386d832cbee91e6ccf33feb078474a29b847fb60e47ae8865928b9

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 7966 18 B
311 B 80ms
80ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=18341138118

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7966 12 KB
6 KB 184ms
175ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

3f05fa29947e2e6c5b0c08d35d87727d9bcc5bb68aaaaf8def8a37f84a234b55

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d683b54a-cf33-44df-ad6c-8fe3ff44ef0a
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 26ms
24ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 6873 18 B
311 B 43ms
39ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=84346215862

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6873 138 B
987 B 22ms
19ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a484d64d446aeeb95de71c608c6c5e23275a6e2e6e17eebbace64de980d2ba94

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b088c3f8-ca9d-47c0-9383-3ad4eea2d4cd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 6873 73 B
101 B 29ms
27ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=02afcfa7-7587-4dbb-877b-5ad9ebc575af&nocache=1662301279419&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278585&aucs=adpn-adtag-1662301278585&auid=557892318
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 0bd424b113da155f26c1800507f6b42442fca305cd76a2ba7a18f2a7feef21ec

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 6873 0
407 B 57ms
53ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6873 310 B
765 B 139ms
106ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278585&tk_flint=pbjs_lite_v6.15.0&x_source.tid=02afcfa7-7587-4dbb-877b-5ad9ebc575af&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6110577199393676
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7595bfe8c6e2ac1a699e703bedf3af611d3e4e9d841dcbe33bbc988423236f42

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 6873 171 B
556 B 98ms
98ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 25ms
24ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame A3C4 0
407 B 55ms
54ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame A3C4 18 B
311 B 141ms
141ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=85914455748

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A3C4 12 KB
6 KB 168ms
168ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4c787f328ce9fe9dfcbc0a5ba61dbc0737c998b8c23dff5662047f254772d2e9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: cc13ab29-05f8-4a48-aa26-f155fd9d82fc
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame A3C4 171 B
556 B 80ms
80ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame A3C4 310 B
765 B 147ms
109ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278524&tk_flint=pbjs_lite_v6.15.0&x_source.tid=de9eb190-abd1-4675-84a5-ac274442f09c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3293194460627078
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f85c4930a0cf330caad36b5f8847e0a01610609eec657b640f7dd5f028e12fa2

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame A3C4 73 B
101 B 27ms
27ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=de9eb190-abd1-4675-84a5-ac274442f09c&nocache=1662301279429&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278524&aucs=adpn-adtag-1662301278524&auid=557749685
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: c0fe25cd463995bb9787f6c6b93f7029d6f953dab7d9a4fdc57cd2d975d8b9f0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 05E4 73 B
101 B 23ms
23ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=555561b9-e15c-46fd-82eb-4d1c4da5c201&nocache=1662301279435&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278600&aucs=adpn-adtag-1662301278600&auid=557892318
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 712a5128616a7b6a16f64a6a0c2533780a2c4f41c713fe5da0e947b5d4263947

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 05E4 138 B
987 B 21ms
15ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ac211a52db3739f40a9131a86af7e5c92f67ec144d077042bda25daed0220313

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b8931903-46c6-468d-a776-8d33719def07
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 05E4 310 B
765 B 160ms
123ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278600&tk_flint=pbjs_lite_v6.15.0&x_source.tid=555561b9-e15c-46fd-82eb-4d1c4da5c201&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8744025590291411
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: e5aef9c60d57099288db6200c682a71118ae16dc28cb57063c6b7171177873fb

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 05E4 18 B
311 B 46ms
45ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=59219541312

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 05E4 0
336 B 26ms
25ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 05E4 0
407 B 52ms
51ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 21ms
21ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 24ms
21ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 1FE3 18 B
311 B 40ms
39ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=50939888949

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 1FE3 73 B
100 B 22ms
19ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=a06974e6-5cb4-459c-9eea-63cb9673c312&nocache=1662301279445&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278533&aucs=adpn-adtag-1662301278533&auid=557749685
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: f4f7313ea04c224de753cfb712fe126c6005aa29fc390ff119e61c041a9c5ef4

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 1FE3 0
407 B 84ms
84ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 1FE3 171 B
556 B 86ms
84ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1FE3 12 KB
6 KB 197ms
195ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

22d58a82be2a75e3333c3d7d6f03f593d4beea9301e051f95bae23ccdd4b7ee3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 36c08fe5-3a60-48a0-ac9c-d465577bc5f6
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 1FE3 310 B
765 B 235ms
164ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278533&tk_flint=pbjs_lite_v6.15.0&x_source.tid=a06974e6-5cb4-459c-9eea-63cb9673c312&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2909631006077058
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5db1a3bdb623cff86e791150634e3c2783c4f9db1def107463440a024476eb6e

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 21ms
20ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 3248 0
407 B 56ms
56ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 3248 0
336 B 656ms
655ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3248 137 B
986 B 38ms
36ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

30df1408d82b10753d186bac5c4f46f54cf3de339f64ef30b4bec81f24dd2a0b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3c944f28-cc67-4101-84cc-1704900f3a31
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 137
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 3248 73 B
100 B 28ms
27ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=d94098fd-1406-4d0f-8302-56342e66207b&nocache=1662301279457&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278609&aucs=adpn-adtag-1662301278609&auid=557892318
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: ff1f53bee8d59ccd36b10c8c813222a9dc0e5fbfcaee8f81ddaa9d2c19bd778b

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 3248 18 B
311 B 163ms
162ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=1970757109

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 3248 310 B
765 B 193ms
114ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278609&tk_flint=pbjs_lite_v6.15.0&x_source.tid=d94098fd-1406-4d0f-8302-56342e66207b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.38306584148510736
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4a3170b295102d035d71ac0831fd855bfa941a78fd7b573b9ae7b583f8b6545c

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 20ms
20ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame BDE5 73 B
101 B 22ms
21ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=f8db3e0e-bfce-40d1-810b-7ed2d9bf1f5b&nocache=1662301279475&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278616&aucs=adpn-adtag-1662301278616&auid=557892318
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 80706ad1f7353efb152c32ef70c4eaa4ac2c109fb1841e355dbf7353f48ef36b

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BDE5 138 B
987 B 33ms
15ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

aa3eed140bb1247b6d2ae2f6ab785daff6f7d34a5e9b970662dc675a9544994c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b2557e80-8e3a-4ad4-9e2e-800656571a9e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame BDE5 0
336 B 37ms
37ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame BDE5 18 B
311 B 37ms
37ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=24478268073

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame BDE5 0
407 B 54ms
53ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame BDE5 310 B
765 B 180ms
97ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278616&tk_flint=pbjs_lite_v6.15.0&x_source.tid=f8db3e0e-bfce-40d1-810b-7ed2d9bf1f5b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.21969398439472299
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1326d911d716467ac41909b5fd8af44dfa453c2f0de27759860584ef1ad8bcbc

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 2FCC 18 B
311 B 42ms
42ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=80654761227

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 2FCC 73 B
101 B 23ms
23ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=054d8244-ba6d-4ccf-af65-89e385291ebb&nocache=1662301279489&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278625&aucs=adpn-adtag-1662301278625&auid=557892318
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a8b7f347dbe78d968ef1daf5dc0d1ecdd6d85bbf9481ebf54e4d871b1e8fd48d

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 2FCC 0
336 B 18ms
18ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 2FCC 310 B
765 B 196ms
117ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278625&tk_flint=pbjs_lite_v6.15.0&x_source.tid=054d8244-ba6d-4ccf-af65-89e385291ebb&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6705987806118023
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 56a1f9f82e6d3e3daee225c3e8c505256874ef4326d49f806a1085bee7d909ad

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 2FCC 139 B
988 B 43ms
20ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

29d04c40da5e890976cdb0d7945286d370bd9d92b5ec8e29a056ef47163d230e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: fc5ae7fe-7fcd-45c0-a7c5-6d1263df6452
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 2FCC 0
407 B 52ms
52ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 20ms
20ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 20ms
20ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame D129 0
407 B 55ms
54ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D129 12 KB
6 KB 200ms
163ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

162327e4a7155fc009d99a80a9dd825581ccb540bf9a37b7343f8637f34ae7ce

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 882097ca-0cb3-4bce-b3aa-60bb8e9c1d56
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame D129 310 B
765 B 195ms
117ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278632&tk_flint=pbjs_lite_v6.15.0&x_source.tid=0ef38d46-2e55-4c9a-a1fd-9f0251b04c07&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5890891261027542
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f910f22ffbcef40bbaa26e0bef7e299600ead31245370d9321022ba4143a60de

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame D129 73 B
101 B 25ms
25ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=0ef38d46-2e55-4c9a-a1fd-9f0251b04c07&nocache=1662301279499&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278632&aucs=adpn-adtag-1662301278632&auid=557892318
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 6a8611452378b638501d9869963cde74c1e831df48d5a9f96f90b7f645295b78

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame D129 0
336 B 26ms
18ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame D129 18 B
311 B 34ms
33ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=14395187469

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 32B9 14 KB
8 KB 213ms
124ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278639&tk_flint=pbjs_lite_v6.15.0&x_source.tid=9879c54d-3aee-4f26-ac94-70bd514ef545&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.03829457012212312
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7c7676e360321158fd19fb1eae9c426d70ff38ccaebca142bd0a5c0659f59856

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 7511
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 32B9 138 B
987 B 101ms
42ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

04767542ed18ac4861727b0318e9a59c54580b88dfd6b1a787fe9d76711f7145

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5b8b38b2-92ba-49e1-87f0-e6f9373ad792
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 32B9 0
336 B 22ms
20ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 32B9 18 B
311 B 45ms
42ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=46038717796

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 32B9 0
407 B 50ms
49ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 22ms
20ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 32B9 72 B
99 B 23ms
22ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=9879c54d-3aee-4f26-ac94-70bd514ef545&nocache=1662301279512&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278639&aucs=adpn-adtag-1662301278639&auid=557892318
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 53d8e2df0b9330aafcf9a35de9c0f67da108cb1f93b2be1066de0401e6cb0b10

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 20ms
20ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame EFD0 18 B
311 B 34ms
33ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=34533458717

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame EFD0 171 B
556 B 107ms
106ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame EFD0 13 KB
7 KB 246ms
188ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

60e16b30455ae16c6bd635ea4169a3586368fc10cf546cd4730205dd555fabb2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6ff43c05-1f3f-4300-81d3-cec11e675ee5
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame EFD0 0
407 B 93ms
93ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame EFD0 310 B
765 B 248ms
108ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278662&tk_flint=pbjs_lite_v6.15.0&x_source.tid=ac49a6c3-cf49-40e1-83bd-44782a4f947e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9923857852689397
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 71c47aeb78c1495815cdb8b9edb895fefb3e54ec1dece1f6676ea97f7e0a2915

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame EFD0 73 B
101 B 21ms
21ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=ac49a6c3-cf49-40e1-83bd-44782a4f947e&nocache=1662301279521&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278662&aucs=adpn-adtag-1662301278662&auid=557892318
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: ab716468482877fd517f038b636dd6d7604fbc6f5feaf865b4f6b7eb3a94edf9

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame C4F6 18 B
311 B 40ms
40ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=72359464205

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame C4F6 310 B
765 B 382ms
250ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278653&tk_flint=pbjs_lite_v6.15.0&x_source.tid=56d39c06-f8fe-444d-a5ea-48552a4c7397&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7418927904731409
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fce434e1e523875b5ab186450b7a7d1c91ddc2944c889785c8123c16b58f5618

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame C4F6 73 B
101 B 21ms
20ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=56d39c06-f8fe-444d-a5ea-48552a4c7397&nocache=1662301279529&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278653&aucs=adpn-adtag-1662301278653&auid=557892318
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: d8ec1529c8252274b8fa894f3816672ba99b45464e27f6994c14b438fd22c671

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C4F6 13 KB
7 KB 303ms
243ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

884fc0b051313b4717d2e86079831eded3dcd206d04796ead8af03acc8d825f3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: edb897f2-91e8-4e52-8be6-609cdb44a404
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C4F6 0
336 B 18ms
18ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame C4F6 0
407 B 50ms
50ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 20ms
20ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 21ms
21ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 25CF 18 B
311 B 37ms
37ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=50588659970

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 25CF 310 B
765 B 244ms
99ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278670&tk_flint=pbjs_lite_v6.15.0&x_source.tid=1ab9373d-18b8-4311-812b-541422a5f46a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.45736348769108814
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a1c0f9401109b38b6a1e3bd0f78c236055d17ad31838e34cc4f254f253e05cca

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 25CF 0
407 B 47ms
47ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 25CF 171 B
556 B 53ms
53ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 25CF 13 KB
7 KB 221ms
163ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

f4192092848d9db62e3104c0fbb850eed72b5f62df4b47bbb40f3c5d2dbc7b97

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5cf0fcae-5a36-4dca-824c-d975b3303b45
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 25CF 73 B
101 B 21ms
21ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=1ab9373d-18b8-4311-812b-541422a5f46a&nocache=1662301279541&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278670&aucs=adpn-adtag-1662301278670&auid=557892328
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: c315ca8ec44e193f68c047ef05157a67f43086a066474533c870a64235116f00

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 19ms
19ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 1D3E 0
407 B 47ms
47ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 1D3E 171 B
561 B 97ms
97ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1D3E 138 B
987 B 100ms
37ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ae145b1ff47378f884489f438958423a99182898dc655e4b296566a293db2293

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9e5b7543-bb67-46f6-892d-492ac3f491a4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 1D3E 18 B
311 B 37ms
37ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=28778144536

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 1D3E 72 B
100 B 22ms
22ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=31db0906-94b3-4d6e-9812-6c36535b584e&nocache=1662301279549&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278677&aucs=adpn-adtag-1662301278677&auid=557892328
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: d66cc2943b8861d2c66f9785f2231813ee6162bcdc5407d13953caf90f0acb72

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 1D3E 310 B
765 B 252ms
115ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278677&tk_flint=pbjs_lite_v6.15.0&x_source.tid=31db0906-94b3-4d6e-9812-6c36535b584e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3696185499710243
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 88c65b5614a5f5e40fff67a9f1f661557f5cf35bb22d4bb449295cdc5db05386

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 19ms
19ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A9E7 138 B
987 B 80ms
14ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

100e5af15fe1910a3296fc6042b01ad12551ae410520b000d62e10454ca1bb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b8c77832-9997-424c-abd8-aaca88534b41
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame A9E7 310 B
765 B 233ms
118ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278692&tk_flint=pbjs_lite_v6.15.0&x_source.tid=de432bcb-9117-4bd1-b402-822dc1b43bd5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.051701534222183154
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3bd9841b73da798a11eee426806a6db72a7bb989418684b121f751a275b96def

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame A9E7 171 B
556 B 50ms
50ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame A9E7 0
407 B 55ms
54ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame A9E7 73 B
101 B 24ms
24ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=de432bcb-9117-4bd1-b402-822dc1b43bd5&nocache=1662301279581&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278692&aucs=adpn-adtag-1662301278692&auid=557892328
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a91bc0ee1b66945c1bcb13edd557f8dbb9d4c5fff2d87003eed6723eaf09f633

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame A9E7 18 B
311 B 35ms
35ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=21628312738

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 20ms
18ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 6CF5 14 KB
8 KB 234ms
105ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278683&tk_flint=pbjs_lite_v6.15.0&x_source.tid=184031aa-8524-4efe-9851-f7d78ea71165&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2944356162927513
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f11889c42b8c5a2a61298de346e2cb85c870d622d5ea3af51ef02917ea519480

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 7502
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 6CF5 73 B
101 B 22ms
21ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=184031aa-8524-4efe-9851-f7d78ea71165&nocache=1662301279595&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278683&aucs=adpn-adtag-1662301278683&auid=557892328
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: df7edca11bb01cbc654d54a98c0431522787112b50c510ae9c35d48f093c8a84

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 6CF5 0
407 B 52ms
52ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 6CF5 138 B
987 B 69ms
17ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6a3cf00b5a1952093d4444a827278d450b250088616a8cb9f4aa8a3718f9b595

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7192614b-8085-4da8-a042-9c59c357fc3c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 6CF5 171 B
556 B 55ms
54ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 6CF5 18 B
311 B 39ms
38ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=25638509795

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame B9F2 73 B
101 B 21ms
21ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=96ba5036-65f3-45fe-8503-935bbd48b166&nocache=1662301279604&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278699&aucs=adpn-adtag-1662301278699&auid=557892328
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: d40635ff442c41fbbf9a2fa138d9e19a3927cd37ab0b7c5ab1eed0b0b6ae0c85

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame B9F2 171 B
556 B 155ms
155ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B9F2 310 B
765 B 299ms
135ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278699&tk_flint=pbjs_lite_v6.15.0&x_source.tid=96ba5036-65f3-45fe-8503-935bbd48b166&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6811604422215882
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 386d782c3a0d9e89bbde434ae2a1a925c640715b717a7697c39a8f1104608cf0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame B9F2 18 B
311 B 40ms
40ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=60956165480

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B9F2 19 KB
12 KB 234ms
179ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e6148c3de2c60edf946b618080e19bbeb1dbbd3f3c72a11b7e92cff37235f749

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 8d5c9a14-f300-42e6-9679-6647c9d5ea10
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame B9F2 0
407 B 49ms
48ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 20ms
20ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 19ms
19ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 8AD1 310 B
765 B 288ms
116ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278711&tk_flint=pbjs_lite_v6.15.0&x_source.tid=809023d2-e847-4254-ab72-e9fcd12766ea&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.743128471571247
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 47df803326d83ae8c0b7f1d9e8bea7ea792531fce35661b7ec0e7f46fba70404

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 8AD1 0
407 B 53ms
52ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 8AD1 73 B
101 B 20ms
20ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=809023d2-e847-4254-ab72-e9fcd12766ea&nocache=1662301279614&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278711&aucs=adpn-adtag-1662301278711&auid=557892328
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 72ddba36042c638dce4256b4581fa6addf5b18b07c58f3383863f94eac426be6

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 8AD1 171 B
556 B 65ms
51ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 8AD1 18 B
311 B 81ms
81ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=27401050288

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8AD1 139 B
988 B 65ms
14ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

72a4c2ab1126b34efac59540b1fd242d7789c98bf984b60bb2f57ad5af9c947b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4d090416-9f6a-447a-89ff-1babd72f425b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 22ms
19ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 7CB1 171 B
556 B 61ms
52ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7CB1 12 KB
6 KB 227ms
170ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

eec33f8281e609b1e0cc4d47810fd5fb44594a54cfde9473d8bddec6eaed1b6e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 22f5a249-54e5-480c-aae4-2d46053d6693
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 7CB1 310 B
765 B 315ms
136ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278730&tk_flint=pbjs_lite_v6.15.0&x_source.tid=484ca875-2abc-44bf-8e14-d80fd80a75e1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7520034580313577
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c2213551a7ed065aaf2f453d2e582c837e4a2c21228f8da3aaa3d6edb1d91fa9

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 7CB1 0
407 B 50ms
49ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame 7CB1 73 B
101 B 23ms
21ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=484ca875-2abc-44bf-8e14-d80fd80a75e1&nocache=1662301279626&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278730&aucs=adpn-adtag-1662301278730&auid=557892328
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 871469d7db411effa912da2f18a5cf1dc710b40987198fe30f98358f982003e8

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame 7CB1 18 B
311 B 39ms
38ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=77639989734

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame FAFC 310 B
765 B 303ms
123ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278646&tk_flint=pbjs_lite_v6.15.0&x_source.tid=85b0447a-508d-4204-a0b6-4d4d655b6d1c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.12461888175891467
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b4e74076e89e65b6d268dff479464af60172bd9938bedd460354f91fc80b971a

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame FAFC 138 B
987 B 77ms
14ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

72f727bab11a0aab90ba2c6bd2381bfb76cc40b369491108970bb9739e2edf03

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 286ef3b6-8e11-445f-9b6d-c56bda83ea54
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame FAFC 0
336 B 29ms
21ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame FAFC 18 B
311 B 36ms
35ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=26981774760

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame FAFC 73 B
101 B 23ms
23ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=85b0447a-508d-4204-a0b6-4d4d655b6d1c&nocache=1662301279637&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278646&aucs=adpn-adtag-1662301278646&auid=557892318
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 558587aecf42d586786beb44c29643e4140c153e47f39fc18e4567cfedfd9fb3

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame FAFC 0
407 B 59ms
56ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 20ms
19ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 19ms
19ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame A119 18 B
311 B 40ms
40ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=19205284284

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame A119 0
407 B 55ms
55ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame A119 73 B
101 B 22ms
22ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=2751bad5-f3c2-4ca4-bba0-bdd79b9bf8e8&nocache=1662301279690&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278721&aucs=adpn-adtag-1662301278721&auid=557892328
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 3c0c388e728c9320a5d2d5aaa053091b053be9e935905fbdfe0018332278c7ff

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame A119 171 B
556 B 50ms
50ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame A119 310 B
765 B 235ms
97ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278721&tk_flint=pbjs_lite_v6.15.0&x_source.tid=2751bad5-f3c2-4ca4-bba0-bdd79b9bf8e8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5705146764668503
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1f30cdfc13f70058988657db4f8ffc071652d07ab662c9080bc4e6c93886280b

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A119 139 B
988 B 37ms
15ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4e98478c20dd3fbfd6e868ef9e0c18e5d07ae52bc060819f8d229c1322438780

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 960403f0-b93c-489a-873e-8a32b804875d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame B684 73 B
101 B 21ms
20ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=20f20e5e-bed3-4fb0-bf45-f65c26e2ef94&nocache=1662301279704&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278739&aucs=adpn-adtag-1662301278739&auid=557892328
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 7548d4301e7fe09a2f73a6fbe821a60ebfc0a946c4bc30fc18d11577ccdd62a8

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B684 12 KB
6 KB 201ms
175ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

314913e2c13c247ad48403b67158391de7c43af769db026cafad36d751456e52

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 42655706-7e1c-406a-8d0e-4308a3e2de7a
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame B684 171 B
556 B 60ms
59ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame B684 18 B
311 B 34ms
34ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=19865916489

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame B684 310 B
765 B 296ms
101ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278739&tk_flint=pbjs_lite_v6.15.0&x_source.tid=20f20e5e-bed3-4fb0-bf45-f65c26e2ef94&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.28423220202486155
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 4b4be258f1895ef0339e7b17a0dd6e953b529f74fcd3e861d0aa933a1f789ee3

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame B684 0
407 B 52ms
52ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 20ms
20ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 20ms
19ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame D630 0
407 B 74ms
74ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D630 138 B
987 B 65ms
17ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

174449c9a8393b3a2990ae70a6b1ee3c902def54f9440292ecc316032a4966e5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ece63a41-8b50-4c6a-9777-e41bcd1cbba2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame D630 171 B
556 B 70ms
70ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame D630 72 B
99 B 21ms
21ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=7f174e19-c39e-423a-8f96-ad3db47f239a&nocache=1662301279715&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278746&aucs=adpn-adtag-1662301278746&auid=557892328
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: ddac7c0056a1d640bc539434eff300aae8e8e667165c26f4dc6e404832993e71

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame D630 18 B
311 B 35ms
35ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=56136132699

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame D630 310 B
765 B 323ms
130ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278746&tk_flint=pbjs_lite_v6.15.0&x_source.tid=7f174e19-c39e-423a-8f96-ad3db47f239a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9985544092742753
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 67cf9871481edf375ebba52eecd62ffe472180db0268b078e54162d50a5916b1

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame CD14 18 B
311 B 34ms
33ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=29417375087

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame CD14 12 KB
6 KB 201ms
173ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5ff87d0ef4017f6c2c2147123c4ce8c75d0a33bbd72c72cc207472711012e3f0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ee3c4f55-d4da-490d-aebb-dd97e019bfcf
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame CD14 171 B
556 B 76ms
75ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame CD14 310 B
765 B 293ms
121ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278771&tk_flint=pbjs_lite_v6.15.0&x_source.tid=eb076aa7-3ed6-4124-b322-42bac2060ada&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4160041670606496
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 44519173d8c8c7e9ac22412ecf41f79ee46d3773b9a55e0970b7d57b47e170eb

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame CD14 73 B
100 B 23ms
23ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=eb076aa7-3ed6-4124-b322-42bac2060ada&nocache=1662301279741&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278771&aucs=adpn-adtag-1662301278771&auid=557892328
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 8892a89f5adbf140a250d8e72ff7f3e19e8e6274e7826125565398d089ab5064

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame CD14 0
407 B 53ms
52ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 19ms
19ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 19ms
19ms Preflight 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame AD87 171 B
556 B 54ms
54ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame AD87 310 B
765 B 300ms
118ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fearnme.club%2F&tg_i.pbadslot=adpn-adtag-1662301278780&tk_flint=pbjs_lite_v6.15.0&x_source.tid=df8a49fc-7e32-4d69-9573-8e6d82269683&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6810245993603656
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 42bb07e86a1c72c41e96505ba9bed5a641961602c76b40ad1af243c6e94d27a4

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 310
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ Frame AD87 18 B
311 B 35ms
35ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.15.0&cb=21316277387

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 04 Sep 2022 14:21:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame AD87 0
407 B 72ms
71ms XHR
text/plain 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame AD87 12 KB
6 KB 198ms
167ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d466c3aea78a2ef5009ef8b21d94955d145f7437091bc9b65da8393aea287a51

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5bca6234-646f-4681-a758-83bece6d1ed2
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 arj Show response
adpone-d.openx.net/w/1.0/ Frame AD87 71 B
99 B 21ms
21ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adpone-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2F&ch=windows-1252&res=1600x1200x24&ifr=true&tz=0&tws=undefined&be=1&bc=hb_pb_3.0.3&dddid=df8a49fc-7e32-4d69-9573-8e6d82269683&nocache=1662301279750&schain=1.0%2C1!adpone.com%2Ca1ea75ec94e5611d58bc%2C1%2C%2C%2C&aus=300x250&divids=adpn-adtag-1662301278780&aucs=adpn-adtag-1662301278780&auid=557892328
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 571d29030eddb0ad8e924f625d155f38e67271b228e59afba74ad2304369ee75

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://flashnetic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 351ms
108ms Image
image/png 52.216.232.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=a56697b2617c
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.232.227 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: Z44FZG2BEJ9HJ8E3
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: w3Yp04Tk5lf6QcjFTX0Zx4JLkf8KT/5Q5R4ZQ+Ar5RKhQi4hc2nDni0AGOMCIsdpPxaftoxfpEE=

GET
H3 200 container.html Show response
d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5E6D 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:18 GMT
expires: Mon, 04 Sep 2023 14:21:18 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 43D4 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: Mon, 04 Sep 2023 14:21:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D67B 624 B
373 B 97ms
57ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYpNuh0QEwAQ&v=APEucNU4Ms4tbax9F8apIokoM5wBsGWKFKA0rgo2Fk4x3T7o1tp6d_qvhNskWHay8MPebUJ_cYspNUQUIGRlwsHsa2FLC4GC_LMoce2s3GD6rVFe6QAtry5jwS2W04lb1bvu9T4WU_ATLU4Kd8rnhpVjsQnZRt-bB_oz8KKb4vw6USb0sPVj29AtYH2rLBfjceXhpZPLcOArXCuoq4D3lAeiwzhNvFL1Ag

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BF8A 96 KB
37 KB 109ms
70ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXjXeV0Q99YMIIqcUdqyNFwqFMASIMzoFOnXNJ5HCxLg3rW7aU2OlyWX0duUvW4rbuGRPUv2vsRQo7q7aPxgzjkiJTdtFCJMXpZTu0Z_4LOmZJAUjNkSSGui6fnhOvCZWdZ8kefYwHv51u1MBgzT4B813tkw&dbm_d=AKAmf-COMouqC7kbD-REkA5vE97qJDrwkMi_KVZLOMuQc0g3bVq2y4XVAhvNXz1XeyL-SbXioscwg51Guiza2bnLP4h7BpYhIFn39KeueC1oN88fvXo3f_3ZJJfUWhheCvXGMoHemBGiN15MKJ9uf6NhAkPu8UF7ctaxeVZItHkQKORrGGVD71nTtH0kS8NOGrt8NnV5y_u7m7VWbOpTavodXeHt9ijcnwGedfNot8ctX8FNpailrPfnB6jDb6taFvkGFtBue7CaLjL-1a_yslQaYF4aGmAja2QGLJKOn8uTcivC3MJcgu3ksLlzlG2L50oY4Lpb2y2q0ETi-IX0YcP8ZDh9thxr1kMZs76IP4jIhtScO8ZJ3kIaFOrWBKKkyMea5wKWTTZek9mjPuQhFCoi7RnMcibSa_6mWno5_-rErZOJgHy9ZmdRdCsCOhf_Dy3752lbz_KOPn-zBa-MHI4j79nOyROksp6cfFxaf2kjj7Rjbwi5CGLzCae9NJz2sBjINd264ldeUrT0OJA_3JNFGZKpM5oKPa2wXRh5cROW0QhLGORmdrmUc7bAPJF71s571P_eq02wQTaf4v7yJSw8OGsBUGSxwHD_MXOUg_MlxGSQD_gfH8yp8WYHA6XEMrzhj53k1_-WyjGOUmJFsUyXeqyRprbxYuGEaXtLDSUspHGufGF-MfjS-jdCC1F7UKohYgD8wgNwRrbXKkLPl-44zMNouKaZkooGnXpwFsivWuxGOhi1GF5UEUPuI_opT-6kHNvytr6FGL7PuCC7lBw2AuTlZu-Y9cHi5scynKNif3atSBFIXzu3t9bnVuVihlyrkCiGf4iimvQO990_YMmaImfukhlmf54HlMksin_rjbhBfeIqDVyNZ8qtF9tx--pCXVIzrp75iKCfnn22lg395UVTOF_yF0PMM_STmaJVp6IKqbM6uJxxu-VNNupccaPhzX_t1PFWwHRDCAr8QFkhPV2VBvA4MKCIG1j1nolhvk7X_jjmBFIh-3Q6KgYxYn-h82xndVG3uvtjAYqJsx2t-9SmpeGamhDzalQP65X5q8f7MTUZwUzig7FUMhTH-yoNiDBwcVO5X6cloZYndJ5Wb8rGsJ4GL_MowFDgHNvdPpv5iT9D_J3QFK7R-_3sax75dpCSLaJsOebpFb507pvWKkbASRwQYer1KLaz-JbBybqy-V5EoX3L0lkaz2yNBVFoahUBWjwcAo7VmXyucpefHdpIMphXMGphndLGNsti9_wnlByIyTA0fIF4NL4eZAYd-ptxy1QYcu1rmG8PlMYgiZvPx8mxgjLDDBPkTufWDAxWpgKrt-L7OBMsdKa0cfD136zPMCI3y1-N18BWFs36FuvXh39Kowc3G7gp2IIGP_tAowUgHHMVNZgHJB5CPTPhCaBuWhumVUptjq0BuGqf2UqochMxWWRc2H3k8JejELf37uQCQRKcVUpz0bZ7bDI-CTvqhZKZgxoNxxWqccLNXyiyzWkLSOEfqH_1QTyNrt_oqHiGsWeOyy8X-QmH_rFQ_Km7o5R3R5HyOCr0xZ7rKT_Z88PAt3ZWRJP-P_BcMpOk87ca7xYzNrkVvo_DsIYPyN-wHOjFZKY78iJC59jXyXB22Bsm_5tOPtG_x9Jz5k2ibb_BUhJekzyIwW_i9Jfhcv8dLl1H6t0jR1Qpj_xwoM5H0D-9fNK-15GABbsAeW_pJ9wBH0i-tFEFiZPguWQcjhKMRtvbAJVzDt_99VXySCzXTCQ6FadfFk-kCr2hT46p2-ZkZ5YRhwgnx-aZGYq47XfNYg8KCOIViBJMw6qFJUnr9uZlXamDwGr-ho_Hzf-q_qQKRqG1AKCbsHSvSIAobLkmNGbCUbNpuI3cIg6rPdZUt2s69J6YzCI4D7B_vXcrxo5-W9eXsr48eld0kA0uPii_9qkbNIxiM0z7MaCz8_AfEQ4KbZLe660ELVAt_TI-1YlWJxrzfaxOVYe77bU81poDrIOK9AKdJydXVvvGggs0lDtaGuCulfDivRxy3IZ0A6kSj2RimM4jYcB4B4fsh_nogTOROjyAu3kvxCjoHqwLjHNFqpdJz5feTWBVB52nFxY3RrdRAQ7cVYBag8SikaqobxsQdVfB3Mc48HL4KorDVKvUkPPYSvoTPstQH1FP9W5kr_rVoXLEqsQdq9LA1BYvyZC1abR8c-KCBAd0xWxEGY96DRw6tfK34fOt0D7grmOLF-PV9Zq_CfjWM5yyCVaJAa8-9NA0ydUQyBOviJ2SjXOcOwdQSRntma7oP90I0p378qZ50BM18qt-XnwEmLdmsXMsRvEbTCrCK_Mw50f_5P1VBE-sojxMye2SmNU8YR4ZWg4bsku-zfc3vwQCN4YLmO9jFPN7N10AEoRSXRV_9eBDoZyAk3ZUrfnd2OQe-tWnXafG2uyglvCQRhtSmz-k-eu_H5qneegu1LGCO2vH09h1aAuejfuEAFwpQZU8I62o-iT1jKoHUsMH_vs6CfqX7AzM8lm2yf-VfpzcAqZRhjDg_2AosUNyD6KfP3v_rB0vUgH4CJaduU0zd4K47yYUMhxY2XCToTmKuLpXVNa0Dn6JEh7H4lQKb_u-bmkxieNNx9M7HRPgTz89uSVdFcxfmfHudJIZMJ_UHd6OFZ5vFtOpifxBcHkwWN2q_IDCjHUCLIklXxgcEq38wwfbTzS77PJCVnhDfEUX6IJ6KyxLE6UjHCZpAHEj4P7lLrwt5KfA0SAl5WdxbrSvLr0sHlTAstuhSXAczPgn3A8cZws1osscP1EjotOJp5MQtNnJDEnf8TMZulnVwzE2jkpa6Yzmuq6DiilcgCjgaoMeQ_laK-ovgJs7OP_elVaT9PVdIHdQ4MWv4KxavUOjcd048WFlO9UHKyipu_rmnYS80XxZ2rOmVrJDbjpm7tq4_xMpYZW9db4pBKgNiSN_pwZHndaa3lHF852Hok2rvWrDB_I1Q4BBZfAgGaMEbJk7MnRTjlzW-k1EXmVnjPfSxDVdFqJB-xCEuNCe7ea-IJ0DMzPXbcMDYr6eUkEkFFAgiwcSEKjpV-9s-_mPpCsBf_jVhq-ffpUllgazm570OFwgnhDXeBihrS-MH7Re1ilfd1KQU3-NJyVLoRUVp-nCZmc1K05Srb42RZwhY6zvJYmIL5vaEkTkDjavcVy8XyDzvXLHF_F6bEs3Ymq2ehihzPoPuwhn0GqSCEhYKasrcYDOcHcUkmXcVU5qK1yx_vmb_FsVh71-6zeRI0xTmgZbdu4Bm55I5qaICjH1t24MK3KgAgtd3KxB3nFgp9xubQGFF8MpF1gsJuQIF_FkFJa3iYJi9-xTdDp2XI-l5QNGhps-oqRK9kK4pmLJDp4A4mVTlMnYy7lWZ0pR7V14kN0T1UBsnT_AjLHy&cid=CAASJ-RonjbfdHMOCDduLU6Ju4x90ZUyU5TqoCaTPWQIQlYEjuqdoW2Ukg&rfl=1%2Chttps%253A%252F%252Fearnme.club%252F%240

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccf2216aa895c54df175766e61de60120e23408d15e88adf7ef60465c6d95876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37403
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BF8A 42 B
63 B 77ms
48ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A5MRAq-WZDGX-8P_SyB4cG50VPJEyAIX-kVicUGk1gwFTTuXyUv4FQKhyfS3aZYpBgKDscVaLPRFo3RLVfSC0CQXK0pQq-XV2KX_Di6OvNhfkANw8

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame BF8A 3 KB
1 KB 58ms
25ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame BF8A 17 KB
7 KB 54ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BF8A 0
0 23ms
21ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgA-0zE_G5RFIYHocNRIxKNx2MqFZ8TX8u_M4gE2xursjFAyT-deaaAlKF6rhqQftX7iXkZ1seBJ-_A6_spBKGdPf7eA
Requested by: Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BF8A 142 KB
44 KB 79ms
27ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:19 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B345 624 B
340 B 92ms
57ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGMj1q88BMAE&v=APEucNUg4YDLnj4Fc37p56xUOBTSTlZGREAe_tADoEXZUcpH_N5eFuy_D8qhcbjcY4_wWYeBEUVkdy71Xig6oKbamKR4GAn1t1K-CdWE4-Xkpq1SquxXy22A4n1Pvdr39Vah0XASjHjg2PNlZt9SEdxjDb0tlq8ejPP9GmlMnvPblTq6w71mNN3FHyb3nF7zOF7UGMA11jL1PYc-J-jVxOl0kKrvE3b4Mw

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E8CE 82 KB
34 KB 115ms
80ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BiY-uGlfxWBvCVb7BITsLxLmFJ2FxvscQML0UAZNo9t_EuiHPJZp2LDJtf07v-WAQeF7QgrD0k82QhpPwyrdc6RM-LpA&cry=1&dbm_d=AKAmf-BdOGhJr_0cXKkNSz7s3gv-GDFnfRqRTgSzheqvW5qJcWVlDv02jDfflrbneGeHlFshEWa_se1SpRpN9--ArYcylbFa4wxhwCoKAeF94OoBC1JiBYoo1z4TGQyWCnMYZmQ3SNU5B5pEncvexT1gjlhrqKY9IsCT1EZkWbZlewqBnlm-VS_Rzf4R9IYOqNqjzdow4w4AQbDhxa-AsQRtJldUS0eyFpKneMuh-AgIP9FjNDRSShd5UJOlIBPdohgpEdEjihkOCB7Q2S-dpw3DFP7dHyWnx0F1JMgU2XThNyCEyQtb2JIa_xpfdVxfPXe3Hn21X7xGJI6yGNPjA8Opuf2kLFlLJFeIdBTlBwgKnrdvkqR8bsA8CSreHUKoxCml75lXCeTdltExnBan44pfCBTZqrB99hkGbSl8VLf9knvyyl4zIuNdnMH0q-NKr72bmIsLNgLscIjbCafBlQLo5wZBo8hUh6KQIv6apq081VQAAIGpBeoND0B6NxPVSGdMoDszQKDmkbC4fQa-bmppiITldF6_l6Ruz0m6LS0W1_nXPD6Np-3kdO2yaJ9le1IuB39mufYkHgA4-qBcIsgE7Pb8AwBe1BZGbXTRIkCG3AWeSCwrmxoanrZDmxnm2-a_CgzAQuglsea3WaAAfWT-DEmN3fLU_gnh3eZdhXPzc2Ar86CfNVQlKs1kPlER_uipGFgQT3_hIBhhCFCPpgc94MEaueNU-TcIrsHS-ewdziBxA0P8i4ZJLPNHntOOyUSBdUY5bd5hCO37lry7tkOQkgkNGCjaXyKSzN3szlu7TQcenSFrjM5ikHZBU8gowCJhdHNFBnUFr3zM_IWD0DfbyDptdi8Pjze9ABRDdsAiclgGFiJBeQ3wfmjswKFsjS6oB8b5VQIYWEMXdoiY4QGpmAC6549HxAEdS5McWJT-55FodufgnjvfJ1Bs0JiwWFXvhC-7aAvtS2xk28dnEwjd38qWyKPSEVGQd54eC28wwkG7ekO5d6txmLSnaa5AItPxjVVBefhMZ4oCpAmXdtH3mOuymno2M_a14wadEOoUgYW5O4pNmn75zzIsMblL--hEY7SFGRCbpxVtW8kl68yQT7w8wXEXttB5ZeRjMybnEj7NI3t4HOs5JJRPUd4vmsZz1pjOmC__iMJnBdmlD9NgrnkeflTjJdX-tVUEFLkacQFd4qxcqyBmRz17OqMJBZLCyiEn4rSf_uamIFb9YlTBXdkoNWQiQ-_ZFKTl7pG4kEaOsz-ykofQF9UrM1O50PM1QH_ZLArhQQWmzRb1Vk8EyfLoz86GvE6iXxpWDIU3gpOD8JEG6yP-Z8HzE77A5IASj554dFUE2V5pumRmKTElbAblpJmMuJzGufVfiQqaHhd8zvs4S2pkDZWidUa8Z6P_22OzWfc9RzHNWIJRV0g3K_KJegyQ_R72dFNrFmt4tNsk9ONjBA5WumpkeaQdEz8rUS900spVq06k_7fbyPGfBrdylWktDtXf4_unmeLzKXRpNyMrsjkDx7yS4Gv_uzijFsQ5LNDjriWqDdFkI-rPtxFqkbHZGSyKRtDJWFAazJWUjBayOJEjPYHYFwC_miPRfT_NQyYanCy64F3n5bij5uCEnDMwsyYkZ-BaGIoPR-W3RjaiyBiUR7B3SDxY8_eMzfC_EW7U-nQ6WMl8j9lBQ7wtR6jB6xTDKfmy8DEfAhdxM_cDcT2LcNgfVilhYokunMvllEcayYsPH0Pz8cOBPnFzKFx0TKTdLBVT9q_otl3XRWl1bThPs7vn_iXcvjxtiHezdJvaJC_6BjTFcSZRsiPuJgB_uVzsMXLw_Z0UOSAmFm2gxaw79HHhLCKpzVHQWVq5vumJLQPEL2vOpAvzZ-c89r2MEfzD4DhPWjHlpht5k3vEx2c8w1_M_JmTVb7VCfM47-SDwHDNusdTOM41BAbXb7qvU_K9vRtvAOVUY3cuSj2DhQjEMvct9Ie6k1ipk9a7nHkq_7qlA1H1ydnuTWCgCfgIZKdLLTY_mpQFFhZ8WDe1soJWo3zCAMp5bPPwBYWZ7acNS9LxRc4pjP8kAwzZT4h-WMt76CjTrtBeQEkzxnix8PDpVd41oFOw0T5s5obzILznXspXAxEOrveAMVCI0gJ2Ddjm_eo2CtxffXmsy7mR8VH97PowPrnCN71JieDFPiN6Af31ClO4xzw20hhBneDSuBFWmYsXilgitqc9Z9pvOBiqNorH3xhZIq1W1m0CL_C5dxmnIT2rFtYUGUqdKaHEX3iRuh0F6hLc8ZxtaGyJqvngwiHMFwcLF_oOfSPOsI78ndF6r2nGr9hZhuI8AlH_eFItW8V6FC4UmEB_-f4w85kHln69W8043T1RSgErVxATWKN9qd-CS7fjJpL6VnMPj2Ztnq-gKtAaTwSkBOSIElzivpzln4dw1fTYb8qrD8UFQr1d2tVtje9L2pJq05q7tzjp6c14VQNKqY65fQVRc4AZmfPedaJGdv0cNPRGsdBZr64vKTdTU0w1rqGn0wb5Dt0kKklCYcVtdlHINhI_5Pz-qdaXsZroQUo5knnhnWJ9qUg-zNknLf0RJLHiYpmeLVJEsyDQdr_zuHZjBUyApld2yBVDDmUsTa12BqfGernk5g8nykI4xGFCR_Soz8RckDJIXcHxdawf5mI_-IuL5bpqubgdA4nsrO1BVXQY5AuEO0zVN6feVl_0gp-D0Osp2nzfEWpxDXn1PYYXzuB9krV-0enMCIWw5NqpIfsOlOCbnNZ1iOQOhK9wWFbgRtJHssMqF2S-2k9CL4eDtavqp6FcUP5n5EevTonIqIEEoUmB5hvEIQ-b2A5Aor3zhOqVokjZN1Kbr-BHMXCWShZP6uuAdklM0AwU6r74RKGbhX1ZXaCUcKrEdx1qGjxPUMpyCIRI2nGiIgkCEchYTnMxfF7L8lMelI2BD-oOH82fIdYCeVOfLcKS42TWo9eu3Z1ezrPE2KfHFNBAjTwY5QypnGTmFu8OEN1xOa61N_KDRtnfMmXpkpr1lAXux-JeSJYi6j3LSxcHr6EpDXJQeU-3kXkg8Q-q14Kv5KfrczplbXVJICTLfSMIN2SUEoswHw8vy8UbnQGVqJMKOB9sc83_Lcl4wJBjiqEPSc8_fpvFg2Besu49brJErECKsU5Hzg3jiUMxkYSsUpQtfFHXnApE12hVcsUMq4mD0uRL3yPoykopCCgiScP3VcknqYHfW56T24no8DOwZqkG3cjf3KwXw52etwHUslYx3lGx9ZbRaclzwkvoSxsOGHW2B_-MhT27xoLwVN2Q4kC2DE9bRi7WXG0UOgyrrb3vznz0smRDsdIQXrOsct8rt-y1Yw6r7D_bdqh6PYb_44TK_cfzOAphH4KPCXFffYo0UgcENrp6mEokPgKX2t9IKOSNw14lg-WRHr5QGA9Bf5IJKQNhPH6s4QuJvT6zdwzBxKTl_wh8vh3XDg1v3symJbg1erLqCSgUCA&cid=CAASJ-RoDvMUe34CcV6qUiWv8_X7htqOqp1ws9Uhut-azKx9S18Q9LPGmg&rfl=1%2Chttps%253A%252F%252Fearnme.club%252F%240

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd814bf8c8b28b354effb2d4b43bce3b6ebca1c9d2a70d365ba0de1a187637c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34522
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E8CE 42 B
63 B 72ms
47ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bzy2ZDhhElN7ohjQgCRRRmKlzf3MisdLPY6Qoe_AqOAHrEktb59FtlQdwC8h7s34ON0ZKVvWeNAITVcBWP-vJl0Fkkc5Ic-GWoFkFIdoZ75qr3Amw

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame E8CE 3 KB
1 KB 54ms
25ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame E8CE 17 KB
7 KB 43ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E8CE 0
0 21ms
21ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQMIkGwxwU5qf0r8zkK6bLFrna6c22k-CMFEqch-ObHygLiW-Rs9ltUsFjourlJdJM_q6rM67LY3vaCEOg9pXbJQ7v8OQ
Requested by: Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E8CE 142 KB
44 KB 94ms
47ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:19 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CC72 624 B
340 B 100ms
69ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGMj1q88BMAE&v=APEucNWQ7CMEGgu7xoWrqeWfojz1ZVpB69UNnrXKGXvXVxNO8lmiwZQOGFPExeGd2RukMipOxNke_-eHrPF9Nzu6j1THT1190aYas-B8uArUUChzDQ2XXZ6P_8uw0--Tht_lZ4vfEaKpzeJcy-vcbULxQ7w0JajWKvWwiA6b-qV2aFnTYKuFQYU1AFq4pOJmpwrzoyxUWPkCk2EFGgdSXhqe2GYV3nKDQw

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7807 82 KB
34 KB 84ms
54ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DSl7JuZLEO5w-5jsixKtL_9UE3TsWxj_r5NtY2ray_qqrjRI3KYOUOxH01iskJk_phlLY4Q3dTWJNBJUOHHEZ-B9gz2g&cry=1&dbm_d=AKAmf-D6XLDybFAvoqeDqePabOKOGHYNrWrVRhKsQgwFoo5nrF_HxX7XJJeoIugErNic54jl0h_DZRPoCMwahps3ikl2UuQCnZzIDtOCCp0XYDjvGiqcElD9PYosVHSK-Wl6kHf_kbNRcorDTyTPEuTjymKUOJQO6FgZ6LYByxqvj8opNxcOkwOzjKdWy6ngM53bkdLC0QYfZtwv1qI8mCkJ_nDSoIfia_MqHYf5zWHzq6jWlQSEAXBhonkx_KWwSzbH-9uOxRDnYyiBKwrnRUh9RAxVwRC1mdMGUA2GsSs5Hqr6ZVWowgzL_Ju0Rfw44_XVgWL1R6dDCp0yKbiZpFs01Cqhx3g7zww-snlXBgi4qweCnhiGAp3s-Oz8DfKdtq7blSkbNki7d-Q2UmGrerRPrye3-_zWvghjuKxRcoX-ePQm9lPLUXanm0RakToPP8HOdk2uddyyIgDJB85E7FKfIM7iurOBbkXlIblrraOCZH94luz_djQjGXHA_u7rcg6BromNGPr8PZXX-U1O2nCxMOs-RVCbYLOaGTuqBdkJFmgaZt1wRTMOO1lA_Y7LcGgKBFVetXXSL-BqZFSZOp7SGmeMELPcJyRK1mH9M2nkPfJJs44JriQQUNbdent0UQXOAY1Rt-vzJ77FR7pTxshSfdhTKFGs2EWuHQBW_Ik8TXOPVYFyLR0Ogpcpu-f2459SapT6QQUnzbPSdCMxrX2E3Hlz9zsUrjhrdOdvIlhTpEqQVcGhZ7vM2Qs8sZNsAdl5c13y5dD-JU8rXHGL8Q_S-IS7KpKrsD6UEsNk8Cufvrf53J0cVsXC_hdNfDbJjyX_XwEPmQJZrniYl-EiYjaP9SzX-Xx6qB4llRRdMQtqODlRq7PdNoKnwt7pDJ8DIQK0iHfGe6s6jIBvXZuR8qfDKt_yO8Ql2bD-tbIidkJtI8e6gDZJrdQkZ_qiQ2cCCQcxBRgm2wlIChV4gEzse_el-eJmd8CsOhs0_AmRb06IH0NpEsFyTdr4xLbe0Ux_7OtVcfK04TvRwUgPARtQzrxvJN2__P0gw5OSwAr2trJ_5CGl1AME_9IqJBjyc6Ox3dWJWJb6cEHI7726UzFCcFHTC-oYxRcAw9zSUV2Fd7ui9m5QIDxFZMpCVMokcJ65JGKhzt6GpN4mpuy6XhSogcGQ1tduVohHxXGURDEAMhnVpLy4mkI6Bufi_cCa7IQO380xYUcKtUeMrGG0grAluw-gNk_e3QLyP2MOQ8uCTivufgheWvv0hduSgIlmwd9x-B7CZDmw2WOndyyxyK3tnpjKTvouwN-JEJ-J_CuYjDowkR-n1Q7_NCog8EuXSihDUKTalIGzIX_Xgr2yEdQWKn4BF64ufMBW8rJtrUxofb_SiuE17-epBTr1kY6rvT17HZWsVwnEGig_YzFb8DdqiPdPYdjXzp_NgJSO7jUcKofp81hbycIkJUbu3DZPrwZvucw_sY5MeBgNF_4sTbud-FMHWNHXosEbFwRThE6xPfGI-w1E-tGn3RwwGWqqzrMLEsegdYE2J0U2bTAGt_xCtmr6czlnhCBPRWE2smaHP0lJkfXNynztWaQhQ56_LAFEkn2-jR6QrEraSeYJR3fWvoENeL7vaz5O5W9IrfnvjpxFibrT0eUUWZkSV0hM7ryGUVY1h4aE-oK6meAelDqRTedNmblbcrHwbb8cOisTtnV5l2dtdiLFKNazw26tpRN7eO3K1IEOgBbWZXKZGwQ6NaBTJ1zC3wrsJXwur6FMXY-PcJ8xVBi9rhxaa6TTH2WqB-6Cdh1FufEJS9Nx8x454uUZVx5IwZw6fgEG65wPQIhQGWsrLaXvAEgj7qRzRmnv9QI-fdfRDEsrL2eTwUyfSAAUIxFKsBwXM7x1m523eb-3xm3sxFlAcvUoNdW9BzYwARbbeS1XPChsAIqlpkHfS9T8HMK_DGFbvNOZx-ywiam683hzMNhPkrOTCDp7lcOb_acv374CC0LCkNojSmLIsQXipnzJ-IVzTM5XmOMkDlNiB8yAPRDKoeeISUJpa-v6nyU2dKGXCj2JQ6jsB9Dqw5yI1JxmNojt8KQAJVWVzLtGkgxpC7nUzfLYxPy0_ZQX5Mh4N9r7QWr3R9wOadouFC3HwiTJZqs81Bp2KjoubvRxCcyBPTDIFE7mxehjL6fxeYszPJQ2q5rgEgxyIVQwJXerq0-l94D03RLaJjb9qw-dgchsUaz5u9gTz_TGnoY306FItVBd7ceWCfqgqoCcbSjETAV8EIDd12wQ3uSyn9k2MP8_TDu8p3bPvyId8yk5o60tMp9gz86yBY7JbB8Ty-5qwNV--hmyOhwOSZhjvoUc6zCb3gEf8ZZOq22zFfy5uCJBqlJt0lvXpGHPLhwFS7lPCsD8OnOHN8AO9lvnFRBDnhv9byPC6Z5xtHlIFrl6qnIUxC5lpeXr_8uSh60sWyjEuHFYMbDQl1rnQz1Nwjjj-r4RKgx7-RpKJqxeGf1Bj4HM4pr6AhowosxiJaukHvTOm2D4-L2TvEN0WdK7a0gf98Twl83mdwIlofYTWZJZh8xZIeRL-VD2g7v0gO37z6e7ZTpd7jSbujst8JiduC1bKFApCDubAhcMezU_TAfUvebRkJYo-lz8nIMLQZnDEEorjxG9bN9MJaR_6Sx2Lj8G-c7rWyHTEoKdPsiJ1EGYWGNL5EvU7t0tgR8pL6L4GnQeuvJjxdnVfjkfA3bY6PYeuLRhXDbndJcGveqGgtyWbntR0NSWC9MfS2trGZWqDTQBqnH2ncAKu3mTiBeAL3TY74Djt947kmFfgokinIlQ5IY0aYnOy9tBaDD5CIul6SdLMD-d76x2FodRVUzeiKUhPa64B9N8m2vW-0zPiTPYEkEukxw5f1iQVyd4pcBzBGG9XNeVkLcJ8djx5T7gMw7D0kbNTIklPOHjz2yqKhFB9iEZJTnk4oj-KjwphbyCMFNCKyr6XaT2p7TOmMfJ0YjByNuGFLUiXIJfuBqZNBC3iO3flpxVLE1xZmFNLkHqmo8TU7G6VNVifIx49bBLThL3DnckOxLew_1KpKL6VNODP-u9QUmWwY_y0ciXy9NFbII_f3y412PRXXrR8_yOuqo6r75fnhVS9DsgHpDqBwn9O3lj0nhh0oxtOD30vEkI4xDmzBMk9bpbw1vkc5xNcpv_XAhqnEe0QdKEokNTgZtelzBdnHL6DdQEWzQrJ-UAY5PQDBkZBGuDBZJtnIRFqlttna5K3gHpPzJSvoK7OoznvFrybQGmw5pYZO8xDnKaMLAHMmdCgtRxTyqZLBMPTV2E1hB551xVtSpn8_aXbkDioApOrWzezpgvqwVKI1gGKseeeXDsso2L8myec_rqNmi32Ib3JplLT2K72pncLA8GQ9wGpQYuTXx4TrI0bpN5-cC-99v3_YPfCGWCB8iLgK3cVcDX9NzUN6kQ27PdEE_9OxWMAOBlR69M8MwdiYgKbP2v42Frd_92BQ&cid=CAASJ-Ro83p2TMBMAikTQRm_CR_ve4w5swb-9Bh4S026nfPKYz9i1LzhLw&rfl=1%2Chttps%253A%252F%252Fearnme.club%252F%240

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24849ab57d0420d7d16ab736887a565d612608b711ac6e57f7ce8e400cbdab1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34578
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7807 42 B
63 B 68ms
47ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BYmQknGHzPJJLwpF1GJw7owHMwgu0XGbufmsTLf0At793ynwFNsfF8wOjrsOi8-L7UF01igOzfogfcnvo7LkP891S_3eKniuirMwT75sUyBfahoFo

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 7807 3 KB
1 KB 51ms
26ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 7807 17 KB
7 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7807 0
0 21ms
20ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT4GGVIvc56IOkDz0AcvqoUKvPUNADC4RZo8mToJKMD_VyNu-dBrOiJPM_4Lpkii87rwF2F0lxeo1DyhTp6zVYMzk_Www
Requested by: Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7807 142 KB
44 KB 96ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:19 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 872F 17 KB
6 KB 54ms
32ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:19 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 102ms
102ms Image
text/plain 52.204.142.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=earnme.club&sn=&ic=0&tgt=0&app=&wi=640&he=361&test=&d36=6.2.52&apppkg=&fv=3&proto=https&clsid=8a35840e-149f-4355-b3b3-c7de62379153&rando=71&pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&e=inventory&vi=7&cb=1662301279849
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.142.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-142-233.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/27fa6/1/earnme.club/ Frame F4B1
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/27fa6/1/earnme.club/ROS?rnd=0.47624373729372205&e=336x280_0%3A336x280&ur=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&pbv=7.10.0&ncb=1&vs=F&crs=UTF-8&fr=ht...
https://pbjs.e-planning.net/hb/1/27fa6/1/earnme.club/ROS?ct=1&r=pbjs&rnd=0.47624373729372205&e=336x280_0%3A336x280&ur=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&pbv=7.10.0&ncb=1&vs=F&crs=U...

63 B
381 B

15ms
15ms

XHR
application/json

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/27fa6/1/earnme.club/ROS?ct=1&r=pbjs&rnd=0.47624373729372205&e=336x280_0%3A336x280&ur=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&pbv=7.10.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.google.com%2F
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Server: 5.178.65.246 Rijswijk, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 5cfb8c98b29a96e65acecf9480b3bb67247fc5f61a6522cfb66fff3f31fed933

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://earnme.club
expires: Sun, 04 Sep 2022 14:21:20 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 63
x-sid: AMS-610

Redirect headers

date: Sun, 04 Sep 2022 14:21:19 GMT
server: openresty
access-control-allow-origin: https://earnme.club
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/27fa6/1/earnme.club/ROS?ct=1&r=pbjs&rnd=0.47624373729372205&e=336x280_0%3A336x280&ur=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&pbv=7.10.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.google.com%2F
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-610

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame F4B1 138 B
984 B 14ms
14ms XHR
application/json 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: excellence-prebid.sfo2.cdn.digitaloceanspaces.com
URL: https://excellence-prebid.sfo2.cdn.digitaloceanspaces.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

ba519701704300131ec1a61ce11818302759cad54e051d14f94a9d9da9294aec

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 34dc2ef8-3fb6-49e5-8ece-8c7dd5428620
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://earnme.club
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ Frame F4B1 0
155 B 92ms
14ms XHR
text/plain 52.59.71.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: excellence-prebid.sfo2.cdn.digitaloceanspaces.com
URL: https://excellence-prebid.sfo2.cdn.digitaloceanspaces.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.71.86 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-71-86.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://earnme.club
date: Sun, 04 Sep 2022 14:21:19 GMT
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0C45 0
16 B 107ms
55ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIyE0QIQivniAhiyxs7IATAB&v=APEucNW5wHFlOZj-ud4HFmBJAEMykCm5pkR92_id04vAkiyhaTxNMM1l0UAXxWDjt_ENSCLPCkZmzUqdycEeXA2tiemNbTNN_A

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 90EC 23 KB
9 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:43:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 2755732409155645664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 13:43:07 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 90EC 6 KB
3 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2640
x-xss-protection: 0
server: cafe
etag: 2603454828624189567
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:21:03 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 90EC 0
622 B 115ms
61ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv0Ze_EtpEah7oom8v0RA1ljRoeAMb0RFjDhwNBz5PasHleb0Lw_lJRiP0tDUcHNN_UU1_Dn6CYKFroHKwLGv4vu4DH3NBo-inZAGOH3tk49rinSJ5GSolQGKAGIHzQhG-zLGjhJrpIHNsDR4XKfTVFzSLA9ihjhQRslJB5KI0znL3-krrfxguDB1p9xjN57CV3uzau_hy_PUpVrDorEL-olRK_7Tz4DIxvp7n-PtGrj3KPlRmjUOYDaGa97HFypZ1HWrlDX-LIs0yW7PH1-Mf1Qa8zrNvRMlZ7vj__i2gnIlePDve8NknM5xCToFHEbDgWh8ztGTZDmY_FkKHO1In0lcvExxkebQNuyJEhyKwe0u6uBaHfjz6yJ-7uJtrPqA59_SMMrN87QNW9My1Rw6jsrHND2CvE7jx-LSLAGH978ZjhMNMQRpdgaKEwN7Iwds0bF6Xza8WMvtoXvz_1BzYC1Jt4kJEKge21nB7evqIvP9LwExUkkCn5oPNCpMSbmPo0PdxeVW6cWypLnF0BUSxiV6MrbTOfCY2eYlIFipkWwocpyIbQPGrXjsfRAo5txz4i2QZXJN5LLLBQtYI0CtDn4JJBo7qjDoc-aSGgKZj89B0nwvfo3zegPqD1BPSXSyXyVdHIY9JIRAha1SjLCEppRu3YaVg4bdZYsrFBH44DZ_3bxAJp34bYiT-GR9zMjSfzh1fwmP-Vqf744rMTuWPeXtyMbAl_0s9qYN09aBcXRANh59qlaizwtWeq9TTz9LwSz1ZEjx9Q4Z_YzoDEOBl3tF-o64razsabfTZkrFoMJIz8NojOXsZ9zI9nqKu3-_jJExIFQJ7qu49sD8JYxhOP9r6SjK8hi9EGyFsh8xzGquUeO0QVZW4qk4gVhfl6qFbPklUP8pe_SsiZsLcfSgwSSbC2uMLdb0TjVo_T-5JbItqzgmqkradi2LVI4c1EK7ltzQgaqpmRXg0fqfblJJ1C9lltBZwWMrp7O_5uogNLSraZouTzyh278ebwvOXMOS-MJgIeLM2iAqTmNKbU1WILLW8y-ryAv-p44YnPPXl61FHqeyPIykWqfwvP4iWUHTHWx6l0QaKcl7C5_YzD__wLMz4IDSGFYOpi6RfHg240j__qxQtPvxLlqArqFqz8cXeDjhQp0RMloSFPXJn6WObuYrUEuE9N_RIYrj15RjcjIk3difdCImJyKmrMNy-ADPL28G7S2qE6HwcACboLmYyPjkz15GKEFCP5QlvzFLU9vLTQLEH61jpwJywbipo5Zpj88n2TI3AmkvCg-mu4pNM3jFrVxc6lUElJbH_xCCojaQQ&sai=AMfl-YSswPrNyRyw9jSv9-UDzObtSuU8X2fzhXaV1Ru0z1DEfeikOW6uIaPAfOzWQXPdbH-__ONEtbc73wVmASbOZgDTZEmB7CtudMn6dU2W2bquiNZpT9Mkw6PXcDApozezMROfj1-p_xmEy3ZKhukUc2NSKpOCZDdWOJ1AwZLQ3vZY8wYHBUftC9EjI3_Rgi00o5cFECj3Ip0a-zpan9nTqe6GikniW3SRr0la_Efsj95If4UfxuiQjLL2pZ7QPxf_DoAmytFDi7pg0RTzIoCNtyEUS68woJPQjfB655_8bo2SkYZPLHDLJaLsRcjX3Lq6JXLDkEF_ibcmLx0knXU1EgcDIyfIr9soQybC0CkwmrDIMPrR-i0hJe8vKoUn0gwICM_5VExBjzSY3mA&sig=Cg0ArKJSzHpS1Ccfb_pXEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220831.95668&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 04 Sep 2022 14:21:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 90EC 41 KB
15 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 90EC 42 B
63 B 52ms
49ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DCheO4WSjdPp6FUqwMhmBiIQKyLOfxEevfOoWKl5XOEK0-5BOi7gsn0qJLHNdUDj8fFN_SLn56GfMEW6yx2KDaZJ1XMnOXBVmRJD2yS9GLQOq4PHg

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 90EC 3 KB
1 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 90EC 142 KB
44 KB 36ms
33ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 90EC 17 KB
7 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 90EC 0
0 26ms
24ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFb_H2bwxNiHEI1NEx4w2q3_u8HJ7vXO4rAmnBx7ro4mA6rwieaRg0ymh5E5ehS_-l8vOv
Requested by: Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 4108146554620563261
s0.2mdn.net/simgad/ Frame 90EC 100 KB
101 KB 95ms
26ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/4108146554620563261

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f2a8ca1705a3d8e66979c8df98e647b51d96906c013b6a047fa55eca49e813c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 09:05:21 GMT
x-content-type-options: nosniff
age: 278159
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102288
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 06:07:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Sep 2023 09:05:21 GMT

GET
H3 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 0CA3 34 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06faa076f6765bba3191357d3268db124531b495da50c9e2dc78ba9890cc14b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14052
x-xss-protection: 0
server: cafe
etag: 5691753099530242658
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:45 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0CA3 22 KB
7 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 09:18:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277342
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Sep 2023 09:18:57 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 0CA3 23 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:17:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 2755732409155645664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:17:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 0CA3 3 KB
1 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0CA3 142 KB
44 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 0CA3 17 KB
7 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0CA3 0
0 22ms
21ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQPCSiSAST2YTa1NgYeGrsI77aOyfAHmoMRNqSpZGR-uq0uoqblHeG7U7NSLO4qyH98udtv
Requested by: Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 css2
fonts.googleapis.com/ Frame D1A0 4 KB
636 B 23ms
23ms Stylesheet
text/css 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 13:44:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 14:21:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 14:21:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8100 8 KB
893 B 24ms
22ms Stylesheet
text/css 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 13:19:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 14:21:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 14:21:19 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 8100 2 KB
902 B 15ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:18:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:18:15 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 8100 23 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:17:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 2755732409155645664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:17:58 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 8100 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8100 142 KB
44 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 8100 17 KB
7 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 491
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8100 0
0 22ms
21ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVKKjTGQd1ZEE8JgYW_S6bHwwYDw00xPSl-93HEyXVbZQJXrLdxJbgrx2WJtSqlUJwotEq
Requested by: Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H2 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame 8100 33 KB
14 KB 70ms
20ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 13:15:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 19:26:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Dec 2022 13:15:13 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame D1A0 19 KB
8 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3d58bcf272258d6dde92e0123d8bd16f3caf1c4a025147c5964fe778e064e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:17:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8311
x-xss-protection: 0
server: cafe
etag: 13410161823615325117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:17:09 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D1A0 205 B
742 B 64ms
18ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:53:25 GMT
x-content-type-options: nosniff
age: 1675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 04 Sep 2023 13:53:25 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D1A0 604 B
694 B 65ms
19ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:37:51 GMT
x-content-type-options: nosniff
age: 2609
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 04 Sep 2023 13:37:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 93BA 17 KB
6 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:19 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ Frame 872F 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 container.html Show response
5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 526B 6 KB
3 KB 15ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:19 GMT
expires: Mon, 04 Sep 2023 14:21:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 451F 17 KB
6 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:20 GMT

GET
H2 200 index.m3u8 Show response
streaming.playstream.media/storage/videos/489cf6ec-67fb-41aa-ab10-6385d5071f8a/ 111 B
423 B 77ms
13ms XHR
application/vnd.apple.mpegurl 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.playstream.media/storage/videos/489cf6ec-67fb-41aa-ab10-6385d5071f8a/index.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: a0911fd88e692e3055a025e5237e89d8cdef3ac0015fc19a318e82d5ed1eca01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
last-modified: Tue, 29 Mar 2022 11:34:57 GMT
server: nginx/1.17.10
etag: "6242eee1-6f"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
content-length: 111
x-hw: 1662301280.cds139.fr8.hn,1662301280.cds227.fr8.c

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame ACC7 261 B
166 B 56ms
53ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnsJBC_m8_xAxjGv-nRATAB&v=APEucNUT_CpzTrVLgMiTG8YK9i4ZiIdmy7hqqIqzVO4ipPXJiOSLPf_gEuaRLXcphmP6DGqYshQKjPwm1TXmqMipD37N0JnUxrcGgqprk0sC-R0LoVGTqAvj34QP1Zb8NG46B2hom3-kAetzISZvyDpg51ke1kyvcsky_O9x7Bb2i0IUIaO1-vI

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 29FC 68 KB
30 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BkRCEERMMhXft9XKoiYG8Q67tXmtHrcaWcjcPGixFGdcWXm1Mc3y4EnR55hCVMTbG-9EU905rjJe19Vp1VWHE6_UCrWZ32XjCu-lwR6gcFx7vruh5bicjEqOxJTvPLBT8QbP-4JilMxL8lg0FMBaqYjWCQCw&cry=1&dbm_d=AKAmf-AWrowie5jig1t60nkZNFQQtHqziqu7ASgJ7qP72wY30PIvV-t3hDxBg_O-iPPHaCd-16RXvLPV2dwdHnXaFadh3RoeBUCvUmjry-uc8q-kuy4MvKNSnLLFpaMixnEny98F1T4XcS9a59wWA7RRSytDrdy35YWo61ppxD4zmuJ0JBXzwTcVC7KA35p89nAOnrCZG684tuzjvV8crEvMRWRUTEdbbgVAt15RS_-5gPJllLnKiUcNvKefmNij7rShYA8A67sRiM9gwPXvM6x7da0HRaYEkxP6HuQatGO_Op4Ig9LvQcnYRyyq-tD2oFuF4gtcUIAI_gpnbtyTbYB6grnAeJ2mtHZ2ODeVmleIWuEvPxZ4Zg1zOAWrZ2Pxp_qfAyX-bxOIv5DRp8Q3_2v0NJsgdfGhXxjvzus5tK84bqt-67qFGxFCetehzUlvT5a6jmGmo03SMh0teHy9XeEGELPMOkkBeE2sQeY7ERzWyc9mgVh55wfbB4z8LOjhNfpgE6QCyFMHyYzXOMLkVuCwTb4IUffoPueNEmhdIs2HSrY-XhO8piiy4TAcB_EjFN1x-baS_awmdweUGTSQ_ySPZaQOueJxEDW-En-AQR83LapG36nNv9q5l1s_GyY9MyL55qxCwlxxnhDfFnpPeSVspviyejTKotZM2nE17J4kTiPApgUHMenzKh0KFFyhTUU1REyNa-bv6ZnvHtCmvAmxUMF1fyf1MeD-SX7wf8K9C8_BfNnrTM86rXrfeRhCXcw85DKjbMHNykLge-qG-guzrtEmOeNPOEFS2eRxly4rB7qaTGNokI6YpsQPwfqu1E_NFfcHKUns-QGyjjm48O1rqIFknobwjpPU9Xs64mZnAPbvjWJg7KdtRXuJy633vAkpnAhqQo6-CyFMi8Xt_0Sg3iyxQDWQiq_XbWWRFoJfltTHoxBeCfL-9SRc2np7Mk49CmJQkyOZIrWhcxuXzfmiDDC83lOGSsFDLc8zBDZ08AEFIkf1e0pVqprR2T5hICx5pux7yInZ2L178fawt9BQNLd0tZjGt95alBpXR54M8IueObPeEIiEWmTBxZOzFwEBIrZUJjelY5HwbCnirY1mdSQqK3ZJl9wdbLtE98qRRPeKVmrGO6G2ReeRVyUN-5CiO4DLvBOwQmKG_jvukF_pGMhxqPEsZ0H5T7qHdWi1nR1TdxbTkaus8qVW9wM1PHKPLEnVW9P5poORiHK9E9iWjghfQRwCJ53Dp_LBqI2YvJbcVAwyjj-eJDEmBW19Qk4c4Q0w0nWktc5XZmBiPu5wF2V4kzeK6eScs2qTqL55G5r6ObxuNmasmM9tlcOV1WliydcnRleG3wRguztNpiTmpIv7j-GmzTVuWmYIlwKNsAiEBdyFBO1FF1x4vnMqreDWUugs5NE7DBTnkEHXDoZ5j8v1kMqBAykgb4hsBp0EJJF-5nwcXOISvw3-M_p5sGRwlpAvcyL_wF6qWtZxK8I2RnynUr4EJNJkXxqdBGGcGr2bcVi7k6ImijOhyp2Cvv8Lz4H1r91VLnvw02UPwGbsGMQbgKaMpn1sgJ3pcnEt6IpCuLf_jUBJvWbdzb3NxOiNfOXnfoIB4BWdyEOI2mfnfagy1FOQgVygRZ9gcJXuhFuSVfWzbnVCPcNq4XTK8jd8VhsQjvmHJ9kAYSIP-Q0Sm4PM40EpWz_F8aRH_g-WCdmFU455cGMOP_3Gl2AmjaWu3Fx7BHjxto2R39DMdwfe7Bh7znmOLHm0-xoIivVzfXEOaY_f3jfE0ZnmwOOspvqvcn65Rw9UQBbs0PwOqDHnFzkFTKjDL97cCr9WrwcWMoS4vxvqcUHXuYa7nakRp_OPwx46lz9iCyRUo_PRVDeLCIbeUJ-l7iaJugz1hkCsvmL1-0xqdEHm_nSVgJzrafaivreVhWoy-F6jijI4pyDFKv5rNIIz2KnOeO86X3KQssAn7UuK_Vix7hGtX8l98GutpWo8uBFVPy41xyKNC5F1Xu67GDTCbVhr4yEQxRTYjjdtnNZ-fp_bAwY7_uwbs73p7_QxP9vO2vuhltEslEuFoHBXw6sZOkrMN-qNLcLIDrCbtDZ8tfMGC16djc9GrEzZU5MBxs01pozjhh4dvfiCu4dOhSjwNxk2V6E6q_ftlJQsZlu_vO6Vg4sITgzgmSTdKxzW_w69Th5UsRkY9L-bCiT2wwjEzy4MH82eCMkHYZUdpsQ8SxSp2PsWWLEABBaMAb9ruB6eqHdqk7WAw0_ZjRK9j7vbJQuGtnoJoKpZOMShT9431SBPknhxz4yySl6TDkajs74j98meRfZEfbnrzEqetbZuwLPCqZW-s3Dkz_0uwQKvtXeIuOIBKhJUFPQ5AeRPdH0dsSHKftM_cnLKRyHCnSDnNvUs10qCN0NMIAawdXRua2gHQ8d2QuPc3EjJKf77MIipLv-PWeyGoHT3mUvGKxi40woxe2doHHRLLLpXX2zDE3nVIiTeTcj3DGcBLhDpBh-3KMe4bgl5miK943JtYRDZpz8zRypfxK8Fw5lVtlGf-XLL3e_t7DdVXGIbCsdWkyaPnhSs3uA_IXkunD8xw1t_l-4DdNzpco6wrUxN3bfkoqQDFNRbJV7t_g762XSV_dQ9VLnnWzIf7vKwWIVsawOwge6DcjwflQCwUaHfwgc0QnMur8yJrHyiZek6zlz1DFqHzRBexqwBlOIMRPcA9F38g5z4NQBJkfQUQw8YFIFKhn-lqL8NsSz8xoB0UPjsQorWCBYcAFCdL7g_WNU3JdLLZ_mk71jmrCCRqtICynJXgcA32qZUCQ_It0ukMfwnr87g4GiTeKdl7UOVLDsurJgdM1yiHJQjwL3_rzA69LQv8y04IezMiPP1iZjBOzL2NpAO4QZqqDwTHQ8g6ToViKuEGjflGalaWmwWj49AMnf4urrbWcnfCqwyCwKTMmnwdwYp_JpYCiyJAgyiXrb4n7AGQ8w1B3j3RHasMO9GDJKXL0bD02IL7SUr9pIyzT0DYbQTsM8ZyPyiZMZ-sX3OKvRee_yZ8k87LjUja9JL-XPrNAftW5KjcUhJYnYSt6cuFQkkwWmmbvqyugzoXJ8FUq70JqXh_Fe_RCgOaCH3z9Ep8EIl8o6MiEbyLeSA4n6ax-edFvHnRBAbwQ2eaqm2laFh9fEcyxvLuodisDNKk0-jggscWI5W01Qs-YgSqAVxODVsyGiE6UQG652ULggIuBDnLg&pr=8:DD0FD318B73AA6D2&cid=CAASBORopmY&rfl=2%2Chttps%253A%252F%252Fearnme.club%252F%240

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d31e14e5d718fa605af89793d6aa5a40b233e584bd833b5e62d535eaeda93ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30576
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 29FC 42 B
63 B 48ms
46ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BITCG-iU_1dccpMM5AhXUJN2PSMlQc5Z_rGpIqg9Xlt9AciT8M-EHo2ltx9k3pXXIFA174gYHEGXrpmhK-PiPhMeRGjgy17YC-TaDiUfzv3CRyhJ4

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 343884c3-dbd7-48df-b21f-e7e85515d69d
beacon-ams3.rubiconproject.com/beacon/d/ Frame 29FC 43 B
378 B 93ms
15ms Image
image/avif 2602:803:c003:200::27
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/343884c3-dbd7-48df-b21f-e7e85515d69d?oo=0&accountId=17210&siteId=397268&zoneId=2229032&sizeId=15&e=6A1E40E384DA563B30B6B88124463DE42528C0E42FA32286EAB0751568540A3CE39E4AF21BA2C242CD55F9EC7FA9ABBDB8B520C669668569112898290C56DE17C47E3D8733C86552820D9B9592B2B40DDA8F482D2CF080BE967E7C6DED7A3FD9D7A4DE00D431DB706CBE1DB667B38B2B1437F9559BB077B4E38C88A1CD6ED297F1CA1D67F7645BF28B6BE3D3C71372866218E4250421B19C2172DC2C8E8ECA06823599DC755E5C8FE81FE5D699C5D05C6F9CC598A74B226ACAFA4576B80184BC

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2E53 52 KB
17 KB 62ms
16ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34362
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:20 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321483
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301280.094510,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 7C09 0
819 B 87ms
20ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLFDPBMRQYAAAMA1gAFAQjf6NKYBhDLnqP70b67xnMYjYHql4-bxtEoKjYJ_Knx0k1iUD8RV7ZqMj4nSD8ZAAAA4KNwzT8hV7ZqMj4nSD8p_KkJJPCaMQAAAEDhepQ_MO-83ww4mFBApgZIAlDSifWvAVi18qABYABoif3DAXiQ9gWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNjA4MDUyMywgMTY2MjMwMTI3OSk7dWYoJ2knLCA3MzkwNzkzLCAxNjYyMzAxMjc5KTsBHTRnJywgMTgzNjU3NjUsID47ADByJywgMzY4OTE5NzYyNh8A8IuSAvUDIWxGWVRCQWpvNDdRWkVOS0o5YThCR0FBZ3RmS2dBVEFBT0FCQUFFaW1CbER2dk44TVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkNyQUJBTGtCUVZtaVdVNWlVRF9CQVVGWm9sbE9ZbEFfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBY21Nd3dQMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall4TXpEZ0E1a3ZnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBWHlMNmtGaXhwTXdfQVI4RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGWlBBRnhmcmdDUGdGaTVEekFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRzhXamppTFg0NUQ2b0JnR3lCaVFKAV4NAQBSDQgBAQBaAQUNAQBoDQhMQUFBQzRCZ28umgKZASEzeFUtMlE6-QFkTFh5b0FFZ0FDZ0FNZkZvNDRpMS1PUS1PZ2w9SRRCQW1TOUoBTwEBCDhEOR15AEIdeQBCHXkEQnABLAkBBEJ4CQgBAUFFWQHAQUFBLtgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi_yAhEKBkFEVl9JRBIHNmkxHPICEgoGQ1BHARQACHELASkIBUNQBRRcNTMyOTM1NDTyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVgRDxALCgdDUBUOEBAKBUlPAWAEBzdpnADyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8IsBMIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7bAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTQwqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDTgwNiNBTVMzOjYxMzDaBAIIAeAEAfAE0qENIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBev0T_oFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBvgB2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADi6BkAAyAeQ9gXSBw0VdgE4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=85f1ffbfe2c73d687718e9a13ba75cf87ff9cc24&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dbfcpqssjcvc%26e%3D1957767944024,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dbfcpqssjcvc%26e%3D1957767944024&

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 32633a87-dda3-4af3-86dd-c6c228afb1fb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame 7C09 85 KB
29 KB 135ms
18ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 7C09 0
819 B 85ms
17ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QK3CvBMNwUAAAMA1gAFAQjf6NKYBhDLnqP70b67xnMYjYHql4-bxtEoKjYJ_Knx0k1iUD8RV7ZqMj4nSD8ZAAAA4KNwzT8hV7ZqMj4nSD8p_KkJJPCaMQAAAEDhepQ_MO-83ww4mFBApgZIAlDSifWvAVi18qABYABoif3DAXiQ9gWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNjA4MDUyMywgMTY2MjMwMTI3OSk7dWYoJ2knLCA3MzkwNzkzLCAxNjYyMzAxMjc5KTsBHTRnJywgMTgzNjU3NjUsID47ADByJywgMzY4OTE5NzYyNh8A8IuSAvUDIWxGWVRCQWpvNDdRWkVOS0o5YThCR0FBZ3RmS2dBVEFBT0FCQUFFaW1CbER2dk44TVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkNyQUJBTGtCUVZtaVdVNWlVRF9CQVVGWm9sbE9ZbEFfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBY21Nd3dQMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall4TXpEZ0E1a3ZnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBWHlMNmtGaXhwTXdfQVI4RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGWlBBRnhmcmdDUGdGaTVEekFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRzhXamppTFg0NUQ2b0JnR3lCaVFKAV4NAQBSDQgBAQBaAQUNAQBoDQhMQUFBQzRCZ28umgKZASEzeFUtMlE6-QFkTFh5b0FFZ0FDZ0FNZkZvNDRpMS1PUS1PZ2w9SRRCQW1TOUoBTwEBCDhEOR15AEIdeQBCHXkEQnABLAkBBEJ4CQgBAUFFWQHw10FBQS7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQNODA2I0FNUzM6NjEzMNoEAggB4AQB8ATSifWvAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAEOcNgFAeAFAfAF6_RP-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG-AHaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOLoGQADIB5D2BdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=ea064b100681a2a31c72c60ee4efb478969fb24c

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f3c54a14-7ca7-427f-9cc8-aab235ac337a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 39104ded-0abd-46b3-aa40-96feff44ba4b.gif
crcdn01.adnxs-simple.com/creative/p/806/2022/6/30/37554855/ Frame 7C09 7 KB
8 KB 119ms
8ms Image
image/gif 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/806/2022/6/30/37554855/39104ded-0abd-46b3-aa40-96feff44ba4b.gif
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 5dbb5147d180034bf86adfe8c60a4c1c7e777b1e13ada51d26a6b8319f76791a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 5631723
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 7642
X-Served-By: cache-lga21936-LGA, cache-fra19148-FRA
Last-Modified: Thu, 30 Jun 2022 10:25:25 GMT
Server: nginx/1.21.3
Cache-Control: max-age=3888000
X-Timer: S1662301280.152966,VS0,VE1
ETag: "50300dffcb630b07c5a0b91366239ffe"
x-amz-request-id: ca5ad17f-2349-4f55-ac6b-f78e6a9841bf
Access-Control-Allow-Origin: *
Expires: Mon, 15 Aug 2022 09:59:16 GMT
X-Clv-Request-Id: ca5ad17f-2349-4f55-ac6b-f78e6a9841bf
Accept-Ranges: bytes
Content-Type: image/gif
X-Clv-S3-Version: 2.5
X-Cache-Hits: 1, 1

GET
H3 200 render_post_ads_v1.html Show response
googleads.g.doubleclick.net/pagead/ Frame 5A1F 13 KB
5 KB 16ms
15ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 4980
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 10:42:32 GMT
etag: 12223946614886178233
expires: Mon, 05 Sep 2022 10:42:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame 1EED 7 KB
3 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13385bc296bb2dc9cac61d19963d6868de43445187fdb91b6980e892773a1c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1370
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3151
x-xss-protection: 0
server: cafe
etag: 3095951791532391640
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 14:58:30 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame 1EED 85 KB
29 KB 128ms
17ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 1EED 0
819 B 80ms
17ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QKPBvBMDwMAAAMA1gAFAQjf6NKYBhD3m--W0dzl_WgYjYHql4-bxtEoKjYJDaZh-IiYgj8RPQUjo8F1fj8ZAAAA4KNwzT8hPQUjo8F1fj8pDaYJJPS7AjEAAABA4XqUPzDvvN8MOJhQQOUeSGVQoZ_pJFi18qABYABoif3DAXiI9wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi-AAwCIAwGQAwCYAxegAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLUNjR25MMFVmbUxKQTBEb0xZcWxEUlBkLUk4SnpjeDU2Q1I3b2RnOEFQX3RLM1ViME4xYm9IVkVqckUyYkZpZUYtaEFjQlJqZk1xSkgwcEg1NmotVkhaWkNEOURnJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzc1NjQ4MDU5MDk3MDY5NTIxODMiCDc3MjIxNzkzKgQzOTQxOgEwwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKGf6SSIBQGYBQCgBba3u7Cd04bzL8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaHHC_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxNDQ4OTE4ODg2NjS6Bw8IABAAGAAgADAAOLoGQADIB4j3BdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=eabab60c5ef0069b2062e85d13847d09c5b7ad7b

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 45238f1a-0d2e-414f-a3e0-273f17d82bc8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1EED 0
20 B 48ms
48ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-AZLXVO1L8X3zLgGSmAwNvwoD_yXmKsEY1tMtPg6u-nLpi3hJagSkI9WqTO84M3zN5wohLLUovTfnktK2mBU6FeBYFwLA

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 render_post_ads_v1.html Show response
googleads.g.doubleclick.net/pagead/ Frame D5FB 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 4980
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 10:42:32 GMT
etag: 12223946614886178233
expires: Mon, 05 Sep 2022 10:42:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame A184 7 KB
3 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13385bc296bb2dc9cac61d19963d6868de43445187fdb91b6980e892773a1c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1370
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3151
x-xss-protection: 0
server: cafe
etag: 3095951791532391640
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 14:58:30 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame A184 85 KB
29 KB 121ms
17ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame A184 0
819 B 72ms
18ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QKOBvBMDgMAAAMA1gAFAQjf6NKYBhDLxIqk04bK-QQYjYHql4-bxtEoKjYJw7tcxHdihj8R0xsoz0BVgj8ZAAAA4KNwzT8h0xsoz0BVgj8pw7sJJPS6AjEAAABA4XqUPzDvvN8MOJhQQOUeSGVQoZ_pJFi18qABYABoif3DAXiK9QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi-AAwCIAwGQAwCYAxegAwGqA-kBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLUF3SmplODJpdm45Ry1BeWtGcHlvM0paZHRLY0tqT2s4Z3NmVzRuYUtmajNkQm1EOFBNXzZZdE1ZNFdEUXVmY0pKNThPa3VUcVhQSURrSkVHUFVpaW1ZMFpZenNBJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEjM1NjY3MzAwNDQ3MTc1NTMzOSIINzcyMjE3OTMqBDM5NDE6ATDAA6wCyAMA2AO2wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjE0MKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEoZ_pJIgFAZgFAKAF7b-o_97DlokvwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFoccL-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDE0NDg5MTg4ODY2NLoHDwgAEAAYACAAMAA4ugZAAMgHivUF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=b47969674c8a3e7dd3639bc8575b948fd69ff17a

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: df279421-4f11-4353-b8c9-88e6c1dae5d9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A184 0
20 B 48ms
48ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-Do2q7QT2CTPOvtTrUNKCX4H95h23kZqSe542qUNqQtvkN3x1r1ZDpwfcDESskuB9pDRsfHA4J3BYQylx3y8IEOzg-77w

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 27 KB
3 KB 428ms
127ms XHR
application/json 54.157.211.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f&AV_VIDEOURL=https%3A%2F%2Fstreaming.playstream.media%2Fstorage%2Fvideos%2F489cf6ec-67fb-41aa-ab10-6385d5071f8a%2Findex.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&AV_CHANNELID=6278fd47e6b0901a49776895&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=earnme.club&AV_DADPOS=3&AV_TAG=62790805abc41c4450002684&AV_TEMPLATE=6278f4f0a7dd573d85421cad&d36=6.2.52&responsive=1&sver=2&avtoken=279849&omv=1.0.1&clsid=8a35840e-149f-4355-b3b3-c7de62379153&rando=71&AV_WIDTH=640&AV_HEIGHT=361&AV_DNT=0&cb=1662301280056&wfc=1
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.157.211.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-157-211-237.compute-1.amazonaws.com
Software: /
Resource Hash: eb1a2b637d4180c76fd21156c86148a50794ef6af1a89c732f011bb4f01f6ead

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://earnme.club
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 24 Aug 2022 00:34:40 GMT

GET
DATA 200
OK truncated
/ Frame F4B1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7fe1f8f95f5b966837b6fd94703f0af7606ec21bdbecc76e81c90bd923c767c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F4B1 0
0 57ms
56ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss42R30AZNVDG05ZstHeMkQjuVUI2l-fvRfSOaSLx10dzCnEu_2Ri2pHvsTJSFwz0Vfk083Uhap_4wVQAWs1i6H3oG1ZEXCoc0FRRl0sCk6AKX4ZUTi-QnSaRZpdysO5mGxO3iF2fTSZNqEdEFpnCcEBZ8pVD1PVY4twFHXq34N28D7usROqIrZ4uWR2dU7MJQGgFosaJ6_lERghyS3J8cNb2BKlpi0nqAYe-9IqF7gWQH0tqF0gUtC2xrn11MiAA6TsE1C8iVvUeDulb1EGau1wGJZDtYRLixGal-ZriDzEGRgZwyyyScM_R8t1WqLD5z9&sai=AMfl-YSfyvWl1OkX-Si_UdIoVB3CF3qJM2gbXtMVnyr5ARl_aCNV3YwJ14ROqxUjixIJZiGpHcIMjP0QgT8l8vSXowWuLInByqnaXGnYEJFZvg6tbtketrKs0WayZLN7X3LZ9Q&sig=Cg0ArKJSzBbkl8DsAH9PEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 04 Sep 2022 14:21:20 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5FFB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

30ms
29ms

Image
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H3
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Redirect headers

date: Sun, 04 Sep 2022 14:21:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5E66
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

47ms
46ms

Image
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H3
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Redirect headers

date: Sun, 04 Sep 2022 14:21:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK 75d02d930b.html Show response
tm.ad-srv.net/tm/a/container/html/ Frame 312C 4 KB
2 KB 223ms
167ms Script
text/html 144.76.87.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP0P6bwgdGQsvjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAyiJtAQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd1kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0CZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96585%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1186271738
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.87.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.156.87.76.144.clients.your-server.de
Software: nginx /
Resource Hash: d7a3ab30f5ce3f57ae84e11693a66974a82a148d9da3d4a632e461f696c7c46d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=utf-8
Expires: 0

GET
H/1.1 200
OK analytics.js Show response
s.update.ib.adnxs.net/2/225545/ Frame 312C 6 KB
3 KB 224ms
35ms Script
text/javascript 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.ib.adnxs.net/2/225545/analytics.js?dt=2255451533761563475000&pd=avt&di=https%3A%2F%2Fearnme.club%2F&ui=2928211502789460109&ap=&sr=10264&pp=2180927&ti=3389830757012732483&pv=35ba5be0-24f5-4a06-81f4-628fd2410efb&to=3&de=2&md=1&dm=300x250&gt=DE&ac=11493887&pc=26730095&cr=215907859&c1=ams3&c2=0&cb=1186271738

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-209-222.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d3846ad469eed16ff203c86e06f5260b701440a6f267cb37e5b57f9c09096f18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 2967
Expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame 312C 85 KB
29 KB 61ms
18ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 312C 0
819 B 47ms
33ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhDD9L_D0KPGhS8YjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAA4KNwzT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w77zfDDiYUEDKTkgCUJP8-WZYtfKgAWAAaIn9wwF4yfIFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhdjJRNFlBakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VPLTgzd3hZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBek4tQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCWlV2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUt4ZDFrZzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEUMENaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MDM32gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEm8EzwP9AGuzPaBhYKEDW6W-Ak9UoGgfRij9JBDvsQAxgB4AYB8gYCCACABwGIBwCgBwG6Bw8IABAAGAAgADAAOLoGQADIB8nyBdIHDQkAAAFRBAAAAR4I2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=448ca316817112ca26e6c694d83d58b5541de7b6

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c01060c4-6fb1-4e07-ad0a-b07436251518
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 75d02d930b.html Show response
tm.ad-srv.net/tm/a/container/html/ Frame D42A 4 KB
2 KB 152ms
103ms Script
text/html 144.76.87.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUPy5L793l_0MwjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAQiXozgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521JRfSkAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyMUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTIx%2Fbn%3D97002%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=300805794
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.87.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.156.87.76.144.clients.your-server.de
Software: nginx /
Resource Hash: efa755d6b2fd734832c35131ef13630f82cbde29d78f0aab5dbb1875cf9732f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=utf-8
Expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame D42A 85 KB
29 KB 51ms
14ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame D42A 0
819 B 75ms
68ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhCulr3v3fz_oTAYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAA4KNwzT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w77zfDDiYUEDKTkgCUJP8-WZYtfKgAWAAaIn9wwF46vUFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhRFdYMWl3akZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VPLTgzd3hZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpFeU1lQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCZWt2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUpSZlNrQTYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEUVUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MTIx2gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgH6vUF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=605efa0b3391b733d4bd7ab5d98ebb60cf481e48

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4f05a34f-dcca-4c01-a110-c99b990673ee
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 third-party-pixel.js Show response
static.adbutter.net/libjs/ Frame 8D4C 4 KB
2 KB 136ms
19ms Script
application/javascript 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adbutter.net/libjs/third-party-pixel.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 22b708f3ebd27eed5651b3b2bbe8e7df0135344ee6830ff1d63f741d47a67cc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 09:50:10 GMT
content-encoding: br
last-modified: Wed, 06 Jul 2022 13:23:22 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "62c58cca-f7c"
x-cacheable: Matched cache
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18000
x-cdn-pop: rbx1
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1275
x-request-id: 552567098

GET
H/1.1 200
OK tfav_adl_314.js Show response
j.adlooxtracking.com/ads/js/ Frame 8D4C 64 KB
23 KB 104ms
37ms Script
application/javascript 37.187.28.21
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://j.adlooxtracking.com/ads/js/tfav_adl_314.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.187.28.21 , France, ASN16276 (OVH, FR),
Reverse DNS: js13.adlooxtracking.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 9fb6b8d30eb3254f5dc7764e3f1de7dedc98d1d7836072bd606f9d03c67375bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Dec 2021 13:16:16 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"61bb3c20-ffbb"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame 8D4C 85 KB
29 KB 45ms
16ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 8D4C 0
819 B 18ms
17ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QK0C_BMtAUAAAMA1gAFAQjf6NKYBhCjt9nMls_ypSkYjYHql4-bxtEoKjYJZb0Yyol2ZT8R4s4vSIYVYD8ZAAAA4KNwzT8h4s4vSIYVYD8pZr0JJPCaMQAAAEDhepQ_MO-83ww4mFBAmglIAlDJnvW0AVi18qABYABoif3DAXj-9QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDYwNzg0NzEsIDE2NjIzMDEyNzkpO3VmKCdpJywgNzQwNTIyNiwgMTY2MjMwMTI3OSkFHTBnJywgMTg0NjQ3MTMsQjsAMHMnLCAyNzYzNjczMTVGHwAwcicsIDM3OTQwODIwMTYfAPReAZIC0QQhQW5KUlBRaWN1YnNaRU1tZTliUUJHQUFndGZLZ0FUQUJPQUJBQUVpYUNWRHZ2TjhNV0FCZ2JXZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0JYckQ3RGVPS1pUX0JBVU15OFVuV2NtVV95UUVBQUFDZ0NYSHVQOWtCaXhwTXdfQVI4RF9nQWFyOXd3UDFBZGhzVnp5WUFnQ2dBZ0MxQWdBQUFBQzlBZ0FBQUFEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHaUF3NElfcE8zSkJBRUdBRXRaS2NITzZJREV3am52cWNrRUFvWUFTMU5pSE1fTWdOMWJtdWlBdzRJbU5UNkloQUxHQUl0QUFBQUFMb0RDVUZOVXpNNk5qRXlNdUFEbVMtQUJLdjI1QWlJQktLMjZ3aVFCQUNZQkFUQkJBQUFBQQGoEEFBeVFRCQkBARhOZ0VBUEVFAQsJAVBDSUJlb3ZtQVhUai1TREFha0ZpeHAtDAgteEIdOwh3UVUJMwEBCE1rRgEHHFFGT2QwVF9SLigAADIVKMBEd1AtQUZoZ0x3QmNuXzVnajRCWWVBOHdLQ0JnTkZWVktJQmdTUUJnR1lCZ0NoQmdBAVM0QUFCQkFxQVlFc2dZa0MdgABFHQwARx0MAEkdDDR1QVlLmgKZASFJeFRIbj5VAixMWHlvQUVnQUNnQU0RNVhCQkFPZ2xCVFZNek9qWXhNakpBbVM5SjkFBDlSCZYBAQRCWgEGCQEEQmgJCAEBBEJwAQYJAQRCeAkIAQFBoQRrQgEKAQHw1zhEOC7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMTE3OCNBTVMzOjYxMjLaBAIIAeAEAfAEyZ71tAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAUOcNgFAeAFAfAFq_dG-gUECAAQAJAGAJgGALgGAMEGBSIsAPA_0AbgA9oGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ugZAAMgH_vUF0gcNCRE6ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=f4044244f8036fc0937dfa16964013edda8bbf3e

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4d26ff36-8cbf-42b8-afb2-43da9c2f8ec9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 16892205-b046-478c-875c-1ab0eb8d6d6f.gif
crcdn01.adnxs-simple.com/creative/p/1178/2022/8/22/38962843/ Frame 8D4C 35 KB
36 KB 57ms
34ms Image
image/gif 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/1178/2022/8/22/38962843/16892205-b046-478c-875c-1ab0eb8d6d6f.gif
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: d2b19b6ce69b28132824048b0fb9d85893a1841fa760364d2284f586643fe209

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 1120309
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 36336
X-Served-By: cache-lga13621-LGA, cache-fra19144-FRA
Last-Modified: Mon, 22 Aug 2022 15:04:20 GMT
Server: nginx/1.21.3
Cache-Control: max-age=3888000
X-Timer: S1662301280.184763,VS0,VE0
ETag: "302f84b6f8201b7b0e833ca1666431e2"
x-amz-request-id: ea800eda-3069-4b50-bc1d-a30e76e095ac
Access-Control-Allow-Origin: *
Expires: Thu, 06 Oct 2022 15:09:30 GMT
X-Clv-Request-Id: ea800eda-3069-4b50-bc1d-a30e76e095ac
Accept-Ranges: bytes
Content-Type: image/gif
X-Clv-S3-Version: 2.5
X-Cache-Hits: 1, 2

GET
H/1.1 200
OK 75d02d930b.html Show response
tm.ad-srv.net/tm/a/container/html/ Frame 537C 4 KB
2 KB 269ms
243ms Script
text/html 144.76.87.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP3dAqpV0pb9ojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAYSNJeQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521MBfWkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2OUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY5%2Fbn%3D96751%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1251337577
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.87.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.156.87.76.144.clients.your-server.de
Software: nginx /
Resource Hash: c68a3804b628d39473651dd1f47293ef25ed4bfb7f06b9a47d733e61ab1cf86a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=utf-8
Expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame 537C 85 KB
29 KB 30ms
13ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 537C 0
819 B 15ms
14ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhD3gKmtya7p32gYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAAoJmZyT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w16_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaJzcxAF47_MFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMheldSWFZ3akZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOZXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBMk9lQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCYlV2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBATxDNEJnby6aApkBIU1CZldrOgECLHRmS2dBU0FBS0FBeBltGDg2Q1VGTlUxURRVQ1pMMG05BQAxPSQERmsBZgkBAEcdGABHHRgASB0YEEhnQWlRERDw_UR3UHcuLtgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO2wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjE0MKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA8xMDA1OCNBTVMzOjYwNjnaBAIIAeAEAfAEk_z5ZogFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbCiAvoFBAgAEACQBgCYBgC4BgDBBgAAASYo8D_QBrsz2gYWChABDy4BAGAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpEIAAwADi6BkAAyAfv8wXSBw0JETwBOAjaBwYJJ2jgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=2f4eb1ece21d33430a3f3cd8e43ceff4e219f6a2

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: aca5a41e-2831-4b68-aa11-b7538de979f1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 75d02d930b.html Show response
tm.ad-srv.net/tm/a/container/html/ Frame 768C 4 KB
2 KB 215ms
187ms Script
text/html 144.76.87.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUPwURx_nJzGQgjYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAGiOtYQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdKkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjE0OECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTQ4%2Fbn%3D97180%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=914353365
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.87.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.156.87.76.144.clients.your-server.de
Software: nginx /
Resource Hash: db6ce769c2c80fba556451aeac4b55e9558cf7a775e9afade27fcb47238d1454

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=utf-8
Expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame 768C 85 KB
29 KB 26ms
16ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 768C 0
819 B 14ms
14ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhCFopzOn5mzsiAYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAAoJmZyT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w16_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaJzcxAF4nPcFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhbTJUNk9RakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOZXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpFME9PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCWVF3cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUxoZEtrdzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MTQ42gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgHnPcF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=8cb5d75298677a733c35560bd24383a976c76226

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 175d4f2a-7ee3-40b1-99fd-a55e85400661
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 75d02d930b.html Show response
tm.ad-srv.net/tm/a/container/html/ Frame 8F91 4 KB
2 KB 127ms
99ms Script
text/html 144.76.87.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP5X7-VffJzUojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAVyYs5AAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LBe7kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjExOUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTE5%2Fbn%3D96994%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1253409750
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.87.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.156.87.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 4523df3ea81ac6ae3e9f0006d7b8a62eab2c93ae5cb410f1588fe8914a071b4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=utf-8
Expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame 8F91 85 KB
29 KB 17ms
12ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 8F91 0
819 B 16ms
14ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhCV9-e_9fvJmigYjYHql4-bxtEoKjYJjXHQvsBmkj8R9vLvPuFviD8ZAAAAoJmZyT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w16_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaJzcxAF44vUFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhLTJRRWNRakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOZXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpFeE9lQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCZWN2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUxCZTdrZzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEUVUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MTE52gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgH4vUF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=7792d0fc3a7425dcee72fdeea091b8c839219adc

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 01bdd60d-d9c0-4122-ba3d-152b4382a299
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 75d02d930b.html Show response
tm.ad-srv.net/tm/a/container/html/ Frame D12A 4 KB
2 KB 203ms
176ms Script
text/html 144.76.87.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP05HambBkCwVjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAhibppQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96722%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=699077580
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.87.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.156.87.76.144.clients.your-server.de
Software: nginx /
Resource Hash: c9dbc74f8f591bdba553b655e9532b6952e06c1d57a44596898665874cf62a76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=utf-8
Expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame D12A 85 KB
29 KB 14ms
14ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame D12A 0
819 B 30ms
29ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhDOjqmzlpiklhUYjYHql4-bxtEoKjYJjXHQvsBmkj8R9vLvPuFviD8ZAAAA4KNwzT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w77zfDDiYUEDKTkgCUJP8-WZYtfKgAWAAaIn9wwF40vMFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhMm1UWGJ3akZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VPLTgzd3hZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBMk5PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCYkF2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUt4ZDRrZzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MDY02gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgH0vMF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=68c5586f11f8dedd205f184135fd8894177211ce

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 59238c9c-da17-446c-8082-a61f910c916f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 39104ded-0abd-46b3-aa40-96feff44ba4b.gif
crcdn01.adnxs-simple.com/creative/p/806/2022/6/30/37554855/ Frame EEF9 7 KB
8 KB 8ms
8ms Image
image/gif 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/806/2022/6/30/37554855/39104ded-0abd-46b3-aa40-96feff44ba4b.gif
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 5dbb5147d180034bf86adfe8c60a4c1c7e777b1e13ada51d26a6b8319f76791a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 5631723
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 7642
X-Served-By: cache-lga21936-LGA, cache-fra19148-FRA
Last-Modified: Thu, 30 Jun 2022 10:25:25 GMT
Server: nginx/1.21.3
Cache-Control: max-age=3888000
X-Timer: S1662301280.190034,VS0,VE0
ETag: "50300dffcb630b07c5a0b91366239ffe"
x-amz-request-id: ca5ad17f-2349-4f55-ac6b-f78e6a9841bf
Access-Control-Allow-Origin: *
Expires: Mon, 15 Aug 2022 09:59:16 GMT
X-Clv-Request-Id: ca5ad17f-2349-4f55-ac6b-f78e6a9841bf
Accept-Ranges: bytes
Content-Type: image/gif
X-Clv-S3-Version: 2.5
X-Cache-Hits: 1, 2

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 86E3 52 KB
17 KB 11ms
10ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34362
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:20 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321485
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301280.195675,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame EEF9 0
819 B 23ms
21ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLFDPBMRQYAAAMA1gAFAQjf6NKYBhDWofeU7u2TmhoYjYHql4-bxtEoKjYJ_Knx0k1iUD8RV7ZqMj4nSD8ZAAAA4KNwzT8hV7ZqMj4nSD8p_KkJJPCaMQAAAEDhepQ_MO-83ww4mFBApgZIAlDSifWvAVi18qABYABoif3DAXiq9gWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNjA4MDUyMywgMTY2MjMwMTI3OSk7dWYoJ2knLCA3MzkwNzkzLCAxNjYyMzAxMjc5KTsBHTRnJywgMTgzNjU3NjUsID47ADByJywgMzY4OTE5NzYyNh8A8IuSAvUDIW5sYlZDZ2pvNDdRWkVOS0o5YThCR0FBZ3RmS2dBVEFBT0FCQUFFaW1CbER2dk44TVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkNyQUJBTGtCUVZtaVdVNWlVRF9CQVVGWm9sbE9ZbEFfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBY21Nd3dQMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall4TXpYZ0E1a3ZnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBWDNMNmtGaXhwTXdfQVI4RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGWlBBRnhmcmdDUGdGaTVEekFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRzhXamppTFg0NUQ2b0JnR3lCaVFKAV4NAQBSDQgBAQBaAQUNAQBoDQhIQUFBQzRCZ28umgKZASE1QldjMj75AWRMWHlvQUVnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFZBbVM5SgFPAQEIOEQ5HXkAQh15AEIdeQRCcAEsCQEEQngJCAEBQUVZAcBBQUEu2AIA4AKbhU7qAhRodHRwczovL2Vhcm5tZS5jbHViL_ICEQoGQURWX0lEEgc2aTEc8gISCgZDUEcBFAAIcQsBKQgFQ1AFFFw1MzI5MzU0NPICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BWBEPEAsKB0NQFQ4QEAoFSU8BYAQHN2mcAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3wiwEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQNODA2I0FNUzM6NjEzNdoEAggB4AQB8ATSoQ0giAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF6_RP-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG-AHaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAOLoGQADIB6r2BdIHDRV2ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=2554d3396fcabc3a26cac63db9761286f44ba2e5&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dzyczmwpf%26e%3D1957767944024,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dzyczmwpf%26e%3D1957767944024&

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0b3e01e8-ff81-4ba3-9262-c69d593028df
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame EEF9 85 KB
29 KB 16ms
14ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame EEF9 0
819 B 16ms
15ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QK3CvBMNwUAAAMA1gAFAQjf6NKYBhDWofeU7u2TmhoYjYHql4-bxtEoKjYJ_Knx0k1iUD8RV7ZqMj4nSD8ZAAAA4KNwzT8hV7ZqMj4nSD8p_KkJJPCaMQAAAEDhepQ_MO-83ww4mFBApgZIAlDSifWvAVi18qABYABoif3DAXiq9gWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNjA4MDUyMywgMTY2MjMwMTI3OSk7dWYoJ2knLCA3MzkwNzkzLCAxNjYyMzAxMjc5KTsBHTRnJywgMTgzNjU3NjUsID47ADByJywgMzY4OTE5NzYyNh8A8IuSAvUDIW5sYlZDZ2pvNDdRWkVOS0o5YThCR0FBZ3RmS2dBVEFBT0FCQUFFaW1CbER2dk44TVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkNyQUJBTGtCUVZtaVdVNWlVRF9CQVVGWm9sbE9ZbEFfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBY21Nd3dQMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall4TXpYZ0E1a3ZnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBWDNMNmtGaXhwTXdfQVI4RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGWlBBRnhmcmdDUGdGaTVEekFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRzhXamppTFg0NUQ2b0JnR3lCaVFKAV4NAQBSDQgBAQBaAQUNAQBoDQhIQUFBQzRCZ28umgKZASE1QldjMj75AWRMWHlvQUVnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFZBbVM5SgFPAQEIOEQ5HXkAQh15AEIdeQRCcAEsCQEEQngJCAEBQUVZAfDXQUFBLtgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO2wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjE0MKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMzo2MTM12gQCCAHgBAHwBNKJ9a8BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXr9E_6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ugZAAMgHqvYF0gcNCRE6ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=8e6919f4125a4d6c23ed42b4f70bc5861fabe01c

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 93444329-c73b-41a3-a8d9-b8319e8dce64
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 75d02d930b.html Show response
tm.ad-srv.net/tm/a/container/html/ Frame 5CF8 4 KB
2 KB 172ms
75ms Script
text/html 144.76.87.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP1Svmx6DSP86jYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA6yIkUwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LRcGkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA4NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDg0%2Fbn%3D96847%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1251418248
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.87.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.156.87.76.144.clients.your-server.de
Software: nginx /
Resource Hash: eede788b45440308e6614f919c6597fe4d2d6e66cf6b91bee866a5f64c705d6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=utf-8
Expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame 5CF8 85 KB
29 KB 15ms
14ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 5CF8 0
819 B 15ms
15ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhDU3u70sZDS_zoYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAAoJmZyT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w16_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaJzcxAF4z_QFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhMldTYlhRakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOZXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBNE5PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCY1F2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUxSY0drdzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MDg02gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgHz_QF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=aba58926cc013ece87286802d9a0883829504a3d

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 68d1e93d-100c-45f1-b81f-d4e79801f67e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3B18 552 B
300 B 51ms
50ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnsJBC_m8_xAxjGv-nRATAB&v=APEucNVvMpQzNF8shX3_SWkVlSXDpvBSmec7fsQoHrObOFYuKhuU3l5KPvJn2kmf2xozfZGhlfNKf1zHlrodvCY65cURZydCLNFCyW-N2mSv7D4jS1CnJNnt19CjlGMVGFZZ3s6XJQ5mcHUrQICM2f-lE-PagLo66CqDTRVMNSaHlOYI9pSKwCw

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3dad89bd01783443195a892365b91096da2f6ebb36b2169ab32af37344c82f1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 279
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3AD2 68 KB
30 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7uw8QApOHlc26dRTsXGCrYXgLPMjXzb3H3U9tyJETjDuf-ZZTjFsEANrsMol7uDBPpJY5FhXheb8wgeh7BuiiNM2wKwVE6rUwIzXALtpKaOkbaZHvJxxp5fgSzRi0mvIj8h46TEdIs5RG93PxqMRFo7V3iw&cry=1&dbm_d=AKAmf-A0Kq4Hb3iqW-FbmJYZu_HQOVYlJxAYGxwEIW9QobMg2GlJYd0Kkgt_1Al8pKWqMSLcyXRbKbpx92UupQKEBRhld-ZB8NX2xycs0ghEiVJ_LuauYBygvif4pExF6IzUZdnYL7pGZOd5zFa46O-_htzvdxf4vz0wGWytMYVqIjrnzzuzHwYFgv2_3op8kS4Po4gK0toh3z20LssspdTaAtTvOee_TpNAe5O1SJPGA_yHSwJxXVxz6b-lSLPW_xVor4dLLrZSRowIw_eQSTLHu0btbp7p5cT-Anx5lvf2YTWI2KfD1_CrejNF9o6fBUmmozNFiVoILOwbLi2eXujAutKW8onsrYiLzbfuounjgh1cWvGn6o_Hn0SFM5OPHy526kVO_dhiqQRQ9GYyY32Y_XSgFnlPXMmN6qtYZKYTZSkn6qfJSS8mth3i74QizX7d7XtJo7YygKwmY3vj-HZ4XNq1m37P4O_Mgs9g3AeDPxXfadVcm8K6v6fCWnOyJ7QzSswiWwlAmeREmN-3vGFy_NmdqmKAWPeyXKGIV46rQP9DtQAAH52GyDGhg9_Ily2PRaJZoqMmkBcxtg2P4Hhfs9jbk9uaFQP3rdQhelkagrlX4TDBYxeycmaxaumlynOLr4M20upJsZH98fDp6_Px_mQwFbu2z6EM8Mjsz5P0zL4LEOaVkryzkeGP3itYiCgXz_mnu9bJXqdOAo2cJe2HfdvGKbcvl6E2toUvvJBF4kRKwtVM2uOtDgCtQSsHsCuFQGmIUDwJT1HGxovEhilO3wH5JDdVOvX0sQIsyEPY3JKfxBY2EkTSvoBpWFjf307a7MggIFEz4LWEJX6_LHIN06b9Q_rUkfwDVKT5NIPjCDoR0cCL3nIsDS50DjobWTl4KW3itTXhxOb12CZ626UuIcRaBGv2M8kY61bCiQml9iEnW6kHkrQYZJ0MpgF8dok2lhOU5e7Xz1XvSIRTKmXd8lCJghH4ruNClBT5MWsvbVWIAKrCbCYqEvb5_4zVenTMGHePnYzBoqzmWqGZQ_HhaLKuBS4PYJwdVWwtmaR5qRifgBshi7_UjyHRE4jAPoUc19DHyjRaDvtQIhUIFiwVI8UN0ERspKqM0BLbZLgQGEhwehIFGhmLSIvSn-R8lFirHkC_niakdyF-xSeBUt5_8xZV7dgO8hK7kCgy9-GEkW1KjuwvxaN0lpZubHnZVxGZXj6VDGy5M1tk8adkghwSeiYXiQjuy7VnRvUrz17bnj6itdaBRaImx2C2FOd2F7ijqa858J7UiPLLxafJc76g2D-ivwtH-H-Z_9g42ftHlXYaRn9483nFbosSBk4xDVpzbLNNo7cKv4mtQr1g3lcs7O17ISGcBKgaq9BtH2ypcs_vBr9Ox6OJmat65LIu4w6gfZ0mZYz7OdEPBIWdlGIWoDaQcFXyrIYHBY9q387EKunHYJhzd2rT711C_gOI6eOU4S-u4x5uG-7OWmem2LI1OSky5_kymybAaqmTfAp6raDLUkZYhLr752VkIjJO683j2qLsLURQBIGhbUwrYXzllGpMvfP-GK5eQynjL26hh9fuxeka_f04_nbVlWyJZyUZCLed9wj0pNys3sFrboftaO0LdHdpyLAJoFRlbOD3JM-lVYowWKovOVpYGUpy8JOZ8ICeaOe0aqRVi--WEDyH_XdUjfq2eF70Ix_rDFOEzMAopXm9mPWaB7xws7FAe7g_qUNdLNVWafI0i6Fx76m50SxbzcdYhNgPBelBzYWmhic_pZs-7rToMOAZajM1z8jnOHp5IQRIRQfcijGi3aFIZdAstUhfiaDvpi63vzT0ay9sSStnkeXj4_OW_XpcvJ7KyM9f6H9e8Wa7CZ8tpfL4TxFf3F9-r-DmKn_pRIA33An7y22PygGBoAMMn7LyT2_c3AFhtZQXMoPhtyQq7wf9izqKpvVSPqjBl07aeino4URlhnpfNpHZYGI8znLhOWUBRoTzSggJLxXig6w7qumQ53SVbvEe-9RuO9ohV9cZoZw4dSijWgYGVJzM2V55ZGy95L0P9cWFgH7YKrC5Ecrh9JCQJ06U4FQABOtWE_1DCn8xnJ96KRBrqQu6lukMgm4vQrJ1nwSaYBp52btmCAuxb64HOiJM0Ps0b7m9pSUswQ5O5QNr5qQmKIXcKgYiRV0D1hF11rvSOUuVudZiGFrSp9D0MZLP0JVQ097kxMwFZPil7WEVXnj7_BR-NpshdPK2VY5lIP2v4lP0COMImQFE2kge21PNDo7UYqcmzJkpZy_4ah5XeB4mdkfWHvnRA0CcDhYtcYVW4MMI3RiBXuH-vrD_guoQH_V_udtKN5PebHdpJmSlBgB494VveuGZg69fK4Vrk4PgCslyrYIphEq-7l3Ge01ouVAhdwfE7WlLFYjEsLnTUFt2IVTwrukv9Sy5lPk-TG54yPn8Q4fL8jk3EZmR9VYOiD8Y-D7I9CdwJPq6kVCJfU7lU-iS2N4tjuFGht9BwUpaZ1WBwk3UCg2q0G2aVsDVkzk131DI7xxYnZGwxpaiz9UeG_JHjeWhqPHJGSKbP7_ena5shxMgTCEAkSztpbjp4JG5JRLr8rVvPXDNR9l7R7-karVoR0h8ikzMwLKFwXr_Z2tPUfG0CCQRoIXqyTPjXLlqnY07WCqv9Dg5K5Jb2s0NdIbaWBXhfBJzwb5srzwHoT9HKoqNOdGoO5cqCKXfa5QsoBgP6C3T4_ydpCHcVkH9VUm1MHHQcWUGkTK2xo7Hp1tfND0-jXvfmAwrU4UQm1v9whQIw2k81tQvfLbPP3rCgfwqXw72CLOLbonQendofrUTyB9xlZZx_8cddsKBZAJ_UYtB9MjV7Xcs78fprsvecOlgqwsJ69_Qlsn-gMDfguluTuLj7RtZ4obIsU8uxZEsaDS_GRdmm7P6VVyHhNTuWW2cZ6hwg8gPdYuOuuZhsTAYziBlFJOVa6eYOcr9iqS6Zir9ej_cuGG2DQlxMJk_twFxu8K2rB-XRWxw94Jw2L3UeLStyDtUwBCow2YHQtTj_qTYTg6qE1RtGGy_yTxkZaWU16hCp4z_guVErWgpjKdhuskyGXmLtNAHuALzQF3FALOJqaxOQrOOe7SFr17hmNiOZ4HGEj067z0DXGyBIh2Q872pLDHkb4gqQy-JQ8OqKpoDEi9O1v1A_0PyDBHiGrbPbxMW56Iln8T3BPfS&pr=8:36C713CDA900125C&cid=CAASBORon_c&rfl=2%2Chttps%253A%252F%252Fearnme.club%252F%240

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a93369cca5d2866fae9f175940c5960b184225ad4ff416783970e444b94f5620

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30553
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3AD2 42 B
63 B 48ms
47ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BEA9z9iMbouSqi1B8Abo_Y35t9Bh5aY8BKgQ4uVCBKW6LC0y5DCkdRUPv1ep9k4uDFpxvYiZPHOjbz3q2hJsJUvVAsPVMKytCQ5N3FWnTygXey6zg

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 6165ea97-8eff-438f-b2a4-e5318e7b41a5
beacon-ams3.rubiconproject.com/beacon/d/ Frame 3AD2 43 B
378 B 17ms
16ms Image
image/avif 2602:803:c003:200::27
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/6165ea97-8eff-438f-b2a4-e5318e7b41a5?oo=0&accountId=17210&siteId=397268&zoneId=2229032&sizeId=15&e=6A1E40E384DA563B5D629553BFBE3DCB75E13EF039C0ED52693A95B101DFAAB3DBC044672EDAFA1861C1E55E2A724A94683D50851BF2EEDF07C76EFD4DB9BDFFC074A78175B0AA96E6088CF4473F8EC78650C0E0696A95D092E30BB59957EAE0751D49CA82D90684E84AAF8221655712F30F822709E03C15B16303A5FE656C794E6FC96756E5E5717879ECF22AFD7C48D5205A22D27795693B65412E80CB94F7E219561DF60B30A0E33268E0165A693BE0341E1F6D11182B535FAF19C84C12DE

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 49ms
49ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 2249 23 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8749
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 21:33:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:55:14 GMT

GET
H2 200 apn
beacon.sojern.com/imp/ Frame 2249 42 B
101 B 64ms
20ms Image
image/gif 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.sojern.com/imp/apn?auc=3426929627831539629&cr=275448214&seg=&st=0&bp=0.00227&pp=0.00227&aaid=&idfa=&ord=87880815
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

GET
H2 200 ca Show response
choices.truste.com/ Frame 2249 2 KB
2 KB 134ms
102ms Script
text/javascript 143.204.215.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=87880815&sz=300x250&js=st_dapp

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-67.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
content-length: 918
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: 5FBiyp5DUovjsDzNI8q383Euvw5qcvXeVQlI2IOW2tgbxcylXHABgA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame 2249 85 KB
29 KB 16ms
15ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 2249 0
819 B 28ms
28ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QLoCvBMaAUAAAMA1gAFAQjf6NKYBhCtr6SJ8Mq5xy8YjYHql4-bxtEoKjYJDKZh-IiYYj8RP1l0VPW3Wz8ZAAAAoJmZyT8hP1l0VPW3Wz8pDaYJJPCaMQAAAEDhepQ_MNev7Qw4mFBA6j9IAlCWg6yDAVi18qABYABonNzEAXi-8QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNTI0ODk5MywgMTY2MjMwMTI3OSk7dWYoJ2knLCA1NDgyMTY5LCAxNjYyMzAxMjc5KTsBHTRnJywgMTQwOTAzMzAsID47ABxyJywgMjc1NAE-ADQ2HwDwi5ICpQQhV21lNWhRak93SndYRUphRHJJTUJHQUFndGZLZ0FUQUFPQUJBQUVqcVAxRFhyLTBNV0FCZ2JXZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBYWdCQWJBQkFMa0JGOEtRS09HaVlqX0JBUmZDa0NqaG9tSV95UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0Fibk56Z0wxQVFyWEl6eVlBZ0NnQWdHMUFnASMEQzkJCPBbREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0dBQXdHWUF3RzZBd2xCVFZNek9qVTVPVFBnQTVrdmdBU1QyOHNGaUFTazI4c0ZrQVFCbUFRQnVnUWFDSVVFRVEBaBxBQUFOQV9HUQEJCQEgSUlMR2l3N0JCCQ8FIAR5UR0hGE5nRUFQRUURH1xBQUNJQmVrdXFRV0xHa3pEOEJId1A3RUYZIGxEQkJYc1Vya2ZoZW9RX3lRVUFBQURnZmg3TlA5MigABFpCEWfwQ1BBXzRBWGpBZkFGMm9EY0J2Z0Y0YV9BQW9JR0ExVlRSSWdHQUpBR0FaZ0dBS0VHZXhTdVItRjZoRC1vQmdTeUJpUUpBGYEAUhkLBEFaHQwAaBkMQEM0QmdvLpoCmQEhTGhVcTd3OikCLExYeW9BRWdBQ2dBTR3NCE9nbD15FE5BbVM5ShFVCDhEOR15AEIdeQBCFXkMMEQ5cBEwDEFBQngdDAg0QUkuMQLwqjgu2AIA4AKbhU7qAhRodHRwczovL2Vhcm5tZS5jbHViL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7bAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTQwqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjgxNzAjQU1TMzo1OTkz2gQCCAHgBAHwBIUwIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBdWoQvoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBugp2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADi6BkAAyAe-8QXSBw0VdgE4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=13102cab4c598f7d45a7a01d270a59eb29e89ca0

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: fe3d271b-5c82-4795-a214-4eb205f001ba
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK script.js Show response
acdn.adnxs-simple.com/strikeforce/ Frame 60E3 118 KB
42 KB 98ms
7ms Script
application/javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a991cef8e1b302989f94dad4a0e23a70dd561b60d2b41f58ed87228f0051f9c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Age: 30767
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 42145
X-Served-By: cache-lga21930-LGA, cache-fra19177-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 10 Aug 2022 13:16:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1662301280.313335,VS0,VE0
ETag: W/"62f3af90-1d8e8"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Wed, 31 Aug 2022 05:48:24 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 23491

GET
H2 200 apn
beacon.sojern.com/imp/ Frame 60E3 42 B
229 B 60ms
20ms Image
image/gif 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.sojern.com/imp/apn?auc=8744289642907626095&cr=275446379&seg=&st=0&bp=0.00244&pp=0.00244&aaid=&idfa=&ord=1922545901
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

GET
H2 200 ca Show response
choices.truste.com/ Frame 60E3 2 KB
2 KB 130ms
101ms Script
text/javascript 143.204.215.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=1922545901&sz=300x250&js=st_dapp

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-67.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
content-length: 918
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: GqnBIkqNinetHcPs7FV-7BYkwgk9ikvVmYoaJgPa_3u8p2FWN6jQsg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame 60E3 85 KB
29 KB 15ms
14ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 60E3 0
819 B 15ms
15ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QLoCvBMaAUAAAMA1gAFAQjf6NKYBhDv1IvVnaP9rHkYjYHql4-bxtEoKjYJBcB4Bg39Yz8RqYnZql_LXT8ZAAAAoJmZyT8hqYnZql_LXT8pBcAJJPCaMQAAAEDhepQ_MNev7Qw4mFBA6j9IAlDr9KuDAVi18qABYABonNzEAXjs8wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNTI0ODk2MCwgMTY2MjMwMTI3OSk7dWYoJ2knLCA1NDgyMTAyLCAxNjYyMzAxMjc5KTsBHTRnJywgMTQwOTAyODQsID47ADByJywgMjc1NDQ2Mzc5Nh8A8IuSAqUEIU8ycXA0QWlod0p3WEVPdjBxNE1CR0FBZ3RmS2dBVEFBT0FCQUFFanFQMURYci0wTVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCbzQ1djRlVHlZel9CQWFPT2ItSGs4bU1feVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBZmJNemdMMUFRclhJenlZQWdDZ0FnRzFBZwEjBEM5CQjwW0RBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall3TmpYZ0E1a3ZnQVRXMk1zRmlBU1Qyc3NGa0FRQm1BUUJ1Z1FhQ0lVRUVRAWgcQUFBTkFfR1EBCQkBIElJTEdpdzdCQgkPBSAEeVEdIRhOZ0VBUEVFER9cQUFDSUJiRXZxUVdMR2t6RDhCSHdQN0VGGSBAREJCWHNVcmtmaGVvUV95UVUBNBhnaEN2UFA5MigABFpCEWfwQ1BBXzRBWDBBZkFGcklEY0J2Z0Z3S19BQW9JR0ExVlRSSWdHQUpBR0FaZ0dBS0VHZXhTdVItRjZoRC1vQmdTeUJpUUpBGYEAUhkLBEFaHQwAaBkMPEM0QmdvLpoCmQEhdlJXSks-KQIsTFh5b0FFZ0FDZ0FNHc0IT2dsPXkUVkFtUzlKEVUIOEQ5HXkAQh15AEIVeQwwRDlwETAMQUFCeB0MCDRBSS4xAvCqOC7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOODE3MCNBTVMzOjYwNjXaBAIIAeAEAfAEhTAgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFm6ZC-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG6CnaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAOLoGQADIB-zzBdIHDRV2ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=cb61d9dbad0ca2de8d25da3807c710e9a5fa29c2

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 21fdad7c-0985-49d4-b699-74f77bca7b5c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame C7BD 23 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8749
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 21:33:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:55:14 GMT

GET
H2 200 apn
beacon.sojern.com/imp/ Frame C7BD 42 B
101 B 56ms
21ms Image
image/gif 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.sojern.com/imp/apn?auc=4277661968790706888&cr=266301912&seg=&st=0&bp=0.01062&pp=0.01062&aaid=&idfa=&ord=788328540
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

GET
H2 200 ca Show response
choices.truste.com/ Frame C7BD 2 KB
2 KB 403ms
379ms Script
text/javascript 143.204.215.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=788328540&sz=300x250&js=st_dapp

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-67.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
content-length: 918
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: tkMDgpmTZvGdGQ8MQgwVrwhMRT7oULgBVdlpP3GTAekcE94bX_RmUw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame C7BD 85 KB
29 KB 14ms
14ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame C7BD 0
819 B 19ms
19ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QLmCvBMZgUAAAMA1gAFAQjf6NKYBhDItd-32NzTrjsYjYHql4-bxtEoKjYJVdl3RfC_hT8RgLIdm7o1gD8ZAAAAgOtRyD8hgLIdm7o1gD8pVdkJJPCwMQAAAEDhepQ_MNuv7Qw4mFBA6j9IAlDY4_1-WLXyoAFgAGi4n8MBeNnxBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJ3dWYoJ2EnLCAyOTQwNzkwLCAxNjYyMzAxMjc5KTt1ZignaScsIDQ4MjM5MzEsIDE2NjIzMDEyNzkpO3VmKCdnJywgMTI3MjgyOTAsIDE2NjIzHTswcicsIDI2NjMwMTkxMjY9APQXAZICpQQhRFd2WXF3amFoTlFWRU5qal9YNFlBQ0MxOHFBQk1BQTRBRUFBU09vX1VOdXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRRVM2VkZNYWIyRlA4RUJFdWxSVEdtOWhUX0pBUUFBQUFBQUFQQV8yUUVBQUFBQUFBRHdQLUFCLTdhbUF2VUJ6Y3pNUFpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBeE51QURtUy1BQk96ZnhRU0lCS20yeXdTUUJBR1lCQUc2QkJvSWhRUVJBQUEBmhBBMEQ4WgUJCQEcZ2dzYUxEc0URrRRBMERfSkIJHAUBFDJBUUE4URHZYEFBQUlnRmdDLXBCWXNhVE1Qd0VmQV9zUVUBGgkBGE1FRm1wbVoBAhB1VF9KQgE7HE1EQ0xMc18wLigACE5rRgkxyEFBOERfZ0JhWUk4QVhpNzRnRy1BWDJ2ck1CZ2dZRFZWTkVpQVlBa0FZQm1BWUFvUWFhbQVeMG01UDZnR0JMSUdKQWsRSwhBQUIVywxBQUJrGRgAQx0YRExnR0NnLi6aApkBIUFSY3lsZzYpAix0ZktnQVNBQUtBQXgZzRg4NkNVRk5VMXkQa0NaTDARYQxEd1AxHWEARhEYDEFBQUcRGAxEUVAyHRgASBEYBEFBQXUEaVEREPDXRHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2Vhcm5tZS5jbHViL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7bAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTQwqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjgxNzAjQU1TMzo2MDE22gQCCAHgBAHwBNjj_X6IBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAACQ5w2AUB4AUB8AX3qxn6BQQIABAAkAYAmAYAuAYAwQYJIyjwP9AG6CnaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOLoGQADIB9nxBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=885465d7a57072190e564979457620c9bd7bbf60

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: a990fa88-9f76-41b1-9e06-1064e8f9b6e7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6685 676 B
337 B 54ms
52ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnsJBC_m8_xAxjGv-nRATAB&v=APEucNXwK_JuYiF7G5nh5rrgue_jEAZslNNFakpG5XHhQaKfGowIUtta2L69qqfBQRUe5I2yoOq4l_wNu17llTxRlVgco7tiWaRm5UyQtxuEhrpWB8ulL2kdEGe9KpMpuoUQr8yQ-P-xCwa7CeNd28ezUSH2GrBRk8UpvnYzRdWeirU7-NV3Hl0

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e744a66257c7c975261db63da2cc0b344ff2a82621849aea8c8c7019337df51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 316
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5C2B 68 KB
30 KB 60ms
58ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNbj1an1EcanEt3OhdCnhzy2rb5EXf6u2PF-4MwX5R2gWjQ_nUvYuoJpflTv2YEopuX9lQhgTnw6dqtSX7Y9ce9cNF4lj0G4UFixN-fqNNPM9og87Z1TW6hUcx9vRTgxOAY4J6Dt75qyvALsNjWM-bMoSrtw&cry=1&dbm_d=AKAmf-BCT9zim6Tmj9xHl7Y6SxlGutemWlcwxc-alydYCCnSeFOFfCwSrD1pIsUtxOi0locUppTMAZnELp7rljkFYBZF-DeWvEy8RmZOYvJedy36887TZ3yoFDAm40AkcpJwH-7YAnONDvzs4BKTNQq4TH3HRRjUcXb-LmQ0bPT858sOOzOVYdycDxCUbqhMpTa4Hat7F68K4kjYrRHXMzTcKl40kQh9kPbKIS-L5ghzhXUZbgJ5N_ap7dzBerVW1im6PAJpDFaxrL5Cj3qzfvQNKP4jVf11QnkgBhjnVXm-Tigd_1v1IWNGBqWjc9aa6CT6VhiljNZa0HG3MXmyQmRl8V6HwUhQ2HuMkXrtCezwQ22Yu9dO8EEkSropmDrEd8Bu2C2HTxUEaEWWMxENGpEfSmiAff0u6pbRclgezItA7eGHV6D1GtQTzgMSJzLKRAO2wOAv86AgVZ-rroqh8aR4e8zJ9v3pFkyIY2WtIrJeWWLgxkf04WbNIjL6upYkaGK3YT3kwqieHleNyh25krHnJUoLiOEllQPusgtOcDBBW5e2wca8QgxT9c_Rsp4nwH9f77TD3Zee3TOtch413KZY67jb42vblFfb9AJNtN30zG7SXtQ1XQGqSvAScfZk3M2wNXA5H4-kAbl5o5AcAWl5xqWlEAoJauem8roFQ1w4PCaNTRXfG-wF56Oi3SJA_WsDKwHHLmcOCy0HUEeE9-tJS4D1oqhH8u0rDDT9q3zfEg8SWIxW67Hck2e9oBx0UZmBxqdq_keCY_i6YnlCjaTKY_gvLi1cRO2fm_iYlSLeSXLXoKUhmtCxPcYeX65U0kf_zxOgiHPl_Pcw_m5FVEPa2PpXtLHRAFBPjUWv4s6MM873rV6Slhrr7BYS7uJAi9VK845mt4qNeNevKBKFpZeS1unjhKu4fiUmAeLeXwolE4b0FFSlmJAUk0UMOunfQHjbHWq9U78XBGi8W02LkScLh6IYRSzjlrDUc_--A1iqzNZSJXr44_dGCse-e1Mzh5DjVxc7J7w2gVoqc2wxoh0v9VP6IRqxGslFsyval9LlG7h98aCafD3s2VBQ_JodvIdbo4uljwCoHSNnWbM68yAJFZBY2I4Ptwk48_bgnlhRmUDdNYqMsh51vRTRH0vVhILKEq85TyvtvXwp8VGNVNmhkyENfwTDwkECLAVLhJnTsZ8jChhewxTFjDVxHDVgjMF5tiaV4EieW2njq-ErFcy4d4aDjcbg0f0OACfgQldNTbyb-s4QGdB6Qq1PSnWBxX07qP57XL8bY2YtijloZxO_Kll7guBfkM-jB_c_io49r8LlqV-a0WgvxdTHIOZyGmHdFvhqTxKMkxAtwOhmKhzLjdU7amZm5oX7TLRTeZP01QN1-EG4gwiPvwmu3vrUBgntsigypSaGYoBMJCfed3H9y9-V2t611xPxC0m1uFkJw6FMcAcIbE_xE1wQU6e1TRc-_RMw0E-yMUh7gXAV2ZMWRH-N58yLhxwQmvHN8nQ3vxRPK5SRgT5qnxXDxt8ZnwMFdN7Oy3gt-vUg9Mf_kEdu_OSAnPx9XufQ41V6zIEj_BOmqybz2CfJ_FhT5P-6NsS-y15P9W2jinSkE3J7Qsx7269J2vAsi22QgU1K3n1azEdR3RjsihfwGCLqxpvt-BCs-gSSdKg-NJ4Miq6urSE9GsZwkln0n3eNOfZm69mO8CsMfXfLLg5rD_4okgTRsyXzeoqZ3ynDJ5okG6kDLkktvvNgADYkU74v-cAENHRt4OxG3AjT4uv3psS5Fb1J6lt28lQhwjjEvZFAi0_GvlbfJtOIhpL69YhR2Y92fVHnrBosKSxg9HfTDQNDmUFphkZNqLW2PlJyRSXkcRB0MFaPQJmhmzoAGNOfFdrKKrVKNaXgXiQV3PKMLWqwjpq-yk7xI0_DLnRFUj91XALJxgea9Oo492eKyLOhg6Y7n3FmL1WF6V3ST3gjxZQJi3z29Tko7XunFfDIkWQL_sICD3Wh5m_Ez7mlRAAwCavz28bpx1VGPRKj8OI4svNDgWAJaIWXvuFYgoTvwxF6r90em4EPwkFGmh-iPBgcba_jXVWKDf4OUpDpG5kny6GR-no0l-uxTXSVyS-FgmzMHLPpGGfIbHUsZyrDBn1Kl_FAQZNTImimZ63aE3TEOPAa3dC6lN18DmpXizprQYlPgu5eKU12k9XMfbm10FlrMQLoPcFfBVgFgfTuDmONi4PimD4wNoQOpA8G77RyvQBy5OsQMuaiU7wWBWCgkrL7nfqIkNiu9Ylz_yAbK5ZnFowrBco-Z4SmUWLrkdWpid9EYJOT-KuUuuPTxa_T4JIGn-X4U0yF7qXGAqTiOn5E-snlgHbe83AQ0zQpFkdLDH63EIuHnnlsqboBLOOpPYrBJiMXwII7P4QnEaRa6LYFt-0ogX1xj2czOTgKcsVbslFSpoJWGYUuogJcmKSh-Us6ilulqxdUykzqHns9glxShIbNWU-0978n0LF_a5ayyuzHgeWGf8IayaIOB0DcpVsOqdzcxGv0o-fWq-0PBX61_5N2tH1AwCi-oxnzD9qcHbachjmYqeJs9gJ28tLdwvV9h-eznaAl-fOxd2HuqdHwLBNpCYshjSw0rYVvmPEVEKT-jlM6B1A7NzUgSjl6HaowDPFaen--Zeb84xhPUcGbQUFXtWhl9gQvFqppYJbarBSV5p5nmjYfLSBzqy4veioZ7tEozuaTwNlktnH5J9pJEjxaUBdQJtL38iB7EjVfbBhXTgPPPL7UI1I_rFrybwmA5Jc1kpe6J7c_eOg0AMRf6dwP-NHe2nR-ypONtSw4UpcLXyV-yx15t_VKalSXDxq6VbuDtdTDCvPKhBqAAb6Q-cVkCDB2d_BzX5sNoCfV83kzXpfUu7-vSOGi_lExj8Rm28kpCgloZ1oD9hKLoOuWjvCQpEii4Gr7Dh04uEmiAPOn1bEB3ECqQFSL14CaKw6pM0dLIStSwpjtwQDIW582P_ZvXzbE87WHooxfNlJNXgEEySanNoWI3JGW02nPzZeQxzi4sOFBUD33mLYMbWADkvAUu2wSmZefEQ_KXX6exfOwCpfTiZUotDNq6NvYFKP7wHXKq_2gdjf-RfUdHJ--ZB76feo1pSXhes95gGZNU1G1YDsi4_cZvQtHMi5XnzuT1o6rxx9Kl0ghpdDKruyFCVrqiTDSFarUvCWh85V1&pr=8:E564CC02B563DC02&cid=CAASBORovoE&rfl=2%2Chttps%253A%252F%252Fearnme.club%252F%240

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5c636ddb6491c354acfce0d6ba725a7bf8dfeeb6ec352ce5ea8bd23b06bb268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30425
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C2B 42 B
63 B 49ms
48ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BfApFCuYwHQ83C7Exqx16IMiPX4DXQlgqPmh2pEyRPRGG9lzup_3TgMl8uQHspDSKj6YQA5axBn6CYi8XwPwcZIqRWdpJc2NuIAoekka7hQTGrt_g

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 e6add2db-9788-413d-bc19-e2851547deda
beacon-ams3.rubiconproject.com/beacon/d/ Frame 5C2B 43 B
378 B 19ms
18ms Image
image/avif 2602:803:c003:200::27
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/e6add2db-9788-413d-bc19-e2851547deda?oo=0&accountId=17210&siteId=397268&zoneId=2229032&sizeId=15&e=6A1E40E384DA563BCC056C252697AC1FDABC09D0C56BE449EF6A43EAF71A9844780D8F9BD745E5E51469C5746358FD56FE5D718BBE08EF1C5AB3A8D89F583976C074A78175B0AA96E6088CF4473F8EC78650C0E0696A95D092E30BB59957EAE0EF92D1CB85C131363BFCAF857F7D6BFDF30F822709E03C15B16303A5FE656C794E6FC96756E5E571E1CBB788CA88E10F87B16A1370637EB643F6EC824D411C65AA9AA15FEB9F8FE824C883246CB5DC58D489BA13169BFE64535FAF19C84C12DE

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:19 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Type: image/avif
Cache-Control: private, max-age=0, no-cache
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: 01 Jan 1970 10:00:00 GMT

GET
H3 200 render_post_ads_v1.html Show response
googleads.g.doubleclick.net/pagead/ Frame 28D4 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 13128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 4980
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 10:42:32 GMT
etag: 12223946614886178233
expires: Mon, 05 Sep 2022 10:42:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame 5635 7 KB
3 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13385bc296bb2dc9cac61d19963d6868de43445187fdb91b6980e892773a1c37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1370
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3151
x-xss-protection: 0
server: cafe
etag: 3095951791532391640
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 14:58:30 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame 5635 85 KB
29 KB 17ms
16ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 5635 0
819 B 20ms
19ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QKPBvBMDwMAAAMA1gAFAQjf6NKYBhD1h5iqw8HLtXsYjYHql4-bxtEoKjYJZoaNsn4zgT8RQMvmtuwsfD8ZAAAAgOtRyD8hQMvmtuwsfD8pZoYJJPS7AjEAAABA4XqUPzDbr-0MOJhQQOUeSGVQoZ_pJFi18qABYABouJ_DAXjb8wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi-AAwCIAwGQAwCYAxegAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLUMtRDdqOVpFTW9abE8tYlFPLVhMVVpldDk0aC1laFNaTFJkN3hjalg3NEloUi1kck9SNUk2TkhTVG9lcXFtdVpHLW5wcUVjeDhNeGFoc1N5bFY5MXlSd3JIUmZ3JnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzg4OTMyNTI1MTkxNDE0NDI1NDkiCDc3MjIxNzkzKgQzOTQxOgEwwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKGf6SSIBQGYBQCgBbzQj9jslKSCOMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaHHC_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxNDQ4OTE4ODg2NjS6Bw8IABAAGAAgADAAOLoGQADIB9vzBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=c3ef6bbb3105370f108c619dbd1fbcadeaf8b984

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: eeea53bc-54fe-44b2-8df6-55e5d1ca23d2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5635 0
20 B 48ms
47ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-D9cd-DN8opN-jmsoaSE42R9vJYPMFi1RbBYttaZK50l8qz-nuUvK0K16dazq2W4Y1ybw6YQFSVF9qKX98Tvwmdaggvsw

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 75d02d930b.html Show response
tm.ad-srv.net/tm/a/container/html/ Frame 68B8 4 KB
2 KB 150ms
73ms Script
text/html 144.76.87.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUP3QAhFfjEMULjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAZSM8LgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96723%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1235416354
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.87.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.156.87.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 81ad10ef2e72a790660a767c40dbe9997036c0a480b7769cd9219578bdce15ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=utf-8
Expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame 68B8 85 KB
29 KB 14ms
14ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 68B8 0
819 B 15ms
15ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhD0gJC8tZzE4gsYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAAgOtRyD8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w26_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaLifwwF40_MFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMheDJUaFZRakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOdXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBMk5PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCYkF2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUt4ZDRrZzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MDY02gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgH0_MF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=bdde42b3ddbb1c76b515da0811789e700d7037a2

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 80ea457b-1bff-491c-90a8-7da13d793a81
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 39104ded-0abd-46b3-aa40-96feff44ba4b.gif
crcdn01.adnxs-simple.com/creative/p/806/2022/6/30/37554855/ Frame 8AE4 7 KB
8 KB 8ms
8ms Image
image/gif 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/806/2022/6/30/37554855/39104ded-0abd-46b3-aa40-96feff44ba4b.gif
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 5dbb5147d180034bf86adfe8c60a4c1c7e777b1e13ada51d26a6b8319f76791a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 5631723
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 7642
X-Served-By: cache-lga21936-LGA, cache-fra19144-FRA
Last-Modified: Thu, 30 Jun 2022 10:25:25 GMT
Server: nginx/1.21.3
Cache-Control: max-age=3888000
X-Timer: S1662301280.271905,VS0,VE1
ETag: "50300dffcb630b07c5a0b91366239ffe"
x-amz-request-id: ca5ad17f-2349-4f55-ac6b-f78e6a9841bf
Access-Control-Allow-Origin: *
Expires: Mon, 15 Aug 2022 09:59:16 GMT
X-Clv-Request-Id: ca5ad17f-2349-4f55-ac6b-f78e6a9841bf
Accept-Ranges: bytes
Content-Type: image/gif
X-Clv-S3-Version: 2.5
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame DA65 52 KB
17 KB 8ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34362
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:20 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321487
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301280.273989,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 8AE4 0
819 B 13ms
13ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLFDPBMRQYAAAMA1gAFAQjf6NKYBhD9sfLYwcmy1gsYjYHql4-bxtEoKjYJ_Knx0k1iUD8RV7ZqMj4nSD8ZAAAAgOtRyD8hV7ZqMj4nSD8p_KkJJPCaMQAAAEDhepQ_MNuv7Qw4mFBApgZIAlDSifWvAVi18qABYABouJ_DAXjn8gWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNjA4MDUyMywgMTY2MjMwMTI3OSk7dWYoJ2knLCA3MzkwNzkzLCAxNjYyMzAxMjc5KTsBHTRnJywgMTgzNjU3NjUsID47ADByJywgMzY4OTE5NzYyNh8A8IuSAvUDIUtWYnVzd2pvNDdRWkVOS0o5YThCR0FBZ3RmS2dBVEFBT0FCQUFFaW1CbERici0wTVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFyQUJBTGtCUVZtaVdVNWlVRF9CQVVGWm9sbE9ZbEFfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBY21Nd3dQMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall3TkRYZ0E1a3ZnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBV2RMNmtGaXhwTXdfQVI4RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGWlBBRnhmcmdDUGdGaTVEekFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRzhXamppTFg0NUQ2b0JnR3lCaVFKAV4NAQBSDQgBAQBaAQUNAQBoDQhMQUFBQzRCZ28umgKZASE1QldiMmc6-QFkTFh5b0FFZ0FDZ0FNZkZvNDRpMS1PUS1PZ2w9SRRWQW1TOUoBTwEBCDhEOR15AEIdeQBCHXkEQnABLAkBBEJ4CQgBAUFFWQHAQUFBLtgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi_yAhEKBkFEVl9JRBIHNmkxHPICEgoGQ1BHARQACHELASkIBUNQBRRcNTMyOTM1NDTyAg0KCEFEVl9GUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVgRDxALCgdDUBUOEBAKBUlPAWAEBzdpnADyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwNCghTUExJVAFN8IsBMIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7bAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTQwqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDTgwNiNBTVMzOjYwNDXaBAIIAeAEAfAE0qENIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBev0T_oFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBvgB2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADi6BkAAyAfn8gXSBw0VdgE4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=a672e775d866d320610cb25b876aee72c9e9596e&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dgxkvise%26e%3D1834762243861,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dgxkvise%26e%3D1834762243861&

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e3cc8a1d-64e7-4343-a90a-cd876cf0ff96
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame 8AE4 85 KB
29 KB 12ms
12ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 8AE4 0
819 B 14ms
14ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QK3CvBMNwUAAAMA1gAFAQjf6NKYBhD9sfLYwcmy1gsYjYHql4-bxtEoKjYJ_Knx0k1iUD8RV7ZqMj4nSD8ZAAAAgOtRyD8hV7ZqMj4nSD8p_KkJJPCaMQAAAEDhepQ_MNuv7Qw4mFBApgZIAlDSifWvAVi18qABYABouJ_DAXjn8gWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNjA4MDUyMywgMTY2MjMwMTI3OSk7dWYoJ2knLCA3MzkwNzkzLCAxNjYyMzAxMjc5KTsBHTRnJywgMTgzNjU3NjUsID47ADByJywgMzY4OTE5NzYyNh8A8IuSAvUDIUtWYnVzd2pvNDdRWkVOS0o5YThCR0FBZ3RmS2dBVEFBT0FCQUFFaW1CbERici0wTVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFyQUJBTGtCUVZtaVdVNWlVRF9CQVVGWm9sbE9ZbEFfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBY21Nd3dQMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall3TkRYZ0E1a3ZnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBV2RMNmtGaXhwTXdfQVI4RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGWlBBRnhmcmdDUGdGaTVEekFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRzhXamppTFg0NUQ2b0JnR3lCaVFKAV4NAQBSDQgBAQBaAQUNAQBoDQhMQUFBQzRCZ28umgKZASE1QldiMmc6-QFkTFh5b0FFZ0FDZ0FNZkZvNDRpMS1PUS1PZ2w9SRRWQW1TOUoBTwEBCDhEOR15AEIdeQBCHXkEQnABLAkBBEJ4CQgBAUFFWQHw10FBQS7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQNODA2I0FNUzM6NjA0NdoEAggB4AQB8ATSifWvAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAEOcNgFAeAFAfAF6_RP-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG-AHaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOLoGQADIB-fyBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=1b59c8cabcf6f5fd1a5f472bdf14ab9b9f61284e

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: dffeac65-3742-4922-819c-94d549eb9c33
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 75d02d930b.html Show response
tm.ad-srv.net/tm/a/container/html/ Frame 5CB0 4 KB
2 KB 119ms
45ms Script
text/html 144.76.87.156
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FnyvqSOsokT9k-Avqy8mGPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUPzkfOsE94mtpjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAXCUTEAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdNkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA5NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDk0%2Fbn%3D96880%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1431256302
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.87.156 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.156.87.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 9c82eac9959155428273174dc54a59b0b1c3860d614bfad246c480239017e9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=utf-8
Expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame 5CB0 85 KB
29 KB 16ms
15ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 5CB0 0
819 B 18ms
17ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhC5vuiJ3Mf4tWkYjYHql4-bxtEoKjYJnyvqSOsokT8RZPgL6svJhj8ZAAAAgOtRyD8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w26_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaLifwwF48PQFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhNkdTbWFRakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOdXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBNU5PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCYzR2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUxoZE5rdzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MDk02gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgH8PQF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=6eff846eca4f103020d3f6338b099549e24d1a20

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 998f9767-5ff5-4ea7-ad2c-b0565b2936f9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 index_0_250.m3u8 Show response
streaming.playstream.media/storage/videos/489cf6ec-67fb-41aa-ab10-6385d5071f8a/ 665 B
773 B 14ms
14ms XHR
application/vnd.apple.mpegurl 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.playstream.media/storage/videos/489cf6ec-67fb-41aa-ab10-6385d5071f8a/index_0_250.m3u8
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: 94aab20768fff5dae0deaf0df74343dcf83837dedd4ebd01135f46440caed61f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
last-modified: Tue, 29 Mar 2022 11:34:57 GMT
server: nginx/1.17.10
etag: "6242eee1-299"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
content-length: 665
x-hw: 1662301280.cds139.fr8.hn,1662301280.cds164.fr8.c

GET
H/1.1 200
OK 39104ded-0abd-46b3-aa40-96feff44ba4b.gif
crcdn01.adnxs-simple.com/creative/p/806/2022/6/30/37554855/ Frame 6228 7 KB
8 KB 10ms
9ms Image
image/gif 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/806/2022/6/30/37554855/39104ded-0abd-46b3-aa40-96feff44ba4b.gif
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 5dbb5147d180034bf86adfe8c60a4c1c7e777b1e13ada51d26a6b8319f76791a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Via: 1.1 varnish, 1.1 varnish
Age: 5631723
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 7642
X-Served-By: cache-lga21936-LGA, cache-fra19144-FRA
Last-Modified: Thu, 30 Jun 2022 10:25:25 GMT
Server: nginx/1.21.3
Cache-Control: max-age=3888000
X-Timer: S1662301280.298295,VS0,VE0
ETag: "50300dffcb630b07c5a0b91366239ffe"
x-amz-request-id: ca5ad17f-2349-4f55-ac6b-f78e6a9841bf
Access-Control-Allow-Origin: *
Expires: Mon, 15 Aug 2022 09:59:16 GMT
X-Clv-Request-Id: ca5ad17f-2349-4f55-ac6b-f78e6a9841bf
Accept-Ranges: bytes
Content-Type: image/gif
X-Clv-S3-Version: 2.5
X-Cache-Hits: 1, 2

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F6A7 52 KB
17 KB 9ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34362
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:20 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321488
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301280.302317,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 6228 0
819 B 29ms
27ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLFDPBMRQYAAAMA1gAFAQjf6NKYBhCFmrOT5LvJkGEYjYHql4-bxtEoKjYJ_Knx0k1iUD8RV7ZqMj4nSD8ZAAAAgOtRyD8hV7ZqMj4nSD8p_KkJJPCaMQAAAEDhepQ_MNuv7Qw4mFBApgZIAlDSifWvAVi18qABYABouJ_DAXiI9QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNjA4MDUyMywgMTY2MjMwMTI3OSk7dWYoJ2knLCA3MzkwNzkzLCAxNjYyMzAxMjc5KTsBHTRnJywgMTgzNjU3NjUsID47ADByJywgMzY4OTE5NzYyNh8A8IuSAvUDIVpsYWEyQWpvNDdRWkVOS0o5YThCR0FBZ3RmS2dBVEFBT0FCQUFFaW1CbERici0wTVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFyQUJBTGtCUVZtaVdVNWlVRF9CQVVGWm9sbE9ZbEFfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBY21Nd3dQMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall3T1RqZ0E1a3ZnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBWFNMNmtGaXhwTXdfQVI4RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGWlBBRnhmcmdDUGdGaTVEekFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRzhXamppTFg0NUQ2b0JnR3lCaVFKAV4NAQBSDQgBAQBaAQUNAQBoDQhIQUFBQzRCZ28umgKZASE3QlhRMz75AWRMWHlvQUVnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGhBbVM5SgFPAQEIOEQ5HXkAQh15AEIdeQRCcAEsCQEEQngJCAEBQUVZAcBBQUEu2AIA4AKbhU7qAhRodHRwczovL2Vhcm5tZS5jbHViL_ICEQoGQURWX0lEEgc2aTEc8gISCgZDUEcBFAAIcQsBKQgFQ1AFFFw1MzI5MzU0NPICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BWBEPEAsKB0NQFQ4QEAoFSU8BYAQHN2mcAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3wiwEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQNODA2I0FNUzM6NjA5ONoEAggB4AQB8ATSoQ0giAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF6_RP-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG-AHaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAOLoGQADIB4j1BdIHDRV2ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=871f3fb6bb1ee147c88da3d1654bd73eb2a195db&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkkhcmzjfb%26e%3D1834762243861,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkkhcmzjfb%26e%3D1834762243861&

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f79098da-90f8-4d52-8aa1-94be9e7bb73b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/227/ Frame 6228 85 KB
29 KB 17ms
15ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/227/trk.js
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 08:56:29 GMT
Server: AkamaiNetStorage
ETag: "6a0cd0532ee3ee4311615d1638090572:1661936189.164265"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29299
Expires: Mon, 04 Sep 2023 14:21:20 GMT

GET
H/1.1 200
OK it
ams3-ib.adnxs.com/ Frame 6228 0
819 B 16ms
15ms Image
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fearnme.club%252F&e=wqT_3QK3CvBMNwUAAAMA1gAFAQjf6NKYBhCFmrOT5LvJkGEYjYHql4-bxtEoKjYJ_Knx0k1iUD8RV7ZqMj4nSD8ZAAAAgOtRyD8hV7ZqMj4nSD8p_KkJJPCaMQAAAEDhepQ_MNuv7Qw4mFBApgZIAlDSifWvAVi18qABYABouJ_DAXiI9QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNjA4MDUyMywgMTY2MjMwMTI3OSk7dWYoJ2knLCA3MzkwNzkzLCAxNjYyMzAxMjc5KTsBHTRnJywgMTgzNjU3NjUsID47ADByJywgMzY4OTE5NzYyNh8A8IuSAvUDIVpsYWEyQWpvNDdRWkVOS0o5YThCR0FBZ3RmS2dBVEFBT0FCQUFFaW1CbERici0wTVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFyQUJBTGtCUVZtaVdVNWlVRF9CQVVGWm9sbE9ZbEFfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBY21Nd3dQMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall3T1RqZ0E1a3ZnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBWFNMNmtGaXhwTXdfQVI4RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGWlBBRnhmcmdDUGdGaTVEekFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRzhXamppTFg0NUQ2b0JnR3lCaVFKAV4NAQBSDQgBAQBaAQUNAQBoDQhIQUFBQzRCZ28umgKZASE3QlhRMz75AWRMWHlvQUVnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGhBbVM5SgFPAQEIOEQ5HXkAQh15AEIdeQRCcAEsCQEEQngJCAEBQUVZAfDXQUFBLtgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO2wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjE0MKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMzo2MDk42gQCCAHgBAHwBNKJ9a8BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXr9E_6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ugZAAMgHiPUF0gcNCRE6ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=c9709d7d834a6307a59bdc4d75a5123cfca7ca1c

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b6733fd0-7b00-4ad4-bdd7-f31af6643f0b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 7807 106 KB
37 KB 44ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
Origin: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 16:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Sep 2022 16:55:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 7807 8 KB
3 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DSl7JuZLEO5w-5jsixKtL_9UE3TsWxj_r5NtY2ray_qqrjRI3KYOUOxH01iskJk_phlLY4Q3dTWJNBJUOHHEZ-B9gz2g&cry=1&dbm_d=AKAmf-D6XLDybFAvoqeDqePabOKOGHYNrWrVRhKsQgwFoo5nrF_HxX7XJJeoIugErNic54jl0h_DZRPoCMwahps3ikl2UuQCnZzIDtOCCp0XYDjvGiqcElD9PYosVHSK-Wl6kHf_kbNRcorDTyTPEuTjymKUOJQO6FgZ6LYByxqvj8opNxcOkwOzjKdWy6ngM53bkdLC0QYfZtwv1qI8mCkJ_nDSoIfia_MqHYf5zWHzq6jWlQSEAXBhonkx_KWwSzbH-9uOxRDnYyiBKwrnRUh9RAxVwRC1mdMGUA2GsSs5Hqr6ZVWowgzL_Ju0Rfw44_XVgWL1R6dDCp0yKbiZpFs01Cqhx3g7zww-snlXBgi4qweCnhiGAp3s-Oz8DfKdtq7blSkbNki7d-Q2UmGrerRPrye3-_zWvghjuKxRcoX-ePQm9lPLUXanm0RakToPP8HOdk2uddyyIgDJB85E7FKfIM7iurOBbkXlIblrraOCZH94luz_djQjGXHA_u7rcg6BromNGPr8PZXX-U1O2nCxMOs-RVCbYLOaGTuqBdkJFmgaZt1wRTMOO1lA_Y7LcGgKBFVetXXSL-BqZFSZOp7SGmeMELPcJyRK1mH9M2nkPfJJs44JriQQUNbdent0UQXOAY1Rt-vzJ77FR7pTxshSfdhTKFGs2EWuHQBW_Ik8TXOPVYFyLR0Ogpcpu-f2459SapT6QQUnzbPSdCMxrX2E3Hlz9zsUrjhrdOdvIlhTpEqQVcGhZ7vM2Qs8sZNsAdl5c13y5dD-JU8rXHGL8Q_S-IS7KpKrsD6UEsNk8Cufvrf53J0cVsXC_hdNfDbJjyX_XwEPmQJZrniYl-EiYjaP9SzX-Xx6qB4llRRdMQtqODlRq7PdNoKnwt7pDJ8DIQK0iHfGe6s6jIBvXZuR8qfDKt_yO8Ql2bD-tbIidkJtI8e6gDZJrdQkZ_qiQ2cCCQcxBRgm2wlIChV4gEzse_el-eJmd8CsOhs0_AmRb06IH0NpEsFyTdr4xLbe0Ux_7OtVcfK04TvRwUgPARtQzrxvJN2__P0gw5OSwAr2trJ_5CGl1AME_9IqJBjyc6Ox3dWJWJb6cEHI7726UzFCcFHTC-oYxRcAw9zSUV2Fd7ui9m5QIDxFZMpCVMokcJ65JGKhzt6GpN4mpuy6XhSogcGQ1tduVohHxXGURDEAMhnVpLy4mkI6Bufi_cCa7IQO380xYUcKtUeMrGG0grAluw-gNk_e3QLyP2MOQ8uCTivufgheWvv0hduSgIlmwd9x-B7CZDmw2WOndyyxyK3tnpjKTvouwN-JEJ-J_CuYjDowkR-n1Q7_NCog8EuXSihDUKTalIGzIX_Xgr2yEdQWKn4BF64ufMBW8rJtrUxofb_SiuE17-epBTr1kY6rvT17HZWsVwnEGig_YzFb8DdqiPdPYdjXzp_NgJSO7jUcKofp81hbycIkJUbu3DZPrwZvucw_sY5MeBgNF_4sTbud-FMHWNHXosEbFwRThE6xPfGI-w1E-tGn3RwwGWqqzrMLEsegdYE2J0U2bTAGt_xCtmr6czlnhCBPRWE2smaHP0lJkfXNynztWaQhQ56_LAFEkn2-jR6QrEraSeYJR3fWvoENeL7vaz5O5W9IrfnvjpxFibrT0eUUWZkSV0hM7ryGUVY1h4aE-oK6meAelDqRTedNmblbcrHwbb8cOisTtnV5l2dtdiLFKNazw26tpRN7eO3K1IEOgBbWZXKZGwQ6NaBTJ1zC3wrsJXwur6FMXY-PcJ8xVBi9rhxaa6TTH2WqB-6Cdh1FufEJS9Nx8x454uUZVx5IwZw6fgEG65wPQIhQGWsrLaXvAEgj7qRzRmnv9QI-fdfRDEsrL2eTwUyfSAAUIxFKsBwXM7x1m523eb-3xm3sxFlAcvUoNdW9BzYwARbbeS1XPChsAIqlpkHfS9T8HMK_DGFbvNOZx-ywiam683hzMNhPkrOTCDp7lcOb_acv374CC0LCkNojSmLIsQXipnzJ-IVzTM5XmOMkDlNiB8yAPRDKoeeISUJpa-v6nyU2dKGXCj2JQ6jsB9Dqw5yI1JxmNojt8KQAJVWVzLtGkgxpC7nUzfLYxPy0_ZQX5Mh4N9r7QWr3R9wOadouFC3HwiTJZqs81Bp2KjoubvRxCcyBPTDIFE7mxehjL6fxeYszPJQ2q5rgEgxyIVQwJXerq0-l94D03RLaJjb9qw-dgchsUaz5u9gTz_TGnoY306FItVBd7ceWCfqgqoCcbSjETAV8EIDd12wQ3uSyn9k2MP8_TDu8p3bPvyId8yk5o60tMp9gz86yBY7JbB8Ty-5qwNV--hmyOhwOSZhjvoUc6zCb3gEf8ZZOq22zFfy5uCJBqlJt0lvXpGHPLhwFS7lPCsD8OnOHN8AO9lvnFRBDnhv9byPC6Z5xtHlIFrl6qnIUxC5lpeXr_8uSh60sWyjEuHFYMbDQl1rnQz1Nwjjj-r4RKgx7-RpKJqxeGf1Bj4HM4pr6AhowosxiJaukHvTOm2D4-L2TvEN0WdK7a0gf98Twl83mdwIlofYTWZJZh8xZIeRL-VD2g7v0gO37z6e7ZTpd7jSbujst8JiduC1bKFApCDubAhcMezU_TAfUvebRkJYo-lz8nIMLQZnDEEorjxG9bN9MJaR_6Sx2Lj8G-c7rWyHTEoKdPsiJ1EGYWGNL5EvU7t0tgR8pL6L4GnQeuvJjxdnVfjkfA3bY6PYeuLRhXDbndJcGveqGgtyWbntR0NSWC9MfS2trGZWqDTQBqnH2ncAKu3mTiBeAL3TY74Djt947kmFfgokinIlQ5IY0aYnOy9tBaDD5CIul6SdLMD-d76x2FodRVUzeiKUhPa64B9N8m2vW-0zPiTPYEkEukxw5f1iQVyd4pcBzBGG9XNeVkLcJ8djx5T7gMw7D0kbNTIklPOHjz2yqKhFB9iEZJTnk4oj-KjwphbyCMFNCKyr6XaT2p7TOmMfJ0YjByNuGFLUiXIJfuBqZNBC3iO3flpxVLE1xZmFNLkHqmo8TU7G6VNVifIx49bBLThL3DnckOxLew_1KpKL6VNODP-u9QUmWwY_y0ciXy9NFbII_f3y412PRXXrR8_yOuqo6r75fnhVS9DsgHpDqBwn9O3lj0nhh0oxtOD30vEkI4xDmzBMk9bpbw1vkc5xNcpv_XAhqnEe0QdKEokNTgZtelzBdnHL6DdQEWzQrJ-UAY5PQDBkZBGuDBZJtnIRFqlttna5K3gHpPzJSvoK7OoznvFrybQGmw5pYZO8xDnKaMLAHMmdCgtRxTyqZLBMPTV2E1hB551xVtSpn8_aXbkDioApOrWzezpgvqwVKI1gGKseeeXDsso2L8myec_rqNmi32Ib3JplLT2K72pncLA8GQ9wGpQYuTXx4TrI0bpN5-cC-99v3_YPfCGWCB8iLgK3cVcDX9NzUN6kQ27PdEE_9OxWMAOBlR69M8MwdiYgKbP2v42Frd_92BQ&cid=CAASJ-Ro83p2TMBMAikTQRm_CR_ve4w5swb-9Bh4S026nfPKYz9i1LzhLw&rfl=1%2Chttps%253A%252F%252Fearnme.club%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:07:31 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 7807 30 KB
12 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11778
x-xss-protection: 0
server: cafe
etag: 15541287485089275602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:19:17 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D67B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1

43 B
841 B

45ms
34ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYpNuh0QEwAQ&v=APEucNU4Ms4tbax9F8apIokoM5wBsGWKFKA0rgo2Fk4x3T7o1tp6d_qvhNskWHay8MPebUJ_cYspNUQUIGRlwsHsa2FLC4GC_LMoce2s3GD6rVFe6QAtry5jwS2W04lb1bvu9T4WU_ATLU4Kd8rnhpVjsQnZRt-bB_oz8KKb4vw6USb0sPVj29AtYH2rLBfjceXhpZPLcOArXCuoq4D3lAeiwzhNvFL1Ag
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 74575efb7cf98fdd-FRA
pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Nkjqw6qQlGkDWdIPYTw8i5Ya9CDW5%2F8o6buj0jGB7lh41JA8WecZLuCFlbvRXdC4uk7nr16rrQ%2Bi0KIVC0CmIkvV72RAyO2ttVgxtoocjcTzwIKTWVQHu7mRoGegT%2FqaFoYk4rRgg3QiA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D67B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxS0YGLUgret8.FuKMhcmwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1&google_hm=2

43 B
840 B

24ms
23ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYpNuh0QEwAQ&v=APEucNU4Ms4tbax9F8apIokoM5wBsGWKFKA0rgo2Fk4x3T7o1tp6d_qvhNskWHay8MPebUJ_cYspNUQUIGRlwsHsa2FLC4GC_LMoce2s3GD6rVFe6QAtry5jwS2W04lb1bvu9T4WU_ATLU4Kd8rnhpVjsQnZRt-bB_oz8KKb4vw6USb0sPVj29AtYH2rLBfjceXhpZPLcOArXCuoq4D3lAeiwzhNvFL1Ag
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 74575f001b568fdd-FRA
pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ckw80aKAz83nAQ0wZUakIX1liVr7cXwQJgx7iX7io5qIrUJsgxrjAAXlELAEhTACKRiMdUKhSafUjiIX6szFwe%2FhE6auy%2FvmJJct9imYuswItS4fLJIbJrP9Ig%2BCNa43lkGhUnoQb9YKDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D67B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGmOia40_moMJ1HK4IcOoWE&google_cver=1

43 B
1020 B

15ms
13ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGmOia40_moMJ1HK4IcOoWE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMel4gIQyoXsyAMYpNuh0QEwAQ&v=APEucNU4Ms4tbax9F8apIokoM5wBsGWKFKA0rgo2Fk4x3T7o1tp6d_qvhNskWHay8MPebUJ_cYspNUQUIGRlwsHsa2FLC4GC_LMoce2s3GD6rVFe6QAtry5jwS2W04lb1bvu9T4WU_ATLU4Kd8rnhpVjsQnZRt-bB_oz8KKb4vw6USb0sPVj29AtYH2rLBfjceXhpZPLcOArXCuoq4D3lAeiwzhNvFL1Ag

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2050b524-3544-4f87-969b-fd001355618c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGmOia40_moMJ1HK4IcOoWE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D67B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODIxMTUwMjc4OTQ2MDEwOQ%3D%3D

170 B
188 B

27ms
27ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODIxMTUwMjc4OTQ2MDEwOQ%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0917f383-7337-41cc-98e5-6fa9f23e66d0
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODIxMTUwMjc4OTQ2MDEwOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B345
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1

43 B
847 B

45ms
35ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGMj1q88BMAE&v=APEucNUg4YDLnj4Fc37p56xUOBTSTlZGREAe_tADoEXZUcpH_N5eFuy_D8qhcbjcY4_wWYeBEUVkdy71Xig6oKbamKR4GAn1t1K-CdWE4-Xkpq1SquxXy22A4n1Pvdr39Vah0XASjHjg2PNlZt9SEdxjDb0tlq8ejPP9GmlMnvPblTq6w71mNN3FHyb3nF7zOF7UGMA11jL1PYc-J-jVxOl0kKrvE3b4Mw
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 74575efb7cfb8fdd-FRA
pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rw7Gk92xZ9NOyGobbEyLfsH9V7nKLKhR22%2B0AmSQeletp4KOZpl%2BuEA%2BKQw207u2XU5cAa00WS2amGDTef3foD5YGaPsR%2B8lK4S40%2FzUhizxM%2B5%2FQj6%2F6Y5y9c7Cdt6S7VaYYaPx7ECOmA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame B345
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxS0YGLUgret8.FuKMhcmwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1&google_hm=2

43 B
847 B

39ms
38ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGMj1q88BMAE&v=APEucNUg4YDLnj4Fc37p56xUOBTSTlZGREAe_tADoEXZUcpH_N5eFuy_D8qhcbjcY4_wWYeBEUVkdy71Xig6oKbamKR4GAn1t1K-CdWE4-Xkpq1SquxXy22A4n1Pvdr39Vah0XASjHjg2PNlZt9SEdxjDb0tlq8ejPP9GmlMnvPblTq6w71mNN3FHyb3nF7zOF7UGMA11jL1PYc-J-jVxOl0kKrvE3b4Mw
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 74575f009bd88fdd-FRA
pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeSv1Vq5p7H5BDAIF6Qv%2Bay9Mzg79M%2BEtZxWq700w63kqH82MuvFw4QzGdc18oYv4I1Hyp9%2FWWsfpMzHYEoWFfQiyqZ3fwQu2CoVsK%2BckPQZ84%2Fu2wDuDQm7Z8h9pU43%2Fzqat1I%2FMr3suw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B345
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGmOia40_moMJ1HK4IcOoWE&google_cver=1

43 B
1020 B

31ms
29ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGmOia40_moMJ1HK4IcOoWE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGMj1q88BMAE&v=APEucNUg4YDLnj4Fc37p56xUOBTSTlZGREAe_tADoEXZUcpH_N5eFuy_D8qhcbjcY4_wWYeBEUVkdy71Xig6oKbamKR4GAn1t1K-CdWE4-Xkpq1SquxXy22A4n1Pvdr39Vah0XASjHjg2PNlZt9SEdxjDb0tlq8ejPP9GmlMnvPblTq6w71mNN3FHyb3nF7zOF7UGMA11jL1PYc-J-jVxOl0kKrvE3b4Mw

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ce29707b-39b7-4674-8bba-b82e9a7b8e79
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGmOia40_moMJ1HK4IcOoWE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B345
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODIxMTUwMjc4OTQ2MDEwOQ%3D%3D

170 B
188 B

25ms
24ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODIxMTUwMjc4OTQ2MDEwOQ%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e9adb6b3-1c25-4d63-bf6a-9f22c3bc98ce
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODIxMTUwMjc4OTQ2MDEwOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CC72
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1

43 B
840 B

47ms
36ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGMj1q88BMAE&v=APEucNWQ7CMEGgu7xoWrqeWfojz1ZVpB69UNnrXKGXvXVxNO8lmiwZQOGFPExeGd2RukMipOxNke_-eHrPF9Nzu6j1THT1190aYas-B8uArUUChzDQ2XXZ6P_8uw0--Tht_lZ4vfEaKpzeJcy-vcbULxQ7w0JajWKvWwiA6b-qV2aFnTYKuFQYU1AFq4pOJmpwrzoyxUWPkCk2EFGgdSXhqe2GYV3nKDQw
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 74575efb7cf78fdd-FRA
pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ddz0AwLIvuiVAqhFT6e62kxQuB4bCYtA0NbKjHckXak1JFpvcn3ihEjYWx08JhDY%2FX50FS1lWdAOtrYvWalPZiITMSpwnsrcX%2F7Ji48VlJw%2FL3YK6J2ujQpE4Ss8PjLPtdH0hjyQIrxsJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CC72
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YxS0YGLUgret8.FuKMhcmwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1&google_hm=2

43 B
841 B

22ms
21ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGMj1q88BMAE&v=APEucNWQ7CMEGgu7xoWrqeWfojz1ZVpB69UNnrXKGXvXVxNO8lmiwZQOGFPExeGd2RukMipOxNke_-eHrPF9Nzu6j1THT1190aYas-B8uArUUChzDQ2XXZ6P_8uw0--Tht_lZ4vfEaKpzeJcy-vcbULxQ7w0JajWKvWwiA6b-qV2aFnTYKuFQYU1AFq4pOJmpwrzoyxUWPkCk2EFGgdSXhqe2GYV3nKDQw
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

cf-ray: 74575f001b578fdd-FRA
pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfnzeHac1MKDj6aXapvC54fYgaQKpxXbyQuhcQxsgn%2Fjd9ES3SxNvb%2Fy12Sz%2FvFHTu8XZdcjWe0VFe33BU6vUdoqSDOwKWzRccKPkuTxHcX6rsdcDKNYs0HU0egHbxRsd3Uiyfe05vcGhg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBYBswykEMqS0ED9zHT217Y&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame CC72
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGmOia40_moMJ1HK4IcOoWE&google_cver=1

43 B
1020 B

18ms
15ms

Image
image/gif

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGmOia40_moMJ1HK4IcOoWE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIvVChCpn9ACGMj1q88BMAE&v=APEucNWQ7CMEGgu7xoWrqeWfojz1ZVpB69UNnrXKGXvXVxNO8lmiwZQOGFPExeGd2RukMipOxNke_-eHrPF9Nzu6j1THT1190aYas-B8uArUUChzDQ2XXZ6P_8uw0--Tht_lZ4vfEaKpzeJcy-vcbULxQ7w0JajWKvWwiA6b-qV2aFnTYKuFQYU1AFq4pOJmpwrzoyxUWPkCk2EFGgdSXhqe2GYV3nKDQw

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5460f6bc-1db4-4824-ba2d-c994b2150026
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGmOia40_moMJ1HK4IcOoWE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC72
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODIxMTUwMjc4OTQ2MDEwOQ%3D%3D

170 B
188 B

26ms
25ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODIxMTUwMjc4OTQ2MDEwOQ%3D%3D

Requested by

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1bba4820-4bce-4a75-ae05-90fdfa0b9261
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyODIxMTUwMjc4OTQ2MDEwOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1127614/65017073/ Frame BF8A 235 KB
70 KB 118ms
36ms Script
application/javascript 34.250.54.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1127614/65017073/skeleton.js?ias_dspID=3&ias_campId=1008609693&ias_pubId=pub-1062972861553303&ias_chanId=1&ias_placementId=18181649255&bidurl=https://earnme.club/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gcBKNTfN6q3MXYPRIIf0ZZ
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.54.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-54-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7ea7d6db42ec5295a07728bd249cae3a8c7876c9e13de77c33407d93d45bb542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame BF8A 106 KB
37 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
Origin: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 16:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Sep 2022 16:55:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame BF8A 8 KB
3 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DXjXeV0Q99YMIIqcUdqyNFwqFMASIMzoFOnXNJ5HCxLg3rW7aU2OlyWX0duUvW4rbuGRPUv2vsRQo7q7aPxgzjkiJTdtFCJMXpZTu0Z_4LOmZJAUjNkSSGui6fnhOvCZWdZ8kefYwHv51u1MBgzT4B813tkw&dbm_d=AKAmf-COMouqC7kbD-REkA5vE97qJDrwkMi_KVZLOMuQc0g3bVq2y4XVAhvNXz1XeyL-SbXioscwg51Guiza2bnLP4h7BpYhIFn39KeueC1oN88fvXo3f_3ZJJfUWhheCvXGMoHemBGiN15MKJ9uf6NhAkPu8UF7ctaxeVZItHkQKORrGGVD71nTtH0kS8NOGrt8NnV5y_u7m7VWbOpTavodXeHt9ijcnwGedfNot8ctX8FNpailrPfnB6jDb6taFvkGFtBue7CaLjL-1a_yslQaYF4aGmAja2QGLJKOn8uTcivC3MJcgu3ksLlzlG2L50oY4Lpb2y2q0ETi-IX0YcP8ZDh9thxr1kMZs76IP4jIhtScO8ZJ3kIaFOrWBKKkyMea5wKWTTZek9mjPuQhFCoi7RnMcibSa_6mWno5_-rErZOJgHy9ZmdRdCsCOhf_Dy3752lbz_KOPn-zBa-MHI4j79nOyROksp6cfFxaf2kjj7Rjbwi5CGLzCae9NJz2sBjINd264ldeUrT0OJA_3JNFGZKpM5oKPa2wXRh5cROW0QhLGORmdrmUc7bAPJF71s571P_eq02wQTaf4v7yJSw8OGsBUGSxwHD_MXOUg_MlxGSQD_gfH8yp8WYHA6XEMrzhj53k1_-WyjGOUmJFsUyXeqyRprbxYuGEaXtLDSUspHGufGF-MfjS-jdCC1F7UKohYgD8wgNwRrbXKkLPl-44zMNouKaZkooGnXpwFsivWuxGOhi1GF5UEUPuI_opT-6kHNvytr6FGL7PuCC7lBw2AuTlZu-Y9cHi5scynKNif3atSBFIXzu3t9bnVuVihlyrkCiGf4iimvQO990_YMmaImfukhlmf54HlMksin_rjbhBfeIqDVyNZ8qtF9tx--pCXVIzrp75iKCfnn22lg395UVTOF_yF0PMM_STmaJVp6IKqbM6uJxxu-VNNupccaPhzX_t1PFWwHRDCAr8QFkhPV2VBvA4MKCIG1j1nolhvk7X_jjmBFIh-3Q6KgYxYn-h82xndVG3uvtjAYqJsx2t-9SmpeGamhDzalQP65X5q8f7MTUZwUzig7FUMhTH-yoNiDBwcVO5X6cloZYndJ5Wb8rGsJ4GL_MowFDgHNvdPpv5iT9D_J3QFK7R-_3sax75dpCSLaJsOebpFb507pvWKkbASRwQYer1KLaz-JbBybqy-V5EoX3L0lkaz2yNBVFoahUBWjwcAo7VmXyucpefHdpIMphXMGphndLGNsti9_wnlByIyTA0fIF4NL4eZAYd-ptxy1QYcu1rmG8PlMYgiZvPx8mxgjLDDBPkTufWDAxWpgKrt-L7OBMsdKa0cfD136zPMCI3y1-N18BWFs36FuvXh39Kowc3G7gp2IIGP_tAowUgHHMVNZgHJB5CPTPhCaBuWhumVUptjq0BuGqf2UqochMxWWRc2H3k8JejELf37uQCQRKcVUpz0bZ7bDI-CTvqhZKZgxoNxxWqccLNXyiyzWkLSOEfqH_1QTyNrt_oqHiGsWeOyy8X-QmH_rFQ_Km7o5R3R5HyOCr0xZ7rKT_Z88PAt3ZWRJP-P_BcMpOk87ca7xYzNrkVvo_DsIYPyN-wHOjFZKY78iJC59jXyXB22Bsm_5tOPtG_x9Jz5k2ibb_BUhJekzyIwW_i9Jfhcv8dLl1H6t0jR1Qpj_xwoM5H0D-9fNK-15GABbsAeW_pJ9wBH0i-tFEFiZPguWQcjhKMRtvbAJVzDt_99VXySCzXTCQ6FadfFk-kCr2hT46p2-ZkZ5YRhwgnx-aZGYq47XfNYg8KCOIViBJMw6qFJUnr9uZlXamDwGr-ho_Hzf-q_qQKRqG1AKCbsHSvSIAobLkmNGbCUbNpuI3cIg6rPdZUt2s69J6YzCI4D7B_vXcrxo5-W9eXsr48eld0kA0uPii_9qkbNIxiM0z7MaCz8_AfEQ4KbZLe660ELVAt_TI-1YlWJxrzfaxOVYe77bU81poDrIOK9AKdJydXVvvGggs0lDtaGuCulfDivRxy3IZ0A6kSj2RimM4jYcB4B4fsh_nogTOROjyAu3kvxCjoHqwLjHNFqpdJz5feTWBVB52nFxY3RrdRAQ7cVYBag8SikaqobxsQdVfB3Mc48HL4KorDVKvUkPPYSvoTPstQH1FP9W5kr_rVoXLEqsQdq9LA1BYvyZC1abR8c-KCBAd0xWxEGY96DRw6tfK34fOt0D7grmOLF-PV9Zq_CfjWM5yyCVaJAa8-9NA0ydUQyBOviJ2SjXOcOwdQSRntma7oP90I0p378qZ50BM18qt-XnwEmLdmsXMsRvEbTCrCK_Mw50f_5P1VBE-sojxMye2SmNU8YR4ZWg4bsku-zfc3vwQCN4YLmO9jFPN7N10AEoRSXRV_9eBDoZyAk3ZUrfnd2OQe-tWnXafG2uyglvCQRhtSmz-k-eu_H5qneegu1LGCO2vH09h1aAuejfuEAFwpQZU8I62o-iT1jKoHUsMH_vs6CfqX7AzM8lm2yf-VfpzcAqZRhjDg_2AosUNyD6KfP3v_rB0vUgH4CJaduU0zd4K47yYUMhxY2XCToTmKuLpXVNa0Dn6JEh7H4lQKb_u-bmkxieNNx9M7HRPgTz89uSVdFcxfmfHudJIZMJ_UHd6OFZ5vFtOpifxBcHkwWN2q_IDCjHUCLIklXxgcEq38wwfbTzS77PJCVnhDfEUX6IJ6KyxLE6UjHCZpAHEj4P7lLrwt5KfA0SAl5WdxbrSvLr0sHlTAstuhSXAczPgn3A8cZws1osscP1EjotOJp5MQtNnJDEnf8TMZulnVwzE2jkpa6Yzmuq6DiilcgCjgaoMeQ_laK-ovgJs7OP_elVaT9PVdIHdQ4MWv4KxavUOjcd048WFlO9UHKyipu_rmnYS80XxZ2rOmVrJDbjpm7tq4_xMpYZW9db4pBKgNiSN_pwZHndaa3lHF852Hok2rvWrDB_I1Q4BBZfAgGaMEbJk7MnRTjlzW-k1EXmVnjPfSxDVdFqJB-xCEuNCe7ea-IJ0DMzPXbcMDYr6eUkEkFFAgiwcSEKjpV-9s-_mPpCsBf_jVhq-ffpUllgazm570OFwgnhDXeBihrS-MH7Re1ilfd1KQU3-NJyVLoRUVp-nCZmc1K05Srb42RZwhY6zvJYmIL5vaEkTkDjavcVy8XyDzvXLHF_F6bEs3Ymq2ehihzPoPuwhn0GqSCEhYKasrcYDOcHcUkmXcVU5qK1yx_vmb_FsVh71-6zeRI0xTmgZbdu4Bm55I5qaICjH1t24MK3KgAgtd3KxB3nFgp9xubQGFF8MpF1gsJuQIF_FkFJa3iYJi9-xTdDp2XI-l5QNGhps-oqRK9kK4pmLJDp4A4mVTlMnYy7lWZ0pR7V14kN0T1UBsnT_AjLHy&cid=CAASJ-RonjbfdHMOCDduLU6Ju4x90ZUyU5TqoCaTPWQIQlYEjuqdoW2Ukg&rfl=1%2Chttps%253A%252F%252Fearnme.club%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:07:31 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame BF8A 30 KB
12 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11778
x-xss-protection: 0
server: cafe
etag: 15541287485089275602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:19:17 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame E8CE 106 KB
37 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
Origin: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 16:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Sep 2022 16:55:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame E8CE 8 KB
3 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BiY-uGlfxWBvCVb7BITsLxLmFJ2FxvscQML0UAZNo9t_EuiHPJZp2LDJtf07v-WAQeF7QgrD0k82QhpPwyrdc6RM-LpA&cry=1&dbm_d=AKAmf-BdOGhJr_0cXKkNSz7s3gv-GDFnfRqRTgSzheqvW5qJcWVlDv02jDfflrbneGeHlFshEWa_se1SpRpN9--ArYcylbFa4wxhwCoKAeF94OoBC1JiBYoo1z4TGQyWCnMYZmQ3SNU5B5pEncvexT1gjlhrqKY9IsCT1EZkWbZlewqBnlm-VS_Rzf4R9IYOqNqjzdow4w4AQbDhxa-AsQRtJldUS0eyFpKneMuh-AgIP9FjNDRSShd5UJOlIBPdohgpEdEjihkOCB7Q2S-dpw3DFP7dHyWnx0F1JMgU2XThNyCEyQtb2JIa_xpfdVxfPXe3Hn21X7xGJI6yGNPjA8Opuf2kLFlLJFeIdBTlBwgKnrdvkqR8bsA8CSreHUKoxCml75lXCeTdltExnBan44pfCBTZqrB99hkGbSl8VLf9knvyyl4zIuNdnMH0q-NKr72bmIsLNgLscIjbCafBlQLo5wZBo8hUh6KQIv6apq081VQAAIGpBeoND0B6NxPVSGdMoDszQKDmkbC4fQa-bmppiITldF6_l6Ruz0m6LS0W1_nXPD6Np-3kdO2yaJ9le1IuB39mufYkHgA4-qBcIsgE7Pb8AwBe1BZGbXTRIkCG3AWeSCwrmxoanrZDmxnm2-a_CgzAQuglsea3WaAAfWT-DEmN3fLU_gnh3eZdhXPzc2Ar86CfNVQlKs1kPlER_uipGFgQT3_hIBhhCFCPpgc94MEaueNU-TcIrsHS-ewdziBxA0P8i4ZJLPNHntOOyUSBdUY5bd5hCO37lry7tkOQkgkNGCjaXyKSzN3szlu7TQcenSFrjM5ikHZBU8gowCJhdHNFBnUFr3zM_IWD0DfbyDptdi8Pjze9ABRDdsAiclgGFiJBeQ3wfmjswKFsjS6oB8b5VQIYWEMXdoiY4QGpmAC6549HxAEdS5McWJT-55FodufgnjvfJ1Bs0JiwWFXvhC-7aAvtS2xk28dnEwjd38qWyKPSEVGQd54eC28wwkG7ekO5d6txmLSnaa5AItPxjVVBefhMZ4oCpAmXdtH3mOuymno2M_a14wadEOoUgYW5O4pNmn75zzIsMblL--hEY7SFGRCbpxVtW8kl68yQT7w8wXEXttB5ZeRjMybnEj7NI3t4HOs5JJRPUd4vmsZz1pjOmC__iMJnBdmlD9NgrnkeflTjJdX-tVUEFLkacQFd4qxcqyBmRz17OqMJBZLCyiEn4rSf_uamIFb9YlTBXdkoNWQiQ-_ZFKTl7pG4kEaOsz-ykofQF9UrM1O50PM1QH_ZLArhQQWmzRb1Vk8EyfLoz86GvE6iXxpWDIU3gpOD8JEG6yP-Z8HzE77A5IASj554dFUE2V5pumRmKTElbAblpJmMuJzGufVfiQqaHhd8zvs4S2pkDZWidUa8Z6P_22OzWfc9RzHNWIJRV0g3K_KJegyQ_R72dFNrFmt4tNsk9ONjBA5WumpkeaQdEz8rUS900spVq06k_7fbyPGfBrdylWktDtXf4_unmeLzKXRpNyMrsjkDx7yS4Gv_uzijFsQ5LNDjriWqDdFkI-rPtxFqkbHZGSyKRtDJWFAazJWUjBayOJEjPYHYFwC_miPRfT_NQyYanCy64F3n5bij5uCEnDMwsyYkZ-BaGIoPR-W3RjaiyBiUR7B3SDxY8_eMzfC_EW7U-nQ6WMl8j9lBQ7wtR6jB6xTDKfmy8DEfAhdxM_cDcT2LcNgfVilhYokunMvllEcayYsPH0Pz8cOBPnFzKFx0TKTdLBVT9q_otl3XRWl1bThPs7vn_iXcvjxtiHezdJvaJC_6BjTFcSZRsiPuJgB_uVzsMXLw_Z0UOSAmFm2gxaw79HHhLCKpzVHQWVq5vumJLQPEL2vOpAvzZ-c89r2MEfzD4DhPWjHlpht5k3vEx2c8w1_M_JmTVb7VCfM47-SDwHDNusdTOM41BAbXb7qvU_K9vRtvAOVUY3cuSj2DhQjEMvct9Ie6k1ipk9a7nHkq_7qlA1H1ydnuTWCgCfgIZKdLLTY_mpQFFhZ8WDe1soJWo3zCAMp5bPPwBYWZ7acNS9LxRc4pjP8kAwzZT4h-WMt76CjTrtBeQEkzxnix8PDpVd41oFOw0T5s5obzILznXspXAxEOrveAMVCI0gJ2Ddjm_eo2CtxffXmsy7mR8VH97PowPrnCN71JieDFPiN6Af31ClO4xzw20hhBneDSuBFWmYsXilgitqc9Z9pvOBiqNorH3xhZIq1W1m0CL_C5dxmnIT2rFtYUGUqdKaHEX3iRuh0F6hLc8ZxtaGyJqvngwiHMFwcLF_oOfSPOsI78ndF6r2nGr9hZhuI8AlH_eFItW8V6FC4UmEB_-f4w85kHln69W8043T1RSgErVxATWKN9qd-CS7fjJpL6VnMPj2Ztnq-gKtAaTwSkBOSIElzivpzln4dw1fTYb8qrD8UFQr1d2tVtje9L2pJq05q7tzjp6c14VQNKqY65fQVRc4AZmfPedaJGdv0cNPRGsdBZr64vKTdTU0w1rqGn0wb5Dt0kKklCYcVtdlHINhI_5Pz-qdaXsZroQUo5knnhnWJ9qUg-zNknLf0RJLHiYpmeLVJEsyDQdr_zuHZjBUyApld2yBVDDmUsTa12BqfGernk5g8nykI4xGFCR_Soz8RckDJIXcHxdawf5mI_-IuL5bpqubgdA4nsrO1BVXQY5AuEO0zVN6feVl_0gp-D0Osp2nzfEWpxDXn1PYYXzuB9krV-0enMCIWw5NqpIfsOlOCbnNZ1iOQOhK9wWFbgRtJHssMqF2S-2k9CL4eDtavqp6FcUP5n5EevTonIqIEEoUmB5hvEIQ-b2A5Aor3zhOqVokjZN1Kbr-BHMXCWShZP6uuAdklM0AwU6r74RKGbhX1ZXaCUcKrEdx1qGjxPUMpyCIRI2nGiIgkCEchYTnMxfF7L8lMelI2BD-oOH82fIdYCeVOfLcKS42TWo9eu3Z1ezrPE2KfHFNBAjTwY5QypnGTmFu8OEN1xOa61N_KDRtnfMmXpkpr1lAXux-JeSJYi6j3LSxcHr6EpDXJQeU-3kXkg8Q-q14Kv5KfrczplbXVJICTLfSMIN2SUEoswHw8vy8UbnQGVqJMKOB9sc83_Lcl4wJBjiqEPSc8_fpvFg2Besu49brJErECKsU5Hzg3jiUMxkYSsUpQtfFHXnApE12hVcsUMq4mD0uRL3yPoykopCCgiScP3VcknqYHfW56T24no8DOwZqkG3cjf3KwXw52etwHUslYx3lGx9ZbRaclzwkvoSxsOGHW2B_-MhT27xoLwVN2Q4kC2DE9bRi7WXG0UOgyrrb3vznz0smRDsdIQXrOsct8rt-y1Yw6r7D_bdqh6PYb_44TK_cfzOAphH4KPCXFffYo0UgcENrp6mEokPgKX2t9IKOSNw14lg-WRHr5QGA9Bf5IJKQNhPH6s4QuJvT6zdwzBxKTl_wh8vh3XDg1v3symJbg1erLqCSgUCA&cid=CAASJ-RoDvMUe34CcV6qUiWv8_X7htqOqp1ws9Uhut-azKx9S18Q9LPGmg&rfl=1%2Chttps%253A%252F%252Fearnme.club%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:07:31 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame E8CE 30 KB
12 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11778
x-xss-protection: 0
server: cafe
etag: 15541287485089275602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:19:17 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E76D 648 B
311 B 55ms
51ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8NiZyAEwAQ&v=APEucNULggbGckJdnosTUmUgu_KmqVFZzC0iGUH8l1MCDetLzCjLryQ98X5x08LDWrBNwtS9BQkaHDSlDRVxhwrxZ4M9V9zBpWeekTc91F17S1UKzdtSfHB5jo-NzuNh2j7j6ThE1YryBdqILkalNaw7mVLyJANW-oNCQbN1pmYXFwy5QK6Ny5Y

Requested by

Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1abef527f498afd45a968e9d226413e58b40b21872f23164ff7a203a26f40b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 290
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5E6D 101 KB
37 KB 79ms
75ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bp7JWRUMRogF1yA5uG-w_Kj3zLp_HSYBJRDMSV3DhLkKKBnV7-FmNsdLJfZzDs9pWd8YXwnWwzvdDcMS8K3na0gId4Qvyp7ItWi0nU6ItXOxYPLzKJgzJQjIjTcGfWBcmy-ytMFyJSm1QSnhuar3WWc8V2vg&dbm_d=AKAmf-DSfb5m22A69XLSvs1O4ByQzo85DqSosbSqUTmtl5VoNsh7mkjECAhLkUf0W8SlAQZTh-U1lujk3Q31iWZSS2kmWpBntjrSZVlmz3G6QNk2aRH-ehvHHEhcTwxOG_AYqQHucKiA53oDByL2LeFpWm-XzWF2v17rfwg6Ka-Y6uhvahfUcbGeVgOphYS5aWpvuKX3AB3p6ju1ejFrG_D4i4U9iy_REXraJdMDeZO7rXF095wKAAq59toyb8BgX0ehduO-ByX2GRj_Qqd_jYi-iFdeCjVGYRZZSbI_hlNpL6c1ud0l_e0j9DdLMx8_RZHd3bjK6wfoEPJGJPl1RzdJbqsZokjP9AIp7WkjNNXcKTsivQay3f-lVQwhszGumZj1VqDtvKyk8buLJZLoWR1cEqONf1aieM7O4V8NQrEIG4wWN8JxPJ4E-_QNdM0A3XsxXnCvaNmG355_UODiFMNapxQDTTz9g2O6gANJnxPzBI9IGYO7iimTTvklu9S53itSfv8hf8zKjJlcKNMZcRshgVmwSxbyMzHhbUayk9tW2ntIijIaSOvTvM9KXXstIeYFUJ56mSL6QRodDrwALN7zgUxRqnyxeul9fT0DmYdbLyIlQlmt6Rom_b7wZTgg-yt1FveWo2yAMRqsfAVm1iP1MuCmH2xI7BBanbyStW0fJtD9ECAESrzIfIx3rAwlFpyyKOB2Y9k9yOs7OOSicw8MuTTptfYtu35BlCPARLr7X1xOalnj_naY39tZpM2L_eHdg7LwGOV_m7Bo4oOvn8VYDDo9Xk0tkJNvu_07jCPWDHzfQMCIu-ahHMl_vTDqR7HuZSxHO0m358FxXWuP7kfwnuAltKYyxipiVyoqNpa1mXv-XI0pSvlXl_Y2Y7G4Wlr1rgbBOoFCKBgugo16LMR7BH4PaM5vzALaxYGTWU5k-CUCo2eNP_5JLV9ZY-mKLPa76YSwADd8A7z1UDo66ZZRRmVw_3IrrXbEraesWCOvQFtcR0O-UfldugoEoMR6-s44tXg-21my_A75pMj37kahYTgVH4fr9xN-MGw6HL66E75i8pkq9vIl8Bl2d33iRfDbezuORH94EkFWcK8Ws7PuW3j_hOOT_7wMbirKHFRXoAhvVVSNn_na3Z0V_v9RXL82m8R-GOOXxL-pvAXj_DbQ-PjPmmFGfJHEWCBLTRPDztEcBBrV7dbBx0FxAUNR5QiwxYQ6Icj2e9YIkXCl_1TgBGn3UyIY53pKGPpuJJSIPlRE76IF_UpzsGlzLURvLpm5uujGnfaviiILMxGfnKJPWTDcnAPc6ihCdKjOwlbObC_2xggpA7b8BFNy0WX3b43RTd97OaYc0bFBL6gJGbIruWpiJSI-LS_JGNrRQX_B4hmOnXeQT_iWiAulME6co8xXXbT0kscwt19xdGXZcZ8bv3OMcaa-jns1oGB_qZXtcHf1qCRe6oqMq_0a084RLFeycckmyexd7OpCkz3DhDKA2p8xOBSqwdSpfoj3xBQ-ypP-8dDyvbpm10hS4Gjj4t88Q1BNqAZBqdyEqnaGx5iBD592L0hW2m1ksvWkJ57BdwNwoJ9Mc2ZsG1SwFtLic7aNenbBEZbjOqUibi4erY2m-FPfhejAy9OgScOtvB-0lgLKb1ZvRAti__4tJ1iB1---hvAQ52peAyyti2sCK1MZnT2Ar66YyVFqB7-pl_0zOPDpXRCaFOsQ-sek5XpytMyxBAEE27fVSHoxksSGuckqB9Tk77BqORz7pqmSAyMqCyWX3a0fMvJDGuP2_trSYD5dHZBaW4bccY0PeABWRskSl_pp524XKGBhMoRdX4ll8OpRw0dyPN6rb4Kve4Iz34-uqpafC8Wvjt5k0KXI4HMeJx_iOxd23O0Vuyd--z9qUKNIij7FQ-dG-LfJ_YT_mIoV9Qoupln2maHTr4x52nhb-ULib6g9g6m7_mJJbZ0TgOJz-vbzOUeUc3A9uE0anX0nKNQ49Jh3Z-Cvi8Fm0lKOGA5otUs2ubKBjR684jMkhrVqLhTct01VW7j8yU-aXacd_W8DA8j2kIaq_nvJRwG3VNJtSM44jcHEO7kPjafIgJ2ZqVUjZ_E8rwk-EP4PD2kjLx8Qh2y0YnBVD32YyfRsYKa9qD2ca1hy-37pTnB5weX5DvMtU7fKQjk-7YIo1XvrvL_DqdkSOd3fcsP3Y86pOtWA0yBgAsJQrRcG5myNQQSNb3AcXgW-E8fna0M9M8iCXCWYOnu978HAr0k28UPBVLBUlSz0ajVfz9ojRQtXvt4pBboL1qZEOKekYS3TzhiCfo5D7HlZMsNbrcGFH6v-r4JRTMfOpMCOL9fWh1BFkE79SVM2lGmqRDkpDhA0DQvtjeHUt7fiXqXl4XEd3ld-I0mWuhH_nnhrEY20svhuq98Ljmt0v5h_L_MmNVLaAyo4dfU6pgmi0_5eTn5cYsJqwhS6ZxBO8pYlcfuq3vcsI0VSqnurNMRr5_sT-L9vnbAyRZ3LJ5zij0RzcIMeE4CN5Tb51rseOhd2qioUs6hu1eZeNDxjSnWviMuSL1ZcFENPGUredUxZpxNuBpGGkYvqdwTceqtdajCeit5KxrYo94pfft2F2QXw9rE52YCzx0UyCONmBtPhOQMkWjoaRNgb32lm7mvTZ3xI3OBArac7Wly7kPvX6_ZpAoA7LQ-CIO3ilXf0aVqs_M0YcNuq3rPhZff76T6xicyGbL39r3rMExTvMCwJsKeuW1PFpsD9KK4ij6TViK0yYcmAxm377JqHgYKii-wdc6dxwW8desfbFyihPWk2yQWAklPIWshnmYtXOBAa7jMJ-pq-O9E9LZ_VuSL9TNGW6fc5kC6cqzLU5qmlzc3VX6wwq19mYnJpxPZfx_NLU2XbIWJNnzQSho25KuY67g4vxtX9wWrVCO7cRp-sEN8mxXmdMRZOTW8a5qEX1_pJREIWFLMCErWyhl4ArOjIPbVr-bBZ-fD4hfQIimdbZuxqhNboBYjtEoiknj-fYFz-lamLBAeGazde69v22QsrNYu6gx0LLte56U_b8-2N-r5pTYn1BR6T-KPr0pVnLg7TMGT22hGzfabmFDz-M5S4aEizYZNxQm-pmG_nQxqAShfpOjQPTmyE71rZ5gPuSsWvGpkXhWAY3zwBI5vX1UEO-jfOu4s0GVQ-qvFSjWZEj8ATFmIzS2Pm9HooAd-Xq3k49v0ZjPMcAFqVnBOAttg7sV1FBStiBVCudFG636uHuaSudgRBBKreFUyKM3qYRwp2PssQmzP4ICtLe1ZDRFCKwitxllJrUqm-bpB2kcddOvBCbyx_95d4GylEGAQSdKQmtLGV&cid=CAASJORof034HnhNnbd4k9fN_7dMIW-5ZXnmgRoM1A8i7dAeRFOXWg&rfl=2%2Chttps%253A%252F%252Fearnme.club%242%2Chttps%253A%252F%252Fearnme.club%252F%240

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30493fed370c9d0d6d86a288001ec12460d0e4e7785ab381eeda6efe5c5e90ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37701
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E6D 42 B
63 B 52ms
48ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cny9LbjdrGviEUCQQBBmqyWbOgb7aG6ZCaAPTX4tjh2HsLbOleY7jj-86QiV-geSA2DgjzVAy3Xjtmaux9wcNTu6egJzOgk4fRGO-WlGgEEu76jlg

Requested by

Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 5E6D 3 KB
1 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E6D 142 KB
44 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 5E6D 17 KB
7 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5E6D 0
0 24ms
21ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6MpPUOKuMqtbBlr-lBjaOpOOeoQIHLv1p7ayZZd1LaxqbsDKpxA46TjAkgCpwLUSAgqHat_Dhoyk5n4VUS73saQqkgg
Requested by: Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 910E 648 B
311 B 53ms
52ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjLzZmxATAB&v=APEucNWEnDAkk0pWCyYUCNdZxxQzvhbWqGqdJfXT43hBhLGlC7C0K26vqVfScjZpYXqyAfyW2WLb9kR77ceunGqeYFuMNTYCqlWb978ar6wu8ZduZ-XLRAotuJIO5SiiJzTTmZe4u4YsLOjJYCLY3nTw64zSe2Lhn2W4R8-cuhTs9f44NthKi64

Requested by

Host: 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
URL: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1abef527f498afd45a968e9d226413e58b40b21872f23164ff7a203a26f40b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 290
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 43D4 106 KB
37 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/
Origin: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 16:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Sep 2022 16:55:34 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 43D4 6 KB
3 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2640
x-xss-protection: 0
server: cafe
etag: 2603454828624189567
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:21:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 43D4 23 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:43:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 2755732409155645664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 13:43:07 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 43D4 42 B
63 B 47ms
47ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CKEZ7Ye9u_vaHkSPdQUACwfdXGQcA5ik5FhpumxViXrY2wMgS3uYZr1Ype_dA8jOBIHDw1ZU6uuaIPTH29f-U7zC74u_-RuPjWWerjQiZnossI9sM

Requested by

Host: 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
URL: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame 43D4
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_s_alw-on
https://d.adtriba.com/px.gif

42 B
227 B

14ms
8ms

Image
image/gif

52.57.145.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
URL: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Server: 52.57.145.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-145-143.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Last-Modified: Sun, 04 Sep 2022 14:21:20 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 43D4 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
URL: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 43D4 142 KB
44 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
URL: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 43D4 17 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
URL: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 43D4 0
0 22ms
21ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrBNOdNd2v0OBkL9pO7o3EHpKd_wk2l6Y5jp5JcIvKS73TxHeaDPl8ouz0yQxn7lKB-3MqStIC6h4ODIiX0lAT6ts6Gw
Requested by: Host: 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
URL: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 90EC 0
26 B 104ms
52ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 91A3 52 KB
17 KB 10ms
9ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=cckwskt&e=1957767944024
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:20 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321491
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301280.478627,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 1EED 0
819 B 16ms
15ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QKRLfBMkRYAAAMA1gAFAQjf6NKYBhD3m--W0dzl_WgYjYHql4-bxtEoKjYJDaZh-IiYgj8RPQUjo8F1fj8ZAAAA4KNwzT8hPQUjo8F1fj8pDaYJJPQTAjEAAABA4XqUPzDvvN8MOJhQQOUeSGVQoZ_pJFi18qABYABoif3DAXiI9wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi_yAg0KBkhFSUdIVBIDMjUw8gIMCgVXSURUSBIDMzAw8gIhCgZMT0FERVISF3JlbmRlcl9wb3N0X2Fkc192MS5odG1s8gIXCgpJRlJBTUVfS0VZEgkxMzM1MTYzNzPyAr8VCgtQUkVfU0NSSVBUUxKvFTxzY3JpcHQ-KGZ1bmN0aW9uKCl7LyoKCiBDb3B5cmlnaHQgVGhlIENsb3N1cmUgTGlicmFyeSBBdXRob3JzLgogU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAKKi8KdmFyIGg9dGhpc3x8c2VsZjt2YXIgaz1BcnJheS5wcm90b3R5cGUuaW5kZXhPZj9mdW5jdGlvbihhLGMpe3JldHVybiBBcnJheS5wcm90b3R5cGUuaW5kZXhPZi5jYWxsKGEsYyx2b2lkIDApfTpmdW5jdGlvbihhLGMpe2lmKCJzdHJpbmciPT09dHlwZW9mIGEpcmV0dXJuInN0cmluZyIhPT10eXBlb2YgY3x8MSE9Yy5sZW5ndGg_LTE6YS4Na_B1KGMsMCk7Zm9yKHZhciBkPTA7ZDxhLmxlbmd0aDtkKyspaWYoZCBpbiBhJiZhW2RdPT09YylyZXR1cm4gZDtyZXR1cm4tMX07LyoKCiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMAoqLwpmdQnMOCBsKGEpe2xbIiAiXShhKQ1OCCBhfQkTAD09wQR9OxENBCBuATVYYT12b2lkIDA9PT1hP2RvY3VtZW50OmEVQyQuY3JlYXRlRWxlARkYKCJpbWciKR1FiHAoYSxjLGQpe2EuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzfHwoWhoAED1bXSk7ISwUYj1uKGEuEXwEKTshKQQpewEaAGUuugAZFwRmPVpTAEgsZz1rKGYsYik7MDw9ZyYmQXJyMhYCqHNwbGljZS5jYWxsKGYsZywxKX1iLnJlbW92ZUV2ZW50TGlzdGVuZXImJmJOFwA0KCJsb2FkIixlLCExKTu2OgAQZXJyb3INOxh9O2IuYWRkQnMAPhQAPnAAPiAABCYmRkgAACg2agAcYi5zcmM9YztaMQEYLnB1c2goYi7RAQRxKCl8BGE9MZI0LmN1cnJlbnRTY3JpcHRNGgAoMjkCMG51bGw6YSkmJiI3NyJBS2guZ2V0QXR0cmlidXRlKCJkYXRhLWpjIik_YToVVzxxdWVyeVNlbGVjdG9yKCdbDSUAPQFEDF0nKX1FHfBJcj1SZWdFeHAoIl5odHRwcz86Ly8oXFx3fC0pK1xcLmNkblxcLmFtcHByb2plY3RcXC4obmV0fG9yZykoXFw_fC98JCkiKTsKZnVtKwB0FeAAaAVhDGM9W10FCQRkPQHGDDtkb3tBexhiPWE7dHJ5BQwAZUGTGGU9ISFiJiYBJFAhPWIubG9jYXRpb24uaHJlZiliOnsBLZBsKGIuZm9vKTtlPSEwO2JyZWFrIGJ9Y2F0Y2gobSl7fWU9ITF9AV4IZj1lGRcAZgEWDGlmKGYpeQBnPl4ADDtkPWJ1HyH0NUIkcmVmZXJyZXJ8fAGXJH1lbHNlIGc9ZCwNywBjKd8wbmV3IHUoZ3x8IiIpKQXVFGE9Yi5wYSHUGYYAYQX_TH19d2hpbGUoYSYmYiE9YSk7Yj0whdUIYT1jjc10LTE7Yjw9YTsrK2IpY1tiXS5kZXB0aD1hLWI7Yj1oISs5HgGuNSo4YW5jZXN0b3JPcmlnaW5zbhwADWsAPR11ACmhWxRhPTE7YTwRikw7KythKWc9Y1thXSxnLnVybHx8KAUILkIBOnYAFFthLQoxXSEMGCxnLmg9ITAB4ykiAGgZqyHVZeUAZyUWJQIEZD0yBAEcMDw9ZDstLWSh2EhmPWNbZF0sIWcmJnIudGVzdChmAY8gKSYmKGc9ZiksBQ4sJiYhZi5oKXtiPWY7RRsAfQ1dAGQV5gQmJgHMATsEOzBBZSVaCCYmZAVIARsIKTtjBa0QdihiLGe16BRjLmc_Yy4F-gw6Yy5pAUAAfbXmAHahoRwpe3RoaXMuaUHVAQkIZz1jGSIAdR0iCHVybBEkFGg9ISFjOwUvBYglCr36AHd1SRx0KCksYz1hLvEKPCI_Iik7c2V0VGltZW91dCgRjA0xAGTZcxhkPy4wMTpkQTVEIShNYXRoLnJhbmRvbSgpPmQpaQ8MYj1xKCGkACJl_zQ6Ly8iKyhiJiYidHJ1ZYFrAGJWawQ4LXJjZCIpPyJwYWdlYWQyzZ0Qc3luZGlpuSAtY24uY29tIjpmIwAFIAwpKyIvCUV4L2dlbl8yMDQ_aWQ9amNhJmpjPTc3JnZlcnNpb249IoVFDGU9KGUBsQwpJiZlWpkADTEwIil8fCJ1bmtub3duImHjXCtlKyImc2FtcGxlPSIrZDtiPXdpbmRvdwVYAGY5NBRmPyExOmYhMzRlPWIubmF2aWdhdG9yKTIOAFAudXNlckFnZW50LGU9L0Nocm9tZS9JmyBlKSYmIS9FZGcZERw_ITA6ITE7ZWGTFVEwLnNlbmRCZWFjb24_Ch1pHRgkKGQpOnAoYixkLCJFCAmeCCl9fQ4OCRrfCFwwPD1jP2Euc3Vic3RyaW5nKDAsYyk6YX0J4AwucmZsLugHDTVoZW5jb2RlVVJJQ29tcG9uZW50KHcoKSl9O30p6cFBmhApOwo8LxqnCmjyAskCCgpFWFRSQV9UQUdTEroCPGRpdiBzdHkhUgxwb3NpobFkOiBhYnNvbHV0ZTsgbGVmdDogMHB4OyB0b3ANCmR2aXNpYmlsaXR5OiBoaWRkZW47Ij48aW1nIOFLVYdJFEpZAkE2DR4uMgIUYXdiaWQmBQbwhl9iPUFLQW1mLUFaTFhWTzFMOFgzekxnR1NtQXdOdndvRF95WG1Lc0VZMXRNdFBnNnUtbkxwaTNoSmFnU2tJOVdxVE84NE0zek41d29oTExVb3ZUZm5rdEsybUJVNkZlQllGd0xBIiBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0iIjEaqGRpc3BsYXk6bm9uZSI-PC9kaXY-8gKZAQoMUE9TVF9TQ1JJUFRTEogBPHMSAgg2CAEW9glQYWRzLmcuZG91YmxlY2xpY2submV0MQY8eGJmZV9iYWNrZmlsbC5qcwFlLbUNUwA-nSQgIHtyM3B4KCcxHpwMHCcpO30pKCk7PeoQ3w4KEEgBnTRQT1JUX1BBUkFNUxLKDpEjipQA8IFhZGZldGNoP2Fkaz0yNzY1MzA0ODA3JmFkc2FmZT1tZWRpdW0mY2xpZW50PWNhLXB1Yi0zMDc2ODkwMDEyNzQxNDY3JmZvcm1hdD0zMDB4MjUwX2FzJmlwPTE3OC4xNjIuMjA5LjE0MCZvdXRwdXQ9aHRtbCZ1bnZpZXdlZF9wb3NpQY0gX3N0YXJ0PTEmoXgRvgRlYSb1DRAmc3ViXw2HAGJBjfB9ci02Mjc5ODEwJmhsPWRlJmFjZWlkPU1Nb2J0QUJGV3pRQnNXczBBVGw2TkFGMWV6UUJ2SHMwQVU1OE5BRUVmVFFCR0gwMEFSOTlOQUdIZlRRQmlIMDBBWTE5TkFHV2ZUUUJuMzAwQWFCOU5BR2tmVFFCc1gwMEFiaDlOQUc4ARAAeAEwGGNaOU5BSFYBEAAyARAEZUYBQPQeBzJiRUVCUzNOQkFWTnpRUUdORTlvQllzSDlBZWtkWEFKWUhsd0NSVHlxQWlkQ3FnSW9RcW9DS1VLcUFnMkhxZ0pmaXFvQ1o0cXFBb0NicWdLQm02b0NncHVxQXFLb3FnSzRzS29Da01PcUFvYk5xZ0pWM3FvQ29PV3FBbDN1cWdJRzhhb0MyUEdxQWs3eXFnSjA4cW9DOVBXcUFrZjRxZ0xxLWFvQ3hQcXFBaWI3cWdKQi02b0NLXzZxQXZjRnF3S3lCNnNDMEFlckFvMEpxd0lLRGFzQy1oR3JBa1lUcXdLNUU2c0NqaGVyQXRzWHF3SmlIS3NDZWh5ckFrY2Rxd0lNSHFzQ0l4NnJBbHdlcXdLbEg2c0NzeC1yQWg0Z3F3SlpJS3NDd2lDckFnNGhxd0xwSWFzQ0ZDS3JBcWdpcXdJaUpLc0NEeVdyQW9VbHF3SzBKYXNDMmlXckFqY25xd0pPSjZzQ1ZDaXJBZzBwcXdJU0thc0NhU21yQWc4cXF3SmdLNnNDa2l1ckFxOHJxd0xJSzZzQy15dXJBcWNzcXdKbkxxc0NJZTBGQV9WMEpBVEtzOFVGQjlwX0NBTFY4QW1xTmFBTVJtLW1EOHloTlJIT2dmc1NhcVA3RWhlMi14SWh4ZnNTQnNuN0VxcnYteEt5LXZzU1lQNzdFcG5fLXhKLUFmd1MzQUw4RWw4RF9CSmhBX3dTOTFackdzbkx0UzdYenJVdSZleGs9MTMzNTE2MzczJmF3YmlkX2M9QUtBbWYtRDVzVEZrb3g5Nm5ZMWR3anZDN3RYZUZqSnlXUFMzYlZxNGVOb1B3ZUVpNUlRd0NNWlpWQWc2NWJQaDVOS0VOTXNQeHk0VjI0eGZ5UC1faVF3eVlJRkFIN0w4cDlRN1FxSlhTbGRscWhUR3VJbHNmRElfU3plUEx5aU92MGhfdXV3LW4yODlubHBGa09uNGc2YWwxOXRpbGlEcHM3bkFndlNmNXdkNFBvTFV3OUNwWm9RJmF3YmlkX2Q9QUtBbWYtQ0ZNc1d5RGM2OFVwM092UnVLTmNYSVIwOXFFeWlSTFlOeGVURUdqM2NjV1FFU3FaTURIWEFQMXRRMGhweXZIOUdqVFpLN1g4WXQ0dTJOUmxndE9xaDRUd2Z4d2E2cFRfYjZLZElIVWh2aXROWVV6OHJ0Y1VJSk5hV3pqQ3lWdWNtemhRM3pYcno0WFAwNHpGcjFRN0RKcGJJb2dOV3V6YTRUY2tVa0F5eG1ROUItMV9TWE56TkdGQXlfUVQ3SGw2bVlCYlM5ZWFkeU1hcVZ0cExKSkR2ZnFUTUhhWXZ0QjdXMUVnTzd4dk9qQmxpYWl6enBrMXNNdnBraHVnbmVndHpzOV9pQ0thOE1nZm9WRjdPSFFZUW1MazdSaXd6ZUZxQmJzNUpFYzhDRVNmWTBUalRRTl9wVnB0QUpJdERUX0xyVTRYOFFuQm5nQ2JmbUxRVkg0X3g1YWh0UFk4NzZGUGdsbkx6eDNiSnd0VWNZRjRzM3N3Qm4tQTYxM3B0TkVnYy1xOGpUNmVLREo3OHlpc2pzSnhZSHJJMlFLUlE0UkZRQzZkdjRiTWpUSHF0VDBwUWljSkNFTXZValZwTFVtNFBFNVZQdXhEYjROcGVGTXJuaV9OOTQ4Q0dFbkVuZW41QlZGcVRMUXdYSmhRM1NrV0paeEJMQzFsbEdLNURVUUdHdWNjYjN2My1hTkt6Mnc4V3VtMGFDQnlpWjV2bzkybFQ4SzJRanJoaFM4enkwX09uNm9yZ0k4VS1IbS1yUFpqM0NNd1hlcmRkVE52T29HRzNuTHM4azJiQVZocjc3QkRWeE5CbUpIbm9kTzQ4Vl9DWHJPUWpGcE9naFEwV3hCaDQ4M083RjVoMXNFemo5ZUtfQlZSSFRDRGs2SDE3U2dpVEx5VHQtUFNHZHAyMDFrTGcmY2lkPUNBQVNCT1JvUDhvJmFfY2lkPYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7bAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTQwqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AShn-kkiAUBmAUAoAW2t7uwndOG8y_ABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWhxwv6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG7o8B2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcMMTQ0ODkxODg4NjY0ugcPCAAQABgAIAAwADi6BkAAyAeI9wXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=6f78acad863985a03a4db690ce188cca96777bc1&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dcckwskt%26e%3D1957767944024,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dcckwskt%26e%3D1957767944024&

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=cckwskt&e=1957767944024

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e8f28aaa-15f7-4824-88a0-6a4e2bddac9a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F33D 52 KB
17 KB 8ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=vkfjay&e=1957767944024
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:20 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321493
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301280.492322,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame A184 0
819 B 16ms
15ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLRLfBM0RYAAAMA1gAFAQjf6NKYBhDLxIqk04bK-QQYjYHql4-bxtEoKjYJw7tcxHdihj8R0xsoz0BVgj8ZAAAA4KNwzT8h0xsoz0BVgj8pw7sJJPQTAjEAAABA4XqUPzDvvN8MOJhQQOUeSGVQoZ_pJFi18qABYABoif3DAXiK9QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi_yAg0KBkhFSUdIVBIDMjUw8gIMCgVXSURUSBIDMzAw8gIhCgZMT0FERVISF3JlbmRlcl9wb3N0X2Fkc192MS5odG1s8gIXCgpJRlJBTUVfS0VZEgk3MDc1NjcxMDjyAr8VCgtQUkVfU0NSSVBUUxKvFTxzY3JpcHQ-KGZ1bmN0aW9uKCl7LyoKCiBDb3B5cmlnaHQgVGhlIENsb3N1cmUgTGlicmFyeSBBdXRob3JzLgogU1BEWC1MaWNlbnNlLUlkZW50aWZpZXI6IEFwYWNoZS0yLjAKKi8KdmFyIGg9dGhpc3x8c2VsZjt2YXIgaz1BcnJheS5wcm90b3R5cGUuaW5kZXhPZj9mdW5jdGlvbihhLGMpe3JldHVybiBBcnJheS5wcm90b3R5cGUuaW5kZXhPZi5jYWxsKGEsYyx2b2lkIDApfTpmdW5jdGlvbihhLGMpe2lmKCJzdHJpbmciPT09dHlwZW9mIGEpcmV0dXJuInN0cmluZyIhPT10eXBlb2YgY3x8MSE9Yy5sZW5ndGg_LTE6YS4Na_B1KGMsMCk7Zm9yKHZhciBkPTA7ZDxhLmxlbmd0aDtkKyspaWYoZCBpbiBhJiZhW2RdPT09YylyZXR1cm4gZDtyZXR1cm4tMX07LyoKCiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMAoqLwpmdQnMOCBsKGEpe2xbIiAiXShhKQ1OCCBhfQkTAD09wQR9OxENBCBuATVYYT12b2lkIDA9PT1hP2RvY3VtZW50OmEVQyQuY3JlYXRlRWxlARkYKCJpbWciKR1FiHAoYSxjLGQpe2EuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzfHwoWhoAED1bXSk7ISwUYj1uKGEuEXwEKTshKQQpewEaAGUuugAZFwRmPVpTAEgsZz1rKGYsYik7MDw9ZyYmQXJyMhYCqHNwbGljZS5jYWxsKGYsZywxKX1iLnJlbW92ZUV2ZW50TGlzdGVuZXImJmJOFwA0KCJsb2FkIixlLCExKTu2OgAQZXJyb3INOxh9O2IuYWRkQnMAPhQAPnAAPiAABCYmRkgAACg2agAcYi5zcmM9YztaMQEYLnB1c2goYi7RAQRxKCl8BGE9MZI0LmN1cnJlbnRTY3JpcHRNGgAoMjkCMG51bGw6YSkmJiI3NyJBS2guZ2V0QXR0cmlidXRlKCJkYXRhLWpjIik_YToVVzxxdWVyeVNlbGVjdG9yKCdbDSUAPQFEDF0nKX1FHfBJcj1SZWdFeHAoIl5odHRwcz86Ly8oXFx3fC0pK1xcLmNkblxcLmFtcHByb2plY3RcXC4obmV0fG9yZykoXFw_fC98JCkiKTsKZnVtKwB0FeAAaAVhDGM9W10FCQRkPQHGDDtkb3tBexhiPWE7dHJ5BQwAZUGTGGU9ISFiJiYBJFAhPWIubG9jYXRpb24uaHJlZiliOnsBLZBsKGIuZm9vKTtlPSEwO2JyZWFrIGJ9Y2F0Y2gobSl7fWU9ITF9AV4IZj1lGRcAZgEWDGlmKGYpeQBnPl4ADDtkPWJ1HyH0NUIkcmVmZXJyZXJ8fAGXJH1lbHNlIGc9ZCwNywBjKd8wbmV3IHUoZ3x8IiIpKQXVFGE9Yi5wYSHUGYYAYQX_TH19d2hpbGUoYSYmYiE9YSk7Yj0whdUIYT1jjc10LTE7Yjw9YTsrK2IpY1tiXS5kZXB0aD1hLWI7Yj1oISs5HgGuNSo4YW5jZXN0b3JPcmlnaW5zbhwADWsAPR11ACmhWxRhPTE7YTwRikw7KythKWc9Y1thXSxnLnVybHx8KAUILkIBOnYAFFthLQoxXSEMGCxnLmg9ITAB4ykiAGgZqyHVZeUAZyUWJQIEZD0yBAEcMDw9ZDstLWSh2EhmPWNbZF0sIWcmJnIudGVzdChmAY8gKSYmKGc9ZiksBQ4sJiYhZi5oKXtiPWY7RRsAfQ1dAGQV5gQmJgHMATsEOzBBZSVaCCYmZAVIARsIKTtjBa0QdihiLGe16BRjLmc_Yy4F-gw6Yy5pAUAAfbXmAHahoRwpe3RoaXMuaUHVAQkIZz1jGSIAdR0iCHVybBEkFGg9ISFjOwUvBYglCr36AHd1SRx0KCksYz1hLvEKPCI_Iik7c2V0VGltZW91dCgRjA0xAGTZcxhkPy4wMTpkQTVEIShNYXRoLnJhbmRvbSgpPmQpaQ8MYj1xKCGkACJl_zQ6Ly8iKyhiJiYidHJ1ZYFrAGJWawQ4LXJjZCIpPyJwYWdlYWQyzZ0Qc3luZGlpuSAtY24uY29tIjpmIwAFIAwpKyIvCUV4L2dlbl8yMDQ_aWQ9amNhJmpjPTc3JnZlcnNpb249IoVFDGU9KGUBsQwpJiZlWpkADTEwIil8fCJ1bmtub3duImHjXCtlKyImc2FtcGxlPSIrZDtiPXdpbmRvdwVYAGY5NBRmPyExOmYhMzRlPWIubmF2aWdhdG9yKTIOAFAudXNlckFnZW50LGU9L0Nocm9tZS9JmyBlKSYmIS9FZGcZERw_ITA6ITE7ZWGTFVEwLnNlbmRCZWFjb24_Ch1pHRgkKGQpOnAoYixkLCJFCAmeCCl9fQ4OCRrfCFwwPD1jP2Euc3Vic3RyaW5nKDAsYyk6YX0J4AwucmZsLugHDTVoZW5jb2RlVVJJQ29tcG9uZW50KHcoKSl9O30p6cFBmhApOwo8LxqnCmjyAskCCgpFWFRSQV9UQUdTEroCPGRpdiBzdHkhUgxwb3NpobFkOiBhYnNvbHV0ZTsgbGVmdDogMHB4OyB0b3ANCmR2aXNpYmlsaXR5OiBoaWRkZW47Ij48aW1nIOFLVYdJFEpZAkE2DR4uMgIUYXdiaWQmBQbwhl9iPUFLQW1mLURvMnE3UVQyQ1RQT3Z0VHJVTktDWDRIOTVoMjNrWnFTZTU0MnFVTnFRdHZrTjN4MXIxWkRwd2ZjREVTc2t1QjlwRFJzZkhBNEozQllReWx4M3k4SUVPemctNzd3IiBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0iIjEaqGRpc3BsYXk6bm9uZSI-PC9kaXY-8gKZAQoMUE9TVF9TQ1JJUFRTEogBPHMSAgg2CAEW9glQYWRzLmcuZG91YmxlY2xpY2submV0MQY8eGJmZV9iYWNrZmlsbC5qcwFlLbUNUwA-nSQgIHtyM3B4KCc3HpwMHCcpO30pKCk7PeoQnw8KEEgBnTRQT1JUX1BBUkFNUxKKD5EjipQA8IFhZGZldGNoP2Fkaz0yNzY1MzA0ODA3JmFkc2FmZT1tZWRpdW0mY2xpZW50PWNhLXB1Yi0zMDc2ODkwMDEyNzQxNDY3JmZvcm1hdD0zMDB4MjUwX2FzJmlwPTE3OC4xNjIuMjA5LjE0MCZvdXRwdXQ9aHRtbCZ1bnZpZXdlZF9wb3NpQY0gX3N0YXJ0PTEmoXgRvgRlYSb1DRAmc3ViXw2HAGJBjfB9ci02Mjc5ODEwJmhsPWRlJmFjZWlkPU1FWGhNd0E2MU9ZQVJWczBBZmx3TkFFNWVqUUJ2SHMwQVUxOE5BRllmRFFCQkgwMEFSaDlOQUVmZlRRQmgzMDBBWWg5TkFHTmZUUUJsbjAwQVo5OU5BR2dmVFFCcEgwMEFiRjlOQUc0ARAsdkgwMEFiNTlOQUhFARAYeG4wMEFkVgEQAFkBEPRuAjRYMDBBVXR6UVFGVGMwRUJXSE5CQWZ3UTJnR05FOW9CWHh4Y0FsZ2VYQUtTSGx3Q3Z4NWNBZ1FmWEFMVzlvZ0NhUG1JQW1QN2lBS2ZRS29DSjBLcUFpaENxZ0lwUXFvQ0VtaXFBbHlHcWdKeGo2b0NnSnVxQW9HYnFnS0NtNm9DbEtPcUFxS29xZ0xscktvQ044NnFBcW5VcWdKWDNLb0NWZDZxQXBfbHFnSlE2Nm9DcWZTcUF2UDFxZ0l5OXFvQ2FfaXFBaWI3cWdKQi02b0NTXzJxQXFRQnF3Sk1CYXNDOWdXckFpUUdxd0pNREtzQ1VBeXJBdlFOcXdMRkU2c0NLUlNyQWh3VnF3SldGYXNDYUJXckFuQVZxd0tCRmFzQ0xoZXJBZ0lacXdLNEdhc0NDQnFyQW9FYXF3SmlIS3NDZXh5ckFnUWVxd0pjSHFzQ0FoLXJBa3NmcXdLbEg2c0NyaC1yQXNJZ3F3SXVJYXNDWmlHckFoTWlxd0tJSXFzQ3BDS3JBZ3dqcXdLMkk2c0NvaVNyQXNnbHF3Sm1KcXNDZkNlckFwTW5xd0kzS0tzQ1ZDaXJBbUFvcXdLREtLc0MwaWlyQW1rcHF3SjlLYXNDMVNtckF0MHFxd0w3SzZzQ2RTeXJBbE11cXdMdkxxc0M3YlBGQlhjSC1RZ2pyZnNTV2JYN0V1WEIteEp2d19zU1ZNcjdFZ1hMLXhLMjF2c1MxdUg3RWxINy14THVfdnNTTV9fN0VsTUFfQkpKQWZ3U05nTDhFdFVDX0JMY0F2d1NXNV9xRkExY054ZjNWbXNhJmV4az03MDc1NjcxMDgmqVIAY61S8LBCTTZxVE44c1c3U3RBa2g0SjBGc1VEVlNfWUtoTkcxd2Y2bmZCRURqbFotSzdpMTJQaUpadUpQSm1adVFhVEpQMXJObE5yY1JmU214UUZIaXhDZ01mcjBjY2FkZzVKWU5Wdklyazh3TEh6elZPNklTbVBSVklzT1VYbFh5NU1FRmVIYUxfX2NlRU9ZT1RpZzZOV1JXeUp1OEZobXk0amQ4bEFTT0hHTF85UXM2OGk2eFHNEgBkDcD0qQNERlRnbTlpYWItekZONTduSnNiLWpCdEVNcGJoTVItZEJFVXZoSnNoakdmUy1fR0hiSFROZy0tdDJST2RpQlA4akZFaDZIaF9yX2VtdG94Qk13R3JsMGc4MFZJUXRzVjFXdUVsWl9KSmF5c0xhV0ttUTFPb0RwcTQwMUp0R3E0NUdGVm11SVZCRHBJcThqNG9aUmM2UVkwWE1ENzNhNW9JSWlxVG11MF9FM3o4NlJhSkxmalBuNDlTalhORG9FZ05CbzNTWUdzdnNOTFo4TDJOci14VS1LV2Jhdy1fa1h4Zzdqb3Rndl9LSVY1ektLNjFpLTBWOE9JZ19VamxabVl2M0NickdUOGk4VVY1VS1MQ1EwdmtUTWZMRjNscFQwdEFtMkk4bmFOQUhsbTlQSnZrNmdaNUo1X3ZweG9CcmsxV2lualB4TzRtQTc2NjVGMUMtajQzWWZGZDhLRE1hcVI0YTBqekNZQmJnZ09wUlhVdGptRkgySzhSOVQ4akZSekpybmVFVkRlOFEzR3kzdEdnenRkUlhMUU9XeGNobHA0NU9rZFk2dXlSVUQwSGg0U2RxOHBPMWZOc2dEM3ZfU2o0dmhKVlZQUEVqTUdNM3Bla0FsQkh5SWcwZ0pWVzdqcnRmLTRjVlRid0xfSEZMUXJMb19UNXBSdEVtWkd0Tk5BMURlX0d3ZjFHN0tyNEd1SHE0MEhBVzQ0aHlBM2NtMW9Xc3Z5TjBVZjFtdGE1dTZNbDFCNlRINW1nVlROSWY4b2YxUXJacEQzLVBIX1RkNmMzRjFsbWtRdGNLTXRXbGxTYW5zcnBJM0lpWDgyenZkaEstQmIyckdsRm80UHlsbFZBd0VPQzdrRHRIVS0wd3ZFSkJnbUNtdjM3aGQyejFKbXN3bkZoRlI0Q2FWUGRJN284TSZjaWQ9Q0FBU0JPUm9QZ00mYV9jaWQ9gAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKGf6SSIBQGYBQCgBe2_qP_ew5aJL8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaHHC_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAAAAAAAAAAAEdoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDE0NDg5MTg4ODY2NLoHDwgAASlEIAAwADi6BkAAyAeK9QXSBw0JAUMBAQEeCNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=6467021f927fd6861a9356a2e53b894dba938186&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dvkfjay%26e%3D1957767944024,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dvkfjay%26e%3D1957767944024&

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=vkfjay&e=1957767944024

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3d53191d-e4ab-4a1b-b4c8-9b3ecebb7f20
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame ACC7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEOoaiWRVSdsbmlOj0SyTXC0&google_cver=1

0
522 B

70ms
16ms

Image
text/plain

96.16.132.239
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEOoaiWRVSdsbmlOj0SyTXC0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnsJBC_m8_xAxjGv-nRATAB&v=APEucNUT_CpzTrVLgMiTG8YK9i4ZiIdmy7hqqIqzVO4ipPXJiOSLPf_gEuaRLXcphmP6DGqYshQKjPwm1TXmqMipD37N0JnUxrcGgqprk0sC-R0LoVGTqAvj34QP1Zb8NG46B2hom3-kAetzISZvyDpg51ke1kyvcsky_O9x7Bb2i0IUIaO1-vI

Protocol

HTTP/1.1

Server

96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-132-239.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Sat, 03 Sep 2022 14:21:20 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEOoaiWRVSdsbmlOj0SyTXC0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.adform.net/ Frame ACC7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEBfQTRCBIuicowHfRXynXSA&google_cver=1&adform_v=1

43 B
163 B

73ms
20ms

Image
image/gif

37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEBfQTRCBIuicowHfRXynXSA&google_cver=1&adform_v=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnsJBC_m8_xAxjGv-nRATAB&v=APEucNUT_CpzTrVLgMiTG8YK9i4ZiIdmy7hqqIqzVO4ipPXJiOSLPf_gEuaRLXcphmP6DGqYshQKjPwm1TXmqMipD37N0JnUxrcGgqprk0sC-R0LoVGTqAvj34QP1Zb8NG46B2hom3-kAetzISZvyDpg51ke1kyvcsky_O9x7Bb2i0IUIaO1-vI
Protocol: H2
Server: 37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
last-modified: Tue, 12 Jul 2016 13:47:50 GMT
server: nginx
accept-ranges: bytes
etag: "5784f506-2b"
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEBfQTRCBIuicowHfRXynXSA&google_cver=1&adform_v=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 312
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4703 166 KB
56 KB 123ms
123ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02740988c000f39a4a358b7afa18979291fa2b4c276afe6a33237bedd1795948

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57554
x-xss-protection: 0
server: cafe
etag: 1448465821367086771
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 14:21:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4A2B 13 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4539
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 13:05:41 GMT
expires: Mon, 04 Sep 2023 13:05:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BE34 783 B
534 B 23ms
23ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

237f00f14862013eeedbbbb7e57554c0ef2f6f20655bb80d9ae0ef8bdca4abed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PW7axxH_o6SfSjwKOdfcew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-PW7axxH_o6SfSjwKOdfcew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:20 GMT
expires: Sun, 04 Sep 2022 14:21:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 29FC 30 KB
12 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BkRCEERMMhXft9XKoiYG8Q67tXmtHrcaWcjcPGixFGdcWXm1Mc3y4EnR55hCVMTbG-9EU905rjJe19Vp1VWHE6_UCrWZ32XjCu-lwR6gcFx7vruh5bicjEqOxJTvPLBT8QbP-4JilMxL8lg0FMBaqYjWCQCw&cry=1&dbm_d=AKAmf-AWrowie5jig1t60nkZNFQQtHqziqu7ASgJ7qP72wY30PIvV-t3hDxBg_O-iPPHaCd-16RXvLPV2dwdHnXaFadh3RoeBUCvUmjry-uc8q-kuy4MvKNSnLLFpaMixnEny98F1T4XcS9a59wWA7RRSytDrdy35YWo61ppxD4zmuJ0JBXzwTcVC7KA35p89nAOnrCZG684tuzjvV8crEvMRWRUTEdbbgVAt15RS_-5gPJllLnKiUcNvKefmNij7rShYA8A67sRiM9gwPXvM6x7da0HRaYEkxP6HuQatGO_Op4Ig9LvQcnYRyyq-tD2oFuF4gtcUIAI_gpnbtyTbYB6grnAeJ2mtHZ2ODeVmleIWuEvPxZ4Zg1zOAWrZ2Pxp_qfAyX-bxOIv5DRp8Q3_2v0NJsgdfGhXxjvzus5tK84bqt-67qFGxFCetehzUlvT5a6jmGmo03SMh0teHy9XeEGELPMOkkBeE2sQeY7ERzWyc9mgVh55wfbB4z8LOjhNfpgE6QCyFMHyYzXOMLkVuCwTb4IUffoPueNEmhdIs2HSrY-XhO8piiy4TAcB_EjFN1x-baS_awmdweUGTSQ_ySPZaQOueJxEDW-En-AQR83LapG36nNv9q5l1s_GyY9MyL55qxCwlxxnhDfFnpPeSVspviyejTKotZM2nE17J4kTiPApgUHMenzKh0KFFyhTUU1REyNa-bv6ZnvHtCmvAmxUMF1fyf1MeD-SX7wf8K9C8_BfNnrTM86rXrfeRhCXcw85DKjbMHNykLge-qG-guzrtEmOeNPOEFS2eRxly4rB7qaTGNokI6YpsQPwfqu1E_NFfcHKUns-QGyjjm48O1rqIFknobwjpPU9Xs64mZnAPbvjWJg7KdtRXuJy633vAkpnAhqQo6-CyFMi8Xt_0Sg3iyxQDWQiq_XbWWRFoJfltTHoxBeCfL-9SRc2np7Mk49CmJQkyOZIrWhcxuXzfmiDDC83lOGSsFDLc8zBDZ08AEFIkf1e0pVqprR2T5hICx5pux7yInZ2L178fawt9BQNLd0tZjGt95alBpXR54M8IueObPeEIiEWmTBxZOzFwEBIrZUJjelY5HwbCnirY1mdSQqK3ZJl9wdbLtE98qRRPeKVmrGO6G2ReeRVyUN-5CiO4DLvBOwQmKG_jvukF_pGMhxqPEsZ0H5T7qHdWi1nR1TdxbTkaus8qVW9wM1PHKPLEnVW9P5poORiHK9E9iWjghfQRwCJ53Dp_LBqI2YvJbcVAwyjj-eJDEmBW19Qk4c4Q0w0nWktc5XZmBiPu5wF2V4kzeK6eScs2qTqL55G5r6ObxuNmasmM9tlcOV1WliydcnRleG3wRguztNpiTmpIv7j-GmzTVuWmYIlwKNsAiEBdyFBO1FF1x4vnMqreDWUugs5NE7DBTnkEHXDoZ5j8v1kMqBAykgb4hsBp0EJJF-5nwcXOISvw3-M_p5sGRwlpAvcyL_wF6qWtZxK8I2RnynUr4EJNJkXxqdBGGcGr2bcVi7k6ImijOhyp2Cvv8Lz4H1r91VLnvw02UPwGbsGMQbgKaMpn1sgJ3pcnEt6IpCuLf_jUBJvWbdzb3NxOiNfOXnfoIB4BWdyEOI2mfnfagy1FOQgVygRZ9gcJXuhFuSVfWzbnVCPcNq4XTK8jd8VhsQjvmHJ9kAYSIP-Q0Sm4PM40EpWz_F8aRH_g-WCdmFU455cGMOP_3Gl2AmjaWu3Fx7BHjxto2R39DMdwfe7Bh7znmOLHm0-xoIivVzfXEOaY_f3jfE0ZnmwOOspvqvcn65Rw9UQBbs0PwOqDHnFzkFTKjDL97cCr9WrwcWMoS4vxvqcUHXuYa7nakRp_OPwx46lz9iCyRUo_PRVDeLCIbeUJ-l7iaJugz1hkCsvmL1-0xqdEHm_nSVgJzrafaivreVhWoy-F6jijI4pyDFKv5rNIIz2KnOeO86X3KQssAn7UuK_Vix7hGtX8l98GutpWo8uBFVPy41xyKNC5F1Xu67GDTCbVhr4yEQxRTYjjdtnNZ-fp_bAwY7_uwbs73p7_QxP9vO2vuhltEslEuFoHBXw6sZOkrMN-qNLcLIDrCbtDZ8tfMGC16djc9GrEzZU5MBxs01pozjhh4dvfiCu4dOhSjwNxk2V6E6q_ftlJQsZlu_vO6Vg4sITgzgmSTdKxzW_w69Th5UsRkY9L-bCiT2wwjEzy4MH82eCMkHYZUdpsQ8SxSp2PsWWLEABBaMAb9ruB6eqHdqk7WAw0_ZjRK9j7vbJQuGtnoJoKpZOMShT9431SBPknhxz4yySl6TDkajs74j98meRfZEfbnrzEqetbZuwLPCqZW-s3Dkz_0uwQKvtXeIuOIBKhJUFPQ5AeRPdH0dsSHKftM_cnLKRyHCnSDnNvUs10qCN0NMIAawdXRua2gHQ8d2QuPc3EjJKf77MIipLv-PWeyGoHT3mUvGKxi40woxe2doHHRLLLpXX2zDE3nVIiTeTcj3DGcBLhDpBh-3KMe4bgl5miK943JtYRDZpz8zRypfxK8Fw5lVtlGf-XLL3e_t7DdVXGIbCsdWkyaPnhSs3uA_IXkunD8xw1t_l-4DdNzpco6wrUxN3bfkoqQDFNRbJV7t_g762XSV_dQ9VLnnWzIf7vKwWIVsawOwge6DcjwflQCwUaHfwgc0QnMur8yJrHyiZek6zlz1DFqHzRBexqwBlOIMRPcA9F38g5z4NQBJkfQUQw8YFIFKhn-lqL8NsSz8xoB0UPjsQorWCBYcAFCdL7g_WNU3JdLLZ_mk71jmrCCRqtICynJXgcA32qZUCQ_It0ukMfwnr87g4GiTeKdl7UOVLDsurJgdM1yiHJQjwL3_rzA69LQv8y04IezMiPP1iZjBOzL2NpAO4QZqqDwTHQ8g6ToViKuEGjflGalaWmwWj49AMnf4urrbWcnfCqwyCwKTMmnwdwYp_JpYCiyJAgyiXrb4n7AGQ8w1B3j3RHasMO9GDJKXL0bD02IL7SUr9pIyzT0DYbQTsM8ZyPyiZMZ-sX3OKvRee_yZ8k87LjUja9JL-XPrNAftW5KjcUhJYnYSt6cuFQkkwWmmbvqyugzoXJ8FUq70JqXh_Fe_RCgOaCH3z9Ep8EIl8o6MiEbyLeSA4n6ax-edFvHnRBAbwQ2eaqm2laFh9fEcyxvLuodisDNKk0-jggscWI5W01Qs-YgSqAVxODVsyGiE6UQG652ULggIuBDnLg&pr=8:DD0FD318B73AA6D2&cid=CAASBORopmY&rfl=2%2Chttps%253A%252F%252Fearnme.club%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11778
x-xss-protection: 0
server: cafe
etag: 15541287485089275602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:19:17 GMT

GET
H3 200 5336787829176526803
s0.2mdn.net/simgad/ Frame 29FC 55 KB
55 KB 47ms
15ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5336787829176526803

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

246d55b6ef0bb428e645bb958717046721a0dd3a1c2c798534dfd18caa726d44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 22:26:21 GMT
x-content-type-options: nosniff
age: 402899
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56092
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 14:26:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 22:26:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 29FC 142 KB
44 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 29FC 8 KB
3 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:07:31 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 29FC 0
27 B 63ms
62ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvY1z-ofl9H23qQzyF-TVEr27j-rsW5gUVvAS_GK_4V_o_ex9Kdtu9PvkGzTVIEnw0vtWqXqaC7FJzuxW4KGTP6EqHFwW4YvL5c62yRKBTm6hS2IExO2N77nE4ZFtn0aUc0QWdzyiV1Wu7njd1U42Z9yvR_Bo6dlgK0qeKGITtjAwax8XgqL0rm70I8VH2dqCUDs1rqJo3UGrmzbdS9TULW41ezJiE4AVUM2K-ak8FzajkJeY4EnCf3nL1wT0xihWyc3MX5OSo5SK_E_TcTHobUt2HSHfsHXBfldCeWcCI7ofR8KFWWbNFGO3Qxk5FmmEqRJwLA7tks4QeHx3Im2GjcOfje6juqBEz0krKDUy-aTrY5-icBwcM27RKD8WExK75tjjUSuusjk7WeLs2Ew3ircuWWlxvGhzm6qChxGsdpx1HvpnnB8l3pxWuJIH5vYzXpvhua2ZyMOxjHobMs_TvdUt42ke8KT2wvfxN-s7pgR6ljZLCVHmiiRLHFTsxP6tDeCbo89aeBq_lp_4KWf5N-uwqmizX-wctmXs-JqITiV7IMw0LB4pAP9pNuobF9U5CNv9p7G91ezgN2PKEF_HaJYngCYZYLj1XnLMyT4pKAxs3Vk02X1rHtdnKgMXIoMkfR0j_8ZL55BcRFZ9KySTw1SSkOwFN_K3mVgrQOC851XMOy-373P-K2tsKYGvQDzXtTF-4zY99iDUTxmS6anL_6IfAy9aVv_K1gOeUxbE9KKsE-W4Z590YQpcwjH22AxXW5r2v_TgXU9DZNunXNMfHqyJ0QZj-frEocGZcRWljS_6PJgOYxg9ZIR-J4dTKWExYieEy0DOAvMshMIxAaBY5t02blxSpn_NyHPq03lMiYVjSyW2piRdsXCOxjCuiX4lXx6sS6byhfM2dwmS-MgKvhO5JLEY2eQ3-eAyT8nv-8SQ0eMebJsbCmxADOe9bYi6mDnHisT4nss8amIgBsiAwKcy5qNsuqfKSut4gowmtKbKI8Np9KiyeEdJtNALDXWH4cRISQWwhPDihG7ilvUiC5eWXbTp5uRrta59gbPVlDOnnI2H_PXneHUXTIeyn_865vfpmZihq3spx5pjwKwuMN59PLxxkukGnIs3B0NPzrUUZKzg36TBQdBNj3xpdXuAUBEMzqEA&sai=AMfl-YQ2zlFz4q9pzKVs1b2uL3JBw7l6wf3VhTh1C3ps4oyL8KT0c3ajRDe31jG0zmn1b_sE0jm5La7Cfn4jUNj9XwBzy-USrmN5KeYfGMGxjcjORIKMXiPwxf4oFDf3H_IQ-MQh&sig=Cg0ArKJSzF-rDF95qXYAEAE&uach_m=[UACH]&pr=8:DD0FD318B73AA6D2&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220831.94257&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 04 Sep 2022 14:21:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 29FC 41 KB
15 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
H3 200 7801948963878234958
s0.2mdn.net/simgad/ Frame 0CA3 317 KB
317 KB 34ms
26ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7801948963878234958

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5013943ab98bd7d19d019af64200db5b5240f2aea80340c7cd6cba2cba2e48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 04:00:12 GMT
x-content-type-options: nosniff
age: 555668
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 324857
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 13:14:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 04:00:12 GMT

GET
H3 200 11836925781147672280
s0.2mdn.net/simgad/ Frame 0CA3 25 KB
25 KB 30ms
22ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11836925781147672280

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5a261902b805d2a940d0395abd13ee962205d3193539df07e9f076616b6bdfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 04:00:02 GMT
x-content-type-options: nosniff
age: 555678
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26081
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 13:13:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 04:00:02 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0CA3 42 B
63 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHzBoqfD0Y1zCCipHi-3c1oJP7GV98gKoLdL6atNyk2PB028LMSa1Kqp4nNWFPF3KHEjiHObwUIErLnVefrdeKu__fFTQao57VkR7pQHpR6l0o-WMbvk3Ydzr2Ns4o0nRqm9sZIyZzo1-o3zxIvkh6gJgLMg&dbm_d=AKAmf-ChzGSwbNIhHeUfmKhfKd5zoomoSvFn3nYXEuwhRVwI1kbA66a0ZAjelWXrUpAUWCXu145CU5xTLjeXivIPtfZ9mQpzi-d9bGUHgx1rEAPEVD8vqtJ6IrqEkW0qBJ5ARqVSIjdT5956bRY63NSO-m2cG55EdPuU3f0-HH72hxmhKTJ52hOAlP7fjVarPQSpTJ4FydcR9r2PYjRPa1PTwgp5lo1798U1Juv7gTlBLyumTgNf0wFlBT5Y3ksDA8_eToLOMxBZ_wcnxrglDEXhFJmrZOgQp0BpJWhSa3_qrfSxoWLBNsWahqcNCcnoymQzclM9QpVF4JYwFqAkRpzF8tNannkxaYtCHDVRE54XsMiXW-V7Q6dXuHq8jV_jtjfmKxwbdAmLtGSeaLvlBt9MqJBK7ZOkctDxF_GUf6FsmJ3bz8m_2iVkxOm6JlinauyTykj4jM1JFL7aHyJwuN_bYmYlr-k6vKUxRcHsEHsrA5RAK7a6ROl3egd9v4cYOCzPXAYJ0IUFtor_J40zU4XKCJVpM4-k6R9Wbtnt-3QeLVxbvG23umKHn5bM32pcOuUYwnSlvckaf24UfSYSFET6HmRC_6DZwgVMO1F-eDOaHhSm6JHlsyKGjg3rok1NiwajBgGNRq9fNoMtVc5v7BlZM_7KLhe3TB1yzFqcHeAdkBgUEk3bd6iDg6DGmm9H5xrnpobJ7OAjqCNR_51wlWnJ68_QEw6s3HS-6hPVjHE4XgvR4UQ-0W9acsyIpYGMgjjM55qcnBn3WHCcfFVpUwP4jNf5kuoLYtWvmSvhZjwIDAi_jacJXtuQ8Hffgwb_eTJoaPHFp_Bhz_gGX5KI2SSfxle-MzhKTFOWtI9Cjr6mvF-dlEz8HDBFEAqjsqruMtGNJQ57gjhNHX2e87ljVzxB62OBm9WcOODtZlhDGcc-Cfda6UQH970bF60KblNa_0ykbhxNqPaRUCplu_yTO5JWS5RF6iL9HyL6Typ0JoYeOn4g8sLOomYH_x7veI67tKsU-N4suwcpi9ZjOmVMdGo6R9-2gYng8NttbRfHtlcS9V1j0p7dNF7yUJTcDdpA2z2FZX3t6aYgUEVHXysgw-NYsW4fVN1eMKeblAM2WJXi47SAMhxjr_lIpjqiTR6_XLdjDk9fVM5spCCt2RwNBF9U2TyiKsD1ydZ2KuCeEynFYErvnWvivaYEOFn_XuvLknfRl6d6_xynE0EcmoevB-bcVm-2sJiiek4VMbw1ex8XS8tny2Vxm2Eyr9JZe_AYZPTnkCy7Xqc9OKcJfnrNnQIhiPXZit4GMO5Dn5jabtvP8QD80wRxCdYatBvQ1bEeLExO-4Ycb2Cz1PQFoBsXdymn59DvUUuU9yz0ONC5dv9geYGZS2K9uSNPpVYsUF2Iuev6Imyn5JWJvNIUL-GnDDWManHr2ry-kMmkObVFlnuXKBZo_F7fj0-iRhju8wwItr4OaFokOmkPzFzK4DSpggraKdKMa9XtK4It9F8j_OBKK7WKKIxQqHBua4migEg9GS_MCCRN8os1saNKPMU0wX4FQDVrLaEJZfJqlAAYgPxdwV9OphuKUl43YkTWicfaZd1uVno1OQrlQOXBFzD4o8--zx09no8QQe9w0hu3rOcoEzRlgPqJJIknjfsqzdB_GFF8EXwT6BGmLg_62xY4qdzgbg71oFeM4oz0ZP5V1cjh09POrTJ_DMZSyOLDSt-d9_Nxg522kpHeo2iOPWFE3xDlTcIhmok4z_D44aALTzWiUgVdavtjfwtqEltqOUx0na9bkWvjQG_tvfyxO3DkA3iKYuJcqtpVeXnhJpFxfYAMKyVOS34zCJ_m15CJ5dBA7wief3CfZXT2MJFyvliivBU2EYJ4kLF99cBgaXD7-MxQDj8fbby5pVTfuu5VtuGwUqF8EgGpRj_P9hWL98Vtd-SqSHl70BWH_JPmyvdHmEC7qkZOFNgHTq_Rnp_dDWTXqhPlYUeCw7eYJe0RPOgTuUUQbjNLjW7nSZ_WC1N-I57euSSiifwvs0CE9Pp8hmcHzxkQeJ7JUJS3xgfY_keP_P9YYSwlm92O7zT782Qx1UcR0MTDt6DRo8gZsTp-GMQXp6r43qu6YvwdaFupNHV4oDtfoqtZkoRgERX5kH_6O4kK3kXNqxs-hE8RVxHXIIDDPGfHRk0VQJgAhJ2FPjieBYHoV5oMLEFusXTpwhiBekGxsAdKhooyHl2k_qSY1wSOm5ZxWijV79jawmrrbWtgl_h2S-0KwJkdDWz881diaqjW3l37i_p-QiYylKP0xGR4fqILN0ufz3eSsz9WbqPNN6YRz6Zf_6GjjD5S3Qbquth_TWBhJYYRMsWf7GDEuV7fuHzm1Z2DVrGj5EO5B4069Kie72Fa0dLfnc1v_v2RWO4kfAw-Y7PwJzi_XR5aNj03N7NsP2qNQcWFCrAJigj50vTlfh6pMVIclJPQUP1pXwl3hZa_czzpfJoLKwynpZC28sq3K5AIxklDaBBpauHxbyZSy8bH-zWYAeTBGnC1rukGYDomUFrQnJpLhuMjAUFJu65g_JhMtciFDRIPhIFP9JuaF7SgdkF5BNReZhLZXHL4M45k0UmTuohPp0Mnnt32b2saaWmavIFKIy-NjHVjYV7rVTgXtGhudk8-n23xGwB72OnHfPHjEKUc8M_YI6E72EJHtpBSu6dznM2JGAgnIQkFh3xeyQh4A0sfCreisBEwlhmfHiTGdwwWC3k3xMv8fM3PyDbaQHfq8azmwyuH7JhFDzwDPIJvc4daaiVQ3GBoQA98Q5exuo6OsQ1R9COL9MGbofK7o4HCNuMxY8cixiT9vFbnPzm8TpYlXO-Qztm_-ohFG1Jm-DBEIJ6_9Rsa3ZyWINdkjhImy0gnwf7qjbW1pQSqotwxSTSBf1en4TZ1B6v26okIKoF4Ttp7qC0VXUyZI2XdxLnacFqLgx8RJMeS2UsCya2-Y_A-IChsnBkJMT5wxQayT-nGW2nxDzmzieeldDU3Rhv6ZyMYh0Ti2-49G4fT-PoopVv7DllobitLIgcLHxcKKoCmjKl3NP8Oh-891_2q5PxRNq9K0cjuldlZ_pAcAps2n2ot7zqzozjJwarbnCERHM1V6gKOVz68QQwestzkqbL_Q92TvWzEvxlnZAk16hHs6qZxOKS7Zxx7RHvk2Hv2Jpuxq2PQFm5QgREpBftDFRELvKNdhU4isZ4W1Qa7YRBjXPw7cjepf84exFScXIq1RxnbFQBkq3bCBBaP1dk6OuQI6wO5Y6SyAywoXNX7JGJ7Ski8U4s20qD-HlBvK5gNxm45FaSFdnbx_fd6MudTjquSQR23EtFM3l9AOo1EVw2Uz3lWJatgNnSTo3oMHa-VkFdOfrsYtWAPrPiKBi4gZCdR0iLsb7diSt5ZjWX5oT3rNmYyxBXDLZvDf-twf88zr9VDk8EifyQWVG9faCVPmuUw7KDUUrm476eTv6ZnWs_GKzDHXCiXIPTjFxJge5Irkd3ziUypewSrUofrfLQ9iQ34I1PJEnopHixMnx_bZ1Kzjbu7sfSsHzEvQa4cupxJHbTLbUjOaLHIAeUD6poEVzlb_o81Aj2PtPxR7DnRkgIKivSGJ66NvnFmkWsS53bcoNI4WGIAy_n-ANbCR1xmVvuh1zy5LSkIMgNBlkxsZSLny34abH-tC7ss-xWFUuMoydSDdgYcMs5zHZB-FaiNOdywwMdkq_bADP7ZIAVp6hinmbRTnXnSg8_En41wj6GhRILTBPaCA7Ba3WUq3aLx-n__Ez21rwGaPrNJRgomp-5r72dGbXPBK4Qhc92euOqwgig&cid=CAAST-Rony3qrSq5UH4WD9vRxYE97f81FOlEn2HqDDQee8exBKF6h4vvuhemM5hKisbY6xr8uz8XBZxMUsMXfG7LhCEbPCWFGGJ843TKoyl__3E&dc_exteid=2743677221604823857&dc_pubid=4

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0CA3 0
0 60ms
59ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cgt5OXbQUY9q7OOHH3gPq-oTABLnxuJBs-ZPwxIcQsLjqsdIoEAEgvszXamCVwqaCsAegAbyEgOACyAEGqQLWhheQFrOwPqgDAaoElgJP0MmYRD7Z0wxHUTWNBYywA5QlNvho4Z8-tGT0zR_ztZfzEEQo7bd4L9PCIB9MqyP0IIDxkLi4pN4O6vMHN0I4jLU2OtlPeOpCFwKYg96KSHnjFXBAw-7p8Y-6vwHTx7_4BCyBl5WJIbyAdP4dy4B-dXuBzT05NdjIyab7eGORauGjJBd6HrR-XPVy91u-xED-U2voEnhsIAdE6_d8_1ousCIoxNxMAoR5Xp0KtOHY4Akhax6ClbL4Wse9Lvw4u_RJoF6Ehb-X4vC2kPqCvdB3b1PahnIsbuicw0KsqqSgbW1yTJlthj0_YK7qVCYo_rLNYUQ3fi2KADjJSVTwLXvKCmdEU9dwUYZts65fqVR4IE6-7XW4TcAEl-uvgowE4AQDiAXIy823Q5IFBggbEAIYAZIFCwgiEAUYA0ijmIQBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAes-_-fAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcKEN7RIBiTutXRAdIIEgiI4YBwEAEYHTID64IBOgKAQPIIG2FkeC1zdWJzeW4tNjIxNjUxOTk0MTQxMDkwMIAKA8gLAbATi-WcEMgTkfyA4QPQEwDYEw2IFAPYFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItOTk1OTczMDc1NDAzODAyNhjG3W0&sigh=_8vyaC7KAbI&uach_m=[UACH]&cid=CAQSPgCsnQUx8x9Yj3tXZ7Qpzr1PLaMCGt44Od-XRAlPUGwkvWTw8Hgf4JV9qYjGf4T8l1PDFOPUV_Rau-xrc5SC&template_id=509&vt=10
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 impl_v90.js Show response
www.googletagservices.com/dcm/ Frame 2249 54 KB
21 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v90.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 16:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21331
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 13:07:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Sep 2023 16:29:42 GMT

GET
H3 200 impl_v90.js Show response
www.googletagservices.com/dcm/ Frame C7BD 54 KB
21 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v90.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 16:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251498
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21331
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 13:07:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Sep 2023 16:29:42 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F628 52 KB
17 KB 9ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=skxljarp&e=1834762243861
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:20 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321494
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301281.551209,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 5635 0
819 B 16ms
14ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK_LfBMvxYAAAMA1gAFAQjf6NKYBhD1h5iqw8HLtXsYjYHql4-bxtEoKjYJZoaNsn4zgT8RQMvmtuwsfD8ZAAAAgOtRyD8hQMvmtuwsfD8pZoYJJPQTAjEAAABA4XqUPzDbr-0MOJhQQOUeSGVQoZ_pJFi18qABYABouJ_DAXjb8wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi_yAg0KBkhFSUdIVBIDMjUw8gIMCgVXSURUSBIDMzAw8gIhCgZMT0FERVISF3JlbmRlcl9wb3N0X2Fkc192MS5odG1s8gIYCgpJRlJBTUVfS0VZEgoxOTUwNDI1NTQz8gK_FQoLUFJFX1NDUklQVFMSrxU8c2NyaXB0PihmdW5jdGlvbigpey8qCgogQ29weXJpZ2h0IFRoZSBDbG9zdXJlIExpYnJhcnkgQXV0aG9ycy4KIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wCiovCnZhciBoPXRoaXN8fHNlbGY7dmFyIGs9QXJyYXkucHJvdG90eXBlLmluZGV4T2Y_ZnVuY3Rpb24oYSxjKXtyZXR1cm4gQXJyYXkucHJvdG90eXBlLmluZGV4T2YuY2FsbChhLGMsdm9pZCAwKX06ZnVuY3Rpb24oYSxjKXtpZigic3RyaW5nIj09PXR5cGVvZiBhKXJldHVybiJzdHJpbmciIT09dHlwZW9mIGN8fDEhPWMubGVuZ3RoPy0xOmERa_BSKGMsMCk7Zm9yKHZhciBkPTA7ZDxhLmxlbmd0aDtkKyspaWYoZCBpbiBhJiZhW2RdPT09YylyZXR1cm4gZDtyZXR1cm4tMX07LyoKCiBTUERYLUyCOgEAZg3MOCBsKGEpe2xbIiAiXShhKQ1OCCBhfQkTAD0RKBAoKXt9OxENBCBuATVYYT12b2lkIDA9PT1hP2RvY3VtZW50OmEVQyQuY3JlYXRlRWxlARkYKCJpbWciKR1FBHAoIV5wZCl7YS5nb29nbGVfaW1hZ2VfcmVxdWVzdHN8fChaGgAQPVtdKTshLBRiPW4oYS4RfAQpOyEpBCl7ARoAZS66ABkXBGY9WlMARCxnPWsoZixiKTswPD1nJiZBcjYWAqhzcGxpY2UuY2FsbChmLGcsMSl9Yi5yZW1vdmVFdmVudExpc3RlbmVyJiZiThcANCgibG9hZCIsZSwhMSk7tjoAEGVycm9yDTsYfTtiLmFkZEJzAD4UAD5wAD4gAAQmJkZIAAAoNmoAHGIuc3JjPWM7WjEBGC5wdXNoKGIu0QEEcSgpfARhPTGSNC5jdXJyZW50U2NyaXB0TRoAKDI5AjBudWxsOmEpJiYiNzciQUtoLmdldEF0dHJpYnV0ZSgiZGF0YS1qYyIpP2E6FVc8cXVlcnlTZWxlY3RvcignWw0lAD0BRAxdJyl9RR3wRnI9UmVnRXhwKCJeaHR0cHM_Oi8vKFxcd3wtKStcXC5jZG5cXC5hbXBwcm9qZWN0XFwuKG5ldHxvcmcpKFxcP3wvfCQpIik7eSsAdBXgAGgFYQxjPVtdBQkEZD0Bxgw7ZG97QXsYYj1hO3RyeQUMAGVBkxhlPSEhYiYmASRQIT1iLmxvY2F0aW9uLmhyZWYpYjp7AS2QbChiLmZvbyk7ZT0hMDticmVhayBifWNhdGNoKG0pe31lPSExfQFeCGY9ZRkXAGYBFgxpZihmKXkAZz5eAAw7ZD1idR8h9DVCJHJlZmVycmVyfHwBlyR9ZWxzZSBnPWQsDcsAYynfMG5ldyB1KGd8fCIiKSkF1RRhPWIucGEh1BmGAGEF_0x9fXdoaWxlKGEmJmIhPWEpO2I9MIXVCGE9Y43NdC0xO2I8PWE7KytiKWNbYl0uZGVwdGg9YS1iO2I9aCErOR4BrjUqOGFuY2VzdG9yT3JpZ2luc24cAA1rAD0ddQApoVsUYT0xO2E8EYpMOysrYSlnPWNbYV0sZy51cmx8fCgFCC5CATp2ABRbYS0KMV0hDBgsZy5oPSEwAeMpIgBoGash1WXlAGclFiUCBGQ9MgQBHDA8PWQ7LS1kodhIZj1jW2RdLCFnJiZyLnRlc3QoZgGPICkmJihnPWYpLAUOLCYmIWYuaCl7Yj1mO0UbAH0NXQBkFeYEJiYBzAE7BDswQWUlWggmJmQFSAEbCCk7YwWtEHYoYixntegUYy5nP2MuBfoMOmMuaQFAAH215gB2oaEcKXt0aGlzLmlB1QEJCGc9YxkiAHUdIgh1cmwRJBRoPSEhYzsFLwWIJQq9-gB3dUkYdCgpLGM9YfUKOCI_Iik7c2V0VGltZW91dC5ACEH9AGTZcxhkPy4wMTpkQTVEIShNYXRoLnJhbmRvbSgpPmQpaQ8MYj1xKCGkACJl_zQ6Ly8iKyhiJiYidHJ1ZYFrAGJWawQ4LXJjZCIpPyJwYWdlYWQyzZ0Qc3luZGlpuSAtY24uY29tIjpmIwAFIAwpKyIvCUV4L2dlbl8yMDQ_aWQ9amNhJmpjPTc3JnZlcnNpb249IoVFDGU9KGUBsQwpJiZlWpkADTEwIil8fCJ1bmtub3duImHjXCtlKyImc2FtcGxlPSIrZDtiPXdpbmRvdwVYAGY5NBRmPyExOmYhMzRlPWIubmF2aWdhdG9yKTIOAFAudXNlckFnZW50LGU9L0Nocm9tZS9JmyBlKSYmIS9FZGcZERw_ITA6ITE7ZWGTFVEwLnNlbmRCZWFjb24_Ch1pHRgkKGQpOnAoYixkLCJFCAmeCCl9fQ4OCRrfCFwwPD1jP2Euc3Vic3RyaW5nKDAsYyk6YX0J4AwucmZsLugHDTVoZW5jb2RlVVJJQ29tcG9uZW50KHcoKSl9O30p6cFBmhQpOwo8L3PFmGw-8gLJAgoKRVhUUkFfVEFHUxK6AjxkaXYgc3R5IVIMcG9zaaGxZDogYWJzb2x1dGU7IGxlZnQ6IDBweDsgdG9wDQpkdmlzaWJpbGl0eTogaGlkZGVuOyI-PGltZyDhS1WHSRRKWQJBNg0eLjICFGF3YmlkJgUG8IZfYj1BS0FtZi1EOWNkLUROOG9wTi1qbXNvYVNFNDJSOXZKWVBNRmkxUmJCWXR0YVpLNTBsOHF6LW51VXZLMEsxNmRhenEyVzRZMXlidzZZUUZTVkY5cUtYOThUdndtZGFnZ3ZzdyIgYm9yZGVyPTAgd2lkdGg9MSBoZWlnaHQ9MSBhbHQ9IiIxGoBkaXNwbGF5Om5vbmUiPjwvZGl2PvICmgEKDFBPU1RfU0MWEQwEiQEaEQw2CAEW9glQYWRzLmcuZG91YmxlY2xpY2submV0MQY8eGJmZV9iYWNrZmlsbC5qcwFlLbUNUwA-nSQgIHtyM3B4KCcxIp0MHCcpO30pKCk7PesQiw8KEEgBnjRQT1JUX1BBUkFNUxL2DpEkipUA8IFhZGZldGNoP2Fkaz0yNzY1MzA0ODA3JmFkc2FmZT1tZWRpdW0mY2xpZW50PWNhLXB1Yi0zMDc2ODkwMDEyNzQxNDY3JmZvcm1hdD0zMDB4MjUwX2FzJmlwPTE3OC4xNjIuMjA5LjE0MCZvdXRwdXQ9aHRtbCZ1bnZpZXdlZF9wb3NpQY4gX3N0YXJ0PTEmoXkRvgRlYSb3DRAmc3ViXw2HAGJBjvB9ci02Mjc5ODEwJmhsPWRlJmFjZWlkPU1Nb2J0QUNYNU5NQU5ITTBBYWgxTkFHOGV6UUJUbncwQVFSOU5BRVlmVFFCSDMwMEFZZDlOQUdJZlRRQmpYMDBBWlo5TkFHZmZUUUJvSDAwQWFSOU5BR3hmVFFCdUgwMEFieDlOQUhFARAoeG4wMEFkVjlOQUgFUAA0AUD0WwJVdHpRUUZUYzBFQmpSUGFBVmdlWEFJYS00Z0NSX3VJQXVFNXFnSW5RcW9DS0VLcUFpbENxZ0pPZXFvQ2hJV3FBb0NicWdLQm02b0NncHVxQXFLb3FnSkZ3S29DRzlTcUFwYlVxZ0twMUtvQ1U5bXFBdHpicWdMODNhb0NWZDZxQWtmZ3FnTEk0cW9DaC1TcUFxRGxxZ0plNmFvQ2J1NnFBblR5cWdMejlhb0NaUGlxQWlYN3FnSkMtNm9DU18ycUF2UUFxd0trQWFzQ3BnU3JBdmNGcXdJNUI2c0NqQW1yQW80SnF3TEZDYXNDeFF1ckFsQU1xd0lMRGFzQ1BBMnJBamtScXdMeUVhc0NaeEtyQW5VWXF3SU1IS3NDWHh5ckFtTWNxd0tmSEtzQ1VoNnJBbDBlcXdLSUhxc0NCQi1yQXFnZnF3TENJS3NDdkNHckFna2pxd0lNSTZzQ015T3JBbTBqcXdLaUpLc0N4eVdyQWowbXF3SkpKcXNDN0NlckFsUW9xd0pvS2FzQ2p5bXJBc3dwcXdKX0txc0NaaXVyQXZzcnF3TFJMS3NDbUM2ckF1RDJyUUlJczhVRjhFTGNDZEdHSXdyYV9OZ09SbS1tRHdxby14TFNxX3NTSTYzN0VtX0QteEloeGZzU19NZjdFdm5sLXhKODdQc1M3LTM3RWl2My14SnItUHNTd2YzN0Vqa0JfQkpKQWZ3U1pRSDhFb2tCX0JJMkF2d1NwUVA4RXVsYjBCTW9vdW9VRFZ3M0ZfZFdheHF3OEZrbzU3VzlhVnoyVjNnJmV4az0xlQmtPwBjrT_wsENkV0pGWXIzR1puZXhPd1FicDBwNzV1X3VJYVU4RE1sdG5PN1ZqNnBsRWhMc2huOTdjcGVTNEk2V1I2ck50X0daeUFDOXJDNTBsYzVQa2JOZlNIdWV5c0dXMDg0RUlvNldwbmVtdUtXV05yOEp0dFVrWlBZc2d4R1ZCeWd2ejNLeFVyTzhMWTN6X0ZpUkE0MjJyQ25odkpERWVYaGZhbldla3NsUmQ1eUFPUk1CUWRiTQ3AAGQRwPQbBDJySHV1OHJJR3FDakJDRWJCdGptZF9PYkVWNDktc1huTmpfTzAxalQwQjJoWEplRHEzNmliU2ZHem9PRHRkVEZGUXQ5M0JqQUdEWDg3VGw2UU9YZk0wZzIwYmgyMThBNzAxMXJYRjlTalBzcjdicloySUNWWm94NG5VNk1Qb2k5R2x2eHNWYUlqdkZRMURpeVZSZXdmTk9KUWJackpDcTZXVzU1SVlySEdxSGd5R1Y2Ty03UV80SkMwTVpwYkQ3NmV3WG1zdmwzeHgwU1piX3kzN1VfYmFoVk1LLUxGcUVUWFhIQzR2NVRJQlNoQ1NyczAzeHB3ZjdSeXZFTWc3aGFTRFktdkY0Tlp0ZXJJeDJ3UG1DMVZBOTlvUHFZQnpBWkxTOTJwQXJ0dmN1QzFlZ290QXVqRVd5cVU2ZWQxV2FUUVdpZnZrRVItRXJiY1hBeUdXajRpenNuUmVuclA3Q0JLRzdITVZrTVBQVGZOWnE0c21RU0hydzBmcXYxOHZ1Y3BfOWxobWkzZlVzVFczcnpfVENveWZUX0JfWW83S2NSU3pWTEEyMW0xdWdha2VBeXBmTWhnNTFWZndheURyOXZFSno4dlVVRnZSeUpVdU1fSkJGdm1DZWNDaDRNRWZSTjkzcDlUb2pmQzlZVFl5eU81X1diMG5HZVdvOUd4YTlKdW1Ib2MwTENEdUk5RE16Y3RrNnFiMGo2bmkzdmQ5WDZEWEIyblF6VFhxUUlDZmxIalNxVV93VkJFN2pOQWtGaEZ2RTJGZlJqU2p2LTdEYXhqVHdOd01Sb25zVE1mRExoYWhfMlY2aGxxak9EOW9Lcm8zWjc2Vk1wRnVpNEU0Wlc1Nk1iUU8wVDd4ZFlMdDh5MzhFSUpkZk4xTGNZOU0yd0xIaVo4T0xUSnRDNFRKY1UmY2lkPUNBQVNCT1JvV3dJJmFfY2lkPYADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7bAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTQwqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANoEAggB4AQB8AShn-kkiAUBmAUAoAW80I_Y7JSkgjjABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWhxwv6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG7o8B2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcMMTQ0ODkxODg4NjY0ugcPCAAQABgAIAAwADi6BkAAyAfb8wXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=7798d0845c1da0609df3d24463f85fc3f4be9cb8&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dskxljarp%26e%3D1834762243861,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dskxljarp%26e%3D1834762243861&

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=skxljarp&e=1834762243861

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 349d5fcb-78bd-43ff-8f2a-7d522d60722b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EFA0 458 B
302 B 71ms
68ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjLzZmxATAB&v=APEucNU02-nESgZfkQnrn7Ri9RNVeTCuc41NJGxhZcg_B0Fy0k8HkQdqa6GP-HYlzknzCz922GEBWYx6umF_TX1L7px_c3k0SbDhOXcIqzZ3IP8PsUCP6U-JTEx8Rf1vBZzvBEKRhwY7AzVDYZBEIOu3TDaBznUWFpv6Ok787H8nbATlaNLhTuw

Requested by

Host: 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
URL: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3aadd6520c5272231979cd6f9cba3c2d42795007c581dd147b3a1356a524edc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 281
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 526B 106 KB
37 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/
Origin: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 16:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Sep 2022 16:55:34 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 526B 6 KB
3 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2640
x-xss-protection: 0
server: cafe
etag: 2603454828624189567
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:21:03 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 526B 23 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite_fy2021.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:43:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9632
x-xss-protection: 0
server: cafe
etag: 2755732409155645664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 13:43:07 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 526B 42 B
63 B 53ms
52ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DCPnfcmQ3mC53FHSUjnDmr8YoYTwSbOQX2vbm5jCCimrKzwuWPXIMDII_yJpofkEeUTJhU7E9TLbo7rsorYn5APhUh7TfD62FloDvZoRY8pdOWo1E

Requested by

Host: 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
URL: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

px.gif
d.adtriba.com/ Frame 526B
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_s_alw-on
https://d.adtriba.com/px.gif

42 B
227 B

11ms
11ms

Image
image/gif

52.57.145.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
URL: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Server: 52.57.145.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-145-143.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Last-Modified: Sun, 04 Sep 2022 14:21:20 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 526B 3 KB
1 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
URL: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 526B 142 KB
44 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
URL: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:20 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 526B 17 KB
7 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
URL: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:13:08 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 526B 0
0 24ms
22ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSA3bvOwN8Ji5OTpWePIg2YE9mjRmoLblddpV8iIDB4I5iTqyzSST3A__jv0T0nNjmUcTSHkPixicR-AKjWkvW76xOlNw
Requested by: Host: 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
URL: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3B18
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGMhmGNMrkX6xhgtL9RGhz8&google_cver=1

0
239 B

64ms
13ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGMhmGNMrkX6xhgtL9RGhz8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnsJBC_m8_xAxjGv-nRATAB&v=APEucNVvMpQzNF8shX3_SWkVlSXDpvBSmec7fsQoHrObOFYuKhuU3l5KPvJn2kmf2xozfZGhlfNKf1zHlrodvCY65cURZydCLNFCyW-N2mSv7D4jS1CnJNnt19CjlGMVGFZZ3s6XJQ5mcHUrQICM2f-lE-PagLo66CqDTRVMNSaHlOYI9pSKwCw
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGMhmGNMrkX6xhgtL9RGhz8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B18
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDllMWUzODkxM2RjY2ExOWQ3YmY3MTk5M2M3ZjE2ZjQxYTc1NDc1NA

170 B
188 B

29ms
27ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDllMWUzODkxM2RjY2ExOWQ3YmY3MTk5M2M3ZjE2ZjQxYTc1NDc1NA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnsJBC_m8_xAxjGv-nRATAB&v=APEucNVvMpQzNF8shX3_SWkVlSXDpvBSmec7fsQoHrObOFYuKhuU3l5KPvJn2kmf2xozfZGhlfNKf1zHlrodvCY65cURZydCLNFCyW-N2mSv7D4jS1CnJNnt19CjlGMVGFZZ3s6XJQ5mcHUrQICM2f-lE-PagLo66CqDTRVMNSaHlOYI9pSKwCw

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDllMWUzODkxM2RjY2ExOWQ3YmY3MTk5M2M3ZjE2ZjQxYTc1NDc1NA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 3B18
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIaX-Fe-vWVbPrXuiXESv2E&google_cver=1

43 B
61 B

20ms
19ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIaX-Fe-vWVbPrXuiXESv2E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnsJBC_m8_xAxjGv-nRATAB&v=APEucNVvMpQzNF8shX3_SWkVlSXDpvBSmec7fsQoHrObOFYuKhuU3l5KPvJn2kmf2xozfZGhlfNKf1zHlrodvCY65cURZydCLNFCyW-N2mSv7D4jS1CnJNnt19CjlGMVGFZZ3s6XJQ5mcHUrQICM2f-lE-PagLo66CqDTRVMNSaHlOYI9pSKwCw
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIaX-Fe-vWVbPrXuiXESv2E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 3B18 43 B
131 B 37ms
23ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnsJBC_m8_xAxjGv-nRATAB&v=APEucNVvMpQzNF8shX3_SWkVlSXDpvBSmec7fsQoHrObOFYuKhuU3l5KPvJn2kmf2xozfZGhlfNKf1zHlrodvCY65cURZydCLNFCyW-N2mSv7D4jS1CnJNnt19CjlGMVGFZZ3s6XJQ5mcHUrQICM2f-lE-PagLo66CqDTRVMNSaHlOYI9pSKwCw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ad-choices.css
static.adbutter.net/dco/ Frame 8D4C 1 KB
684 B 320ms
17ms Stylesheet
text/css 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adbutter.net/dco/ad-choices.css
Requested by: Host: static.adbutter.net
URL: https://static.adbutter.net/libjs/third-party-pixel.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: acec236733d5f9fe383b6f48f287b22277e5a18478976810ce503e7cd7f0a371

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 09:50:10 GMT
content-encoding: br
last-modified: Wed, 06 Jul 2022 13:23:22 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "62c58cca-5eb"
x-cacheable: Matched cache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=18000
x-cdn-pop: rbx1
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 357
x-request-id: 537264606

GET
H2 200 adchoices.png
static.adbutter.net/dco/img/ Frame 8D4C 554 B
859 B 321ms
18ms Image
image/png 46.105.201.233
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adbutter.net/dco/img/adchoices.png
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=vksbyedf&e=1957767944024
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.233 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 31efeb7bd7ac7560d47cc93debc722a4b1c1925f261151b1ee5601cb3cc8c0c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 09:50:04 GMT
last-modified: Wed, 06 Jul 2022 13:23:22 GMT
x-cdn-pop-ip: 51.254.41.128/25
etag: "62c58cca-22a"
x-cacheable: Matched cache
content-type: image/png
cache-control: max-age=18000
x-cdn-pop: rbx1
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-request-id: 249957287

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5B4B 13 KB
5 KB 17ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4539
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 13:05:41 GMT
expires: Mon, 04 Sep 2023 13:05:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2BE2 783 B
535 B 51ms
49ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ca2d5ce32706e456229af7e2ad295ec345f1c7b95cd9bcdd71d396ce40665892

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-unP8qLQfheq1n065OnK7wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-unP8qLQfheq1n065OnK7wA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:20 GMT
expires: Sun, 04 Sep 2022 14:21:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 5336787829176526803
s0.2mdn.net/simgad/ Frame 3AD2 55 KB
55 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5336787829176526803

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7uw8QApOHlc26dRTsXGCrYXgLPMjXzb3H3U9tyJETjDuf-ZZTjFsEANrsMol7uDBPpJY5FhXheb8wgeh7BuiiNM2wKwVE6rUwIzXALtpKaOkbaZHvJxxp5fgSzRi0mvIj8h46TEdIs5RG93PxqMRFo7V3iw&cry=1&dbm_d=AKAmf-A0Kq4Hb3iqW-FbmJYZu_HQOVYlJxAYGxwEIW9QobMg2GlJYd0Kkgt_1Al8pKWqMSLcyXRbKbpx92UupQKEBRhld-ZB8NX2xycs0ghEiVJ_LuauYBygvif4pExF6IzUZdnYL7pGZOd5zFa46O-_htzvdxf4vz0wGWytMYVqIjrnzzuzHwYFgv2_3op8kS4Po4gK0toh3z20LssspdTaAtTvOee_TpNAe5O1SJPGA_yHSwJxXVxz6b-lSLPW_xVor4dLLrZSRowIw_eQSTLHu0btbp7p5cT-Anx5lvf2YTWI2KfD1_CrejNF9o6fBUmmozNFiVoILOwbLi2eXujAutKW8onsrYiLzbfuounjgh1cWvGn6o_Hn0SFM5OPHy526kVO_dhiqQRQ9GYyY32Y_XSgFnlPXMmN6qtYZKYTZSkn6qfJSS8mth3i74QizX7d7XtJo7YygKwmY3vj-HZ4XNq1m37P4O_Mgs9g3AeDPxXfadVcm8K6v6fCWnOyJ7QzSswiWwlAmeREmN-3vGFy_NmdqmKAWPeyXKGIV46rQP9DtQAAH52GyDGhg9_Ily2PRaJZoqMmkBcxtg2P4Hhfs9jbk9uaFQP3rdQhelkagrlX4TDBYxeycmaxaumlynOLr4M20upJsZH98fDp6_Px_mQwFbu2z6EM8Mjsz5P0zL4LEOaVkryzkeGP3itYiCgXz_mnu9bJXqdOAo2cJe2HfdvGKbcvl6E2toUvvJBF4kRKwtVM2uOtDgCtQSsHsCuFQGmIUDwJT1HGxovEhilO3wH5JDdVOvX0sQIsyEPY3JKfxBY2EkTSvoBpWFjf307a7MggIFEz4LWEJX6_LHIN06b9Q_rUkfwDVKT5NIPjCDoR0cCL3nIsDS50DjobWTl4KW3itTXhxOb12CZ626UuIcRaBGv2M8kY61bCiQml9iEnW6kHkrQYZJ0MpgF8dok2lhOU5e7Xz1XvSIRTKmXd8lCJghH4ruNClBT5MWsvbVWIAKrCbCYqEvb5_4zVenTMGHePnYzBoqzmWqGZQ_HhaLKuBS4PYJwdVWwtmaR5qRifgBshi7_UjyHRE4jAPoUc19DHyjRaDvtQIhUIFiwVI8UN0ERspKqM0BLbZLgQGEhwehIFGhmLSIvSn-R8lFirHkC_niakdyF-xSeBUt5_8xZV7dgO8hK7kCgy9-GEkW1KjuwvxaN0lpZubHnZVxGZXj6VDGy5M1tk8adkghwSeiYXiQjuy7VnRvUrz17bnj6itdaBRaImx2C2FOd2F7ijqa858J7UiPLLxafJc76g2D-ivwtH-H-Z_9g42ftHlXYaRn9483nFbosSBk4xDVpzbLNNo7cKv4mtQr1g3lcs7O17ISGcBKgaq9BtH2ypcs_vBr9Ox6OJmat65LIu4w6gfZ0mZYz7OdEPBIWdlGIWoDaQcFXyrIYHBY9q387EKunHYJhzd2rT711C_gOI6eOU4S-u4x5uG-7OWmem2LI1OSky5_kymybAaqmTfAp6raDLUkZYhLr752VkIjJO683j2qLsLURQBIGhbUwrYXzllGpMvfP-GK5eQynjL26hh9fuxeka_f04_nbVlWyJZyUZCLed9wj0pNys3sFrboftaO0LdHdpyLAJoFRlbOD3JM-lVYowWKovOVpYGUpy8JOZ8ICeaOe0aqRVi--WEDyH_XdUjfq2eF70Ix_rDFOEzMAopXm9mPWaB7xws7FAe7g_qUNdLNVWafI0i6Fx76m50SxbzcdYhNgPBelBzYWmhic_pZs-7rToMOAZajM1z8jnOHp5IQRIRQfcijGi3aFIZdAstUhfiaDvpi63vzT0ay9sSStnkeXj4_OW_XpcvJ7KyM9f6H9e8Wa7CZ8tpfL4TxFf3F9-r-DmKn_pRIA33An7y22PygGBoAMMn7LyT2_c3AFhtZQXMoPhtyQq7wf9izqKpvVSPqjBl07aeino4URlhnpfNpHZYGI8znLhOWUBRoTzSggJLxXig6w7qumQ53SVbvEe-9RuO9ohV9cZoZw4dSijWgYGVJzM2V55ZGy95L0P9cWFgH7YKrC5Ecrh9JCQJ06U4FQABOtWE_1DCn8xnJ96KRBrqQu6lukMgm4vQrJ1nwSaYBp52btmCAuxb64HOiJM0Ps0b7m9pSUswQ5O5QNr5qQmKIXcKgYiRV0D1hF11rvSOUuVudZiGFrSp9D0MZLP0JVQ097kxMwFZPil7WEVXnj7_BR-NpshdPK2VY5lIP2v4lP0COMImQFE2kge21PNDo7UYqcmzJkpZy_4ah5XeB4mdkfWHvnRA0CcDhYtcYVW4MMI3RiBXuH-vrD_guoQH_V_udtKN5PebHdpJmSlBgB494VveuGZg69fK4Vrk4PgCslyrYIphEq-7l3Ge01ouVAhdwfE7WlLFYjEsLnTUFt2IVTwrukv9Sy5lPk-TG54yPn8Q4fL8jk3EZmR9VYOiD8Y-D7I9CdwJPq6kVCJfU7lU-iS2N4tjuFGht9BwUpaZ1WBwk3UCg2q0G2aVsDVkzk131DI7xxYnZGwxpaiz9UeG_JHjeWhqPHJGSKbP7_ena5shxMgTCEAkSztpbjp4JG5JRLr8rVvPXDNR9l7R7-karVoR0h8ikzMwLKFwXr_Z2tPUfG0CCQRoIXqyTPjXLlqnY07WCqv9Dg5K5Jb2s0NdIbaWBXhfBJzwb5srzwHoT9HKoqNOdGoO5cqCKXfa5QsoBgP6C3T4_ydpCHcVkH9VUm1MHHQcWUGkTK2xo7Hp1tfND0-jXvfmAwrU4UQm1v9whQIw2k81tQvfLbPP3rCgfwqXw72CLOLbonQendofrUTyB9xlZZx_8cddsKBZAJ_UYtB9MjV7Xcs78fprsvecOlgqwsJ69_Qlsn-gMDfguluTuLj7RtZ4obIsU8uxZEsaDS_GRdmm7P6VVyHhNTuWW2cZ6hwg8gPdYuOuuZhsTAYziBlFJOVa6eYOcr9iqS6Zir9ej_cuGG2DQlxMJk_twFxu8K2rB-XRWxw94Jw2L3UeLStyDtUwBCow2YHQtTj_qTYTg6qE1RtGGy_yTxkZaWU16hCp4z_guVErWgpjKdhuskyGXmLtNAHuALzQF3FALOJqaxOQrOOe7SFr17hmNiOZ4HGEj067z0DXGyBIh2Q872pLDHkb4gqQy-JQ8OqKpoDEi9O1v1A_0PyDBHiGrbPbxMW56Iln8T3BPfS&pr=8:36C713CDA900125C&cid=CAASBORon_c&rfl=2%2Chttps%253A%252F%252Fearnme.club%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

246d55b6ef0bb428e645bb958717046721a0dd3a1c2c798534dfd18caa726d44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 22:26:21 GMT
x-content-type-options: nosniff
age: 402899
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56092
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 14:26:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 22:26:21 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 3AD2 30 KB
12 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11778
x-xss-protection: 0
server: cafe
etag: 15541287485089275602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:19:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3AD2 142 KB
44 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 3AD2 8 KB
3 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:07:31 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3AD2 0
27 B 61ms
61ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvOL2faCEAy1cDCUVzxkVxHb3aw4oHa-vuQfdP8Rh5PzimKSWI23auzoqsok_IpUc2GDI15_LDTEEJqCL922vuYm5ESDxqvM8zVrtIy-4aUbS47J1EftMsUwUGHbjIyivLmrsVj5-q9uTHOJxa83wm0RryFcYU0wU4HQMk4G6XMZ3KdiWy7DbZSUtf4CSunQZYr3J2t9I0zfER89fYCqn6qRyYEX8lgk1h8Kqrr3dcpLH1dJNivgSwGLVGcahn2KIe82x7ULpRqEnt9q2USZJikcr_iJ4_skdHQZgt8JfJ_vsR_6Rf-Vg2sPFJiQOLKzD1EOeEGVbyBqOaL1krEDh5ctOiFuiPImEGYslSTKh3yF2dSJr1AEB3z-kOwdR5qK3mBCQuXfDXjsV0eQgJBN_399ylgaPpk2L-FkwwtAT4z2xG28sytUpKZc6XVr11Dy0ZnRe658t6C_isFQeCIB3Eu6gMshEvB1sXb3fTe5OpeWyhhPVHyIa3Vgu9Unpa34ld65Cj118AhoqDhgbbZ3HoSFJ8x-PIBkYVa9I9v0ztdBXbJZA4xcN4_stBCoWNGmcUMTdMLvPK4akeAMRtaOM7K4H52lrW8EZDQHoU2VHNQL828MZP3sAqxsxnYkbXSLIn3l6emyWUk9hD9M8vaMeuhyyJGbey60F934KiwykKKAZxklb5VCnYJrRW_-WqaXdHnLxMQOp-zIwXgYJrwG0LbobIb30tdtJbJe7dubjqfyF_M0BsWJNMNJdH0enYF2iX-Bhpnntt0K0oHvtDsNyBburna1FPYHuliFhiaddUtANXk2nKo4TMhashylbWZHH_0-A28_EuWmgRtUUQ-ROGROBSgG3UZ9po4yYMKDUikhkT_vAfKDfmXVAk_vT5iWG7r12TGrtvPrFE2GKdEDbRlXZCY5AizevhSHs3rynFTAmLCsDbUmg4igsiSEobG66ynrD6_Lng9sn0YO-2pzoxtAw1TCcz3SSHOd-fe9tw4-gygHDM34K8c69Kqpus05KDjA4deueD_dKd14a13JKkXcMUPRiIMrJyHQ_ANY3kj66Ljzualaa9Lc7Bg38kAuuc8UBVqTwahB3MdcvXqmNJ7s1ZzHeXuh6i_qFCEhGVzMr9NlCuLXoWE4v3twZ4&sai=AMfl-YQ0E-q7bd_KMoprADSF-kvGg9IXDCzRoX8ZVu2-pJ8jqtl7flIncyxxmx4xUQkrsyMX7vzoUqt1wVBWCi-otte1YZfYWJ5C-b3bhLBnxySjtXSAeb0Kr7hPR8Eq_NozPCKL&sig=Cg0ArKJSzC4VdcRgKVT2EAE&uach_m=[UACH]&pr=8:36C713CDA900125C&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220831.80523&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 04 Sep 2022 14:21:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3AD2 41 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
H/1.1

200
OK

request.php Show response
ad.ad-srv.net/ Frame 0149
Redirect Chain

https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2...
https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2...

5 KB
2 KB

61ms
34ms

Document
text/html

138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dzqobcegrs%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUPy5L793l_0MwjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAQiXozgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521JRfSkAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyMUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTIx%2Fbn%3D97002%2Fclickenc%3D&uidRedirect=1
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUPy5L793l_0MwjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAQiXozgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521JRfSkAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyMUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTIx%2Fbn%3D97002%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=300805794
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e660349bf043da9567cab49e2da43fd3ad300bfe29482b6de93e3451ef9e4575

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1797
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 14:21:20 GMT
Expires: Sun, 04 Sep 2022 15:21:20 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 65059300066552001467939012072010

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:20 GMT
Expires: Sun, 04 Sep 2022 15:21:20 +0200
Location: request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dzqobcegrs%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUPy5L793l_0MwjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAQiXozgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521JRfSkAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyMUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTIx%2Fbn%3D97002%2Fclickenc%3D&uidRedirect=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 42B2 52 KB
17 KB 9ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=zqobcegrs&e=1957767944024
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:20 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321495
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301281.611058,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame D42A 0
819 B 18ms
15ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLWDPD9VgYAAAMA1gAFAQjf6NKYBhCulr3v3fz_oTAYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAA4KNwzT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w77zfDDiYUEDKTkgCUJP8-WZYtfKgAWAAaIn9wwF46vUFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhRFdYMWl3akZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VPLTgzd3hZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpFeU1lQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCZWt2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUpSZlNrQTYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEUVUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8EBEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIv8gIRCgZBRFZfSUQSBzQ1MjUzNjLyAhIKBkNQRwEUBAgxbRMY8gIKCgVDUAEUOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAADwkgQENPREUSAzYxNfICFgoIQ1BHCRJECmZkMjA4Y2I3MzPyAgsKB0NQCRgcAPICEAoFSU8BZgAHbaoY8gIOCgdJTwkhCUs4EwoPQ1VTVE9NX01PREVMAS4UAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHA0KCFNQTElUAU3w7QEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MTIx2gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGuzPaBhYKEAAAAAAFNw0BXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi6BkAAyAfq9QXSBw0JDTcFOAjaBwYJJ2jgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=aca5636485727d2447cc1a363abfc1f91f9e83c9&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dzqobcegrs%26e%3D1957767944024,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dzqobcegrs%26e%3D1957767944024&

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=zqobcegrs&e=1957767944024

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 53aca069-93b1-44e7-bc51-230bc6fcf792
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E416 13 KB
5 KB 19ms
16ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4539
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 13:05:41 GMT
expires: Mon, 04 Sep 2023 13:05:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7612 783 B
536 B 35ms
27ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b4b982a1fd1fcad684cc4a0f83628b3483d49a13f4195d9677d7bb3ff43cef7e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xLpVzLW3POV2COWvVsvJgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-xLpVzLW3POV2COWvVsvJgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:20 GMT
expires: Sun, 04 Sep 2022 14:21:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6685
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEAM-HYTvwg9Q6LJySdcwoxw&google_cver=1

0
225 B

250ms
19ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEAM-HYTvwg9Q6LJySdcwoxw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnsJBC_m8_xAxjGv-nRATAB&v=APEucNXwK_JuYiF7G5nh5rrgue_jEAZslNNFakpG5XHhQaKfGowIUtta2L69qqfBQRUe5I2yoOq4l_wNu17llTxRlVgco7tiWaRm5UyQtxuEhrpWB8ulL2kdEGe9KpMpuoUQr8yQ-P-xCwa7CeNd28ezUSH2GrBRk8UpvnYzRdWeirU7-NV3Hl0
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:21 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache, private
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type: text/html; charset=utf-8

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEAM-HYTvwg9Q6LJySdcwoxw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 350
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 6685 0
166 B 98ms
13ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnsJBC_m8_xAxjGv-nRATAB&v=APEucNXwK_JuYiF7G5nh5rrgue_jEAZslNNFakpG5XHhQaKfGowIUtta2L69qqfBQRUe5I2yoOq4l_wNu17llTxRlVgco7tiWaRm5UyQtxuEhrpWB8ulL2kdEGe9KpMpuoUQr8yQ-P-xCwa7CeNd28ezUSH2GrBRk8UpvnYzRdWeirU7-NV3Hl0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

um
sync.teads.tv/ Frame 6685
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEFArhSyvwdrgax-0PJrP6Ww&google_cver=1

23 B
172 B

41ms
41ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEFArhSyvwdrgax-0PJrP6Ww&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnsJBC_m8_xAxjGv-nRATAB&v=APEucNXwK_JuYiF7G5nh5rrgue_jEAZslNNFakpG5XHhQaKfGowIUtta2L69qqfBQRUe5I2yoOq4l_wNu17llTxRlVgco7tiWaRm5UyQtxuEhrpWB8ulL2kdEGe9KpMpuoUQr8yQ-P-xCwa7CeNd28ezUSH2GrBRk8UpvnYzRdWeirU7-NV3Hl0
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 04 Sep 2022 14:21:21 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEFArhSyvwdrgax-0PJrP6Ww&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 6685 23 B
172 B 124ms
58ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnsJBC_m8_xAxjGv-nRATAB&v=APEucNXwK_JuYiF7G5nh5rrgue_jEAZslNNFakpG5XHhQaKfGowIUtta2L69qqfBQRUe5I2yoOq4l_wNu17llTxRlVgco7tiWaRm5UyQtxuEhrpWB8ulL2kdEGe9KpMpuoUQr8yQ-P-xCwa7CeNd28ezUSH2GrBRk8UpvnYzRdWeirU7-NV3Hl0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 04 Sep 2022 14:21:21 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H/1.1

200
OK

request.php Show response
ad.ad-srv.net/ Frame F74F
Redirect Chain

https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2...
https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2...

5 KB
2 KB

58ms
31ms

Document
text/html

138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dtcsdeolg%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP5X7-VffJzUojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAVyYs5AAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LBe7kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjExOUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTE5%2Fbn%3D96994%2Fclickenc%3D&uidRedirect=1
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP5X7-VffJzUojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAVyYs5AAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LBe7kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjExOUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTE5%2Fbn%3D96994%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1253409750
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 7c15a87a92d430919dc2e02ba4c19e73cbedda992ce9ce92eabdee1d1e7f312f

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1795
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 14:21:20 GMT
Expires: Sun, 04 Sep 2022 15:21:20 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 38291500066552101467939012072010

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:20 GMT
Expires: Sun, 04 Sep 2022 15:21:20 +0200
Location: request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dtcsdeolg%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP5X7-VffJzUojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAVyYs5AAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LBe7kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjExOUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTE5%2Fbn%3D96994%2Fclickenc%3D&uidRedirect=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 575F 52 KB
17 KB 13ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=tcsdeolg&e=1534108800930
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:20 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321496
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301281.634735,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 8F91 0
819 B 20ms
15ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLWDPD9VgYAAAMA1gAFAQjf6NKYBhCV9-e_9fvJmigYjYHql4-bxtEoKjYJjXHQvsBmkj8R9vLvPuFviD8ZAAAAoJmZyT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w16_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaJzcxAF44vUFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhLTJRRWNRakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOZXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpFeE9lQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCZWN2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUxCZTdrZzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEUVUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8EBEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIv8gIRCgZBRFZfSUQSBzQ1MjUzNjLyAhIKBkNQRwEUBAgxbRMY8gIKCgVDUAEUOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAADwkgQENPREUSAzYxNfICFgoIQ1BHCRJECmZkMjA4Y2I3MzPyAgsKB0NQCRgcAPICEAoFSU8BZgAHbaoY8gIOCgdJTwkhCUs4EwoPQ1VTVE9NX01PREVMAS4UAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHA0KCFNQTElUAU3w7QEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MTE52gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGuzPaBhYKEAAAAAAFNw0BXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi6BkAAyAfi9QXSBw0JDTcFOAjaBwYJJ2jgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=39d2f238a587c163ef59069463118177b835bff4&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dtcsdeolg%26e%3D1534108800930,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dtcsdeolg%26e%3D1534108800930&

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=tcsdeolg&e=1534108800930

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 843d8f40-93db-4155-b07f-3047b8d1f4fa
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 5336787829176526803
s0.2mdn.net/simgad/ Frame 5C2B 55 KB
55 KB 21ms
16ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5336787829176526803

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNbj1an1EcanEt3OhdCnhzy2rb5EXf6u2PF-4MwX5R2gWjQ_nUvYuoJpflTv2YEopuX9lQhgTnw6dqtSX7Y9ce9cNF4lj0G4UFixN-fqNNPM9og87Z1TW6hUcx9vRTgxOAY4J6Dt75qyvALsNjWM-bMoSrtw&cry=1&dbm_d=AKAmf-BCT9zim6Tmj9xHl7Y6SxlGutemWlcwxc-alydYCCnSeFOFfCwSrD1pIsUtxOi0locUppTMAZnELp7rljkFYBZF-DeWvEy8RmZOYvJedy36887TZ3yoFDAm40AkcpJwH-7YAnONDvzs4BKTNQq4TH3HRRjUcXb-LmQ0bPT858sOOzOVYdycDxCUbqhMpTa4Hat7F68K4kjYrRHXMzTcKl40kQh9kPbKIS-L5ghzhXUZbgJ5N_ap7dzBerVW1im6PAJpDFaxrL5Cj3qzfvQNKP4jVf11QnkgBhjnVXm-Tigd_1v1IWNGBqWjc9aa6CT6VhiljNZa0HG3MXmyQmRl8V6HwUhQ2HuMkXrtCezwQ22Yu9dO8EEkSropmDrEd8Bu2C2HTxUEaEWWMxENGpEfSmiAff0u6pbRclgezItA7eGHV6D1GtQTzgMSJzLKRAO2wOAv86AgVZ-rroqh8aR4e8zJ9v3pFkyIY2WtIrJeWWLgxkf04WbNIjL6upYkaGK3YT3kwqieHleNyh25krHnJUoLiOEllQPusgtOcDBBW5e2wca8QgxT9c_Rsp4nwH9f77TD3Zee3TOtch413KZY67jb42vblFfb9AJNtN30zG7SXtQ1XQGqSvAScfZk3M2wNXA5H4-kAbl5o5AcAWl5xqWlEAoJauem8roFQ1w4PCaNTRXfG-wF56Oi3SJA_WsDKwHHLmcOCy0HUEeE9-tJS4D1oqhH8u0rDDT9q3zfEg8SWIxW67Hck2e9oBx0UZmBxqdq_keCY_i6YnlCjaTKY_gvLi1cRO2fm_iYlSLeSXLXoKUhmtCxPcYeX65U0kf_zxOgiHPl_Pcw_m5FVEPa2PpXtLHRAFBPjUWv4s6MM873rV6Slhrr7BYS7uJAi9VK845mt4qNeNevKBKFpZeS1unjhKu4fiUmAeLeXwolE4b0FFSlmJAUk0UMOunfQHjbHWq9U78XBGi8W02LkScLh6IYRSzjlrDUc_--A1iqzNZSJXr44_dGCse-e1Mzh5DjVxc7J7w2gVoqc2wxoh0v9VP6IRqxGslFsyval9LlG7h98aCafD3s2VBQ_JodvIdbo4uljwCoHSNnWbM68yAJFZBY2I4Ptwk48_bgnlhRmUDdNYqMsh51vRTRH0vVhILKEq85TyvtvXwp8VGNVNmhkyENfwTDwkECLAVLhJnTsZ8jChhewxTFjDVxHDVgjMF5tiaV4EieW2njq-ErFcy4d4aDjcbg0f0OACfgQldNTbyb-s4QGdB6Qq1PSnWBxX07qP57XL8bY2YtijloZxO_Kll7guBfkM-jB_c_io49r8LlqV-a0WgvxdTHIOZyGmHdFvhqTxKMkxAtwOhmKhzLjdU7amZm5oX7TLRTeZP01QN1-EG4gwiPvwmu3vrUBgntsigypSaGYoBMJCfed3H9y9-V2t611xPxC0m1uFkJw6FMcAcIbE_xE1wQU6e1TRc-_RMw0E-yMUh7gXAV2ZMWRH-N58yLhxwQmvHN8nQ3vxRPK5SRgT5qnxXDxt8ZnwMFdN7Oy3gt-vUg9Mf_kEdu_OSAnPx9XufQ41V6zIEj_BOmqybz2CfJ_FhT5P-6NsS-y15P9W2jinSkE3J7Qsx7269J2vAsi22QgU1K3n1azEdR3RjsihfwGCLqxpvt-BCs-gSSdKg-NJ4Miq6urSE9GsZwkln0n3eNOfZm69mO8CsMfXfLLg5rD_4okgTRsyXzeoqZ3ynDJ5okG6kDLkktvvNgADYkU74v-cAENHRt4OxG3AjT4uv3psS5Fb1J6lt28lQhwjjEvZFAi0_GvlbfJtOIhpL69YhR2Y92fVHnrBosKSxg9HfTDQNDmUFphkZNqLW2PlJyRSXkcRB0MFaPQJmhmzoAGNOfFdrKKrVKNaXgXiQV3PKMLWqwjpq-yk7xI0_DLnRFUj91XALJxgea9Oo492eKyLOhg6Y7n3FmL1WF6V3ST3gjxZQJi3z29Tko7XunFfDIkWQL_sICD3Wh5m_Ez7mlRAAwCavz28bpx1VGPRKj8OI4svNDgWAJaIWXvuFYgoTvwxF6r90em4EPwkFGmh-iPBgcba_jXVWKDf4OUpDpG5kny6GR-no0l-uxTXSVyS-FgmzMHLPpGGfIbHUsZyrDBn1Kl_FAQZNTImimZ63aE3TEOPAa3dC6lN18DmpXizprQYlPgu5eKU12k9XMfbm10FlrMQLoPcFfBVgFgfTuDmONi4PimD4wNoQOpA8G77RyvQBy5OsQMuaiU7wWBWCgkrL7nfqIkNiu9Ylz_yAbK5ZnFowrBco-Z4SmUWLrkdWpid9EYJOT-KuUuuPTxa_T4JIGn-X4U0yF7qXGAqTiOn5E-snlgHbe83AQ0zQpFkdLDH63EIuHnnlsqboBLOOpPYrBJiMXwII7P4QnEaRa6LYFt-0ogX1xj2czOTgKcsVbslFSpoJWGYUuogJcmKSh-Us6ilulqxdUykzqHns9glxShIbNWU-0978n0LF_a5ayyuzHgeWGf8IayaIOB0DcpVsOqdzcxGv0o-fWq-0PBX61_5N2tH1AwCi-oxnzD9qcHbachjmYqeJs9gJ28tLdwvV9h-eznaAl-fOxd2HuqdHwLBNpCYshjSw0rYVvmPEVEKT-jlM6B1A7NzUgSjl6HaowDPFaen--Zeb84xhPUcGbQUFXtWhl9gQvFqppYJbarBSV5p5nmjYfLSBzqy4veioZ7tEozuaTwNlktnH5J9pJEjxaUBdQJtL38iB7EjVfbBhXTgPPPL7UI1I_rFrybwmA5Jc1kpe6J7c_eOg0AMRf6dwP-NHe2nR-ypONtSw4UpcLXyV-yx15t_VKalSXDxq6VbuDtdTDCvPKhBqAAb6Q-cVkCDB2d_BzX5sNoCfV83kzXpfUu7-vSOGi_lExj8Rm28kpCgloZ1oD9hKLoOuWjvCQpEii4Gr7Dh04uEmiAPOn1bEB3ECqQFSL14CaKw6pM0dLIStSwpjtwQDIW582P_ZvXzbE87WHooxfNlJNXgEEySanNoWI3JGW02nPzZeQxzi4sOFBUD33mLYMbWADkvAUu2wSmZefEQ_KXX6exfOwCpfTiZUotDNq6NvYFKP7wHXKq_2gdjf-RfUdHJ--ZB76feo1pSXhes95gGZNU1G1YDsi4_cZvQtHMi5XnzuT1o6rxx9Kl0ghpdDKruyFCVrqiTDSFarUvCWh85V1&pr=8:E564CC02B563DC02&cid=CAASBORovoE&rfl=2%2Chttps%253A%252F%252Fearnme.club%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

246d55b6ef0bb428e645bb958717046721a0dd3a1c2c798534dfd18caa726d44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 22:26:21 GMT
x-content-type-options: nosniff
age: 402899
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56092
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 14:26:46 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 22:26:21 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 5C2B 30 KB
12 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11778
x-xss-protection: 0
server: cafe
etag: 15541287485089275602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:19:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C2B 142 KB
44 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:20 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 5C2B 8 KB
3 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:07:31 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5C2B 0
27 B 60ms
59ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuIVXXR_Ax5Jdbjmq5S1Yli2xScajaQJXQjG1dPwxf0GIetpNlqEl0-66BuoG2eugq53CA-jEqksu9vb0vR7k_0CnouFDG8tBmsIcQY2ZRES7p5Ptv3DaByrTLCISz7jp9s9h5fAua6La_m1q8ILDLFhUlVgDHIWMW3cdVF2t5ifNwfriDLbVZO43TEuQeZs4JtFjaCSZkqljeAYn_84bc86oz20lfWdnqQ58bkUUnhLvP6YF6otbkCwzYBGo0i8nkRGA_croVA2ED2JwhzAPT6zbcklUfuAL9uwtp0OgcASmztj0dgDRurCMqZK_0S3MBg15Wg-N2Do70MXd9NbOtl3rDwMQjf_6RA8DrOQEHVtFVnojaQl4iBiosNZzNg9RC49maFCMDp6WGUxs16eaXU89DgRXRF1F81rZwpYZjXizTZ3bdyOtbyyzm6hO1NS8oiPVNthyB1pgfoBuxa7xYy2NGG4Pf3pKf7Qf2E6Rpk3yOqcLb9pO72k7vFbuoZfe3LJohnBVwVdraiO-Q40ajfrDtqQr9zEcZv1txXUzwhYGgV0lRK1n-0-wYkrmYF8JOXuHrual_C5OkFPpZUQdnEggKr25mkDEilyjOAn9gGhG3R6So5i8hvd_kzGKWIJ8CPgmQfbmAvrLu-mMPC9nAXIzS7w-0l4AYUkk66BoFK3sJ13sKafq_VkkEoQhhx-J9zsgDXKVZKaEdj3uUrQOdfr2ALJlq9STtmPj6CEK7FrY-qW6L2ifIqLV1LwDyuNslo0MdVXOdtQOtknM8SbuFxui1KPSmITQW7_mSFuYOFA-xClpwMo29Jl0Q0lzfQsq69QUB3nF6xuiCnXrpf3mKC0iM_l8KSt3xn00Ua1ISTlmwpGqx5dKlg9LagmLyT0ABkC-CN4gmiCON0KCzycyWbRgiRS97PNva-YkFOX1a8Q9xTZZK8kTESybfiWtawlXg2zg3P8omT972b3p6pM9gwEPFVP1FuFaY1qpiLa58ihDlMnQA-REekuI7TN05qG0WY_1kMv2-P9Ll9Fnx1KMXENFxdjQrefslywlYZiwgW_cNgjNehdxDLG_hQtBc4fLhzW0-BtQFoU0BsOiRuPwQLaEyqXWBsCmqBSZ8d1S1ra3L3urj0G7d69du6blti3Q&sai=AMfl-YRzmlaCoyeXdWEHBocq1-YtsfZhoW3KMG9OjIyqmw2Xv4SZYwx9vH9OYvGUB6fQewzba70PPipJJExFbMlmkCVyMXiAmYH92X74em0A0pZqvhWcuI_A3obooSGRS9Y-TXPU&sig=Cg0ArKJSzFvcsY-GO1p3EAE&uach_m=[UACH]&pr=8:E564CC02B563DC02&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220831.84143&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 04 Sep 2022 14:21:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5C2B 41 KB
15 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 105ms
105ms Image
text/plain 52.204.142.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=earnme.club&rs=earnme.club&sid=26770&t=1662301280&cip=178.162.209.140&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=&aafaid=&proto=https&uid=1662301280412-943138905226-007223-004-003681&cha=0.7&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.52&cb=60043997923&d39=&d65=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361&&ppid=62176a72a06fe80ba569d18f&nid=5e7b9048180bd02ded4b0937&pcid=6278fd47e6b0901a49776895&ncid=627a0e8f76eb182bd8758ee8&pasid=627a0ec5d3a48b4af3605f6c&e=request&cb=1662301280658&asid=62a9a29da987b3169d027596%2C62a9a26be8c62b7a753672a4%2C62a9a3044f8b3f11bf3a5058%2C62a9a2daf85a765d16158238%2C6295fa3e088d8a77b2698777%2C62fcc8551f0d537b70642b47%2C62a9a257b1f7be14705f5586%2C62a9a33ed8130b696c1cf184%2C6278e88ee9bdaa62e84aec34%2C6278e98aa3c275311934ede5%2C6278e8ec2601d3299c608b5d%2C6278e98df8a65c54bf3e4a6f&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.142.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-142-233.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 103ms
103ms Image
text/plain 52.204.142.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=earnme.club&rs=earnme.club&sid=26770&t=1662301280&cip=178.162.209.140&sn=&tgt=0&osv=10&bv=105.0&brn=Chrome&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=&aafaid=&proto=https&uid=1662301280412-943138905226-007223-004-003681&cha=0.7&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.52&cb=60043997923&d39=&d65=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361&&ppid=62176a72a06fe80ba569d18f&nid=5e7b9048180bd02ded4b0937&pcid=6278fd47e6b0901a49776895&ncid=627a0e8f76eb182bd8758ee8&pasid=627a0ec5d3a48b4af3605f6c&e=bid&cb=1662301280674&asid=62a9a29da987b3169d027596%2C62a9a26be8c62b7a753672a4%2C62a9a3044f8b3f11bf3a5058%2C62a9a2daf85a765d16158238%2C6295fa3e088d8a77b2698777%2C62fcc8551f0d537b70642b47%2C62a9a257b1f7be14705f5586%2C62a9a33ed8130b696c1cf184%2C6278e88ee9bdaa62e84aec34%2C6278e98aa3c275311934ede5%2C6278e8ec2601d3299c608b5d%2C6278e98df8a65c54bf3e4a6f&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.142.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-142-233.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 141ms
99ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://flashnetic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Sun, 04 Sep 2022 14:21:20 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H3 200 1a Show response
i.clean.gg/ Frame 60E3 0
15 B 129ms
100ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 60E3 23 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8749
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 21:33:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:55:14 GMT

GET
H/1.1 200
OK request.php Show response
ad.ad-srv.net/ Frame F6C9 5 KB
2 KB 60ms
35ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkhwcukop%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP0P6bwgdGQsvjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAyiJtAQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd1kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0CZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96585%2Fclickenc%3D
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP0P6bwgdGQsvjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAyiJtAQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd1kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0CZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96585%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1186271738
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b531298c21acbb00db64a132e4fc06aef20dad3d4cadc074ae80e8e2c5fea079

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1793
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 14:21:20 GMT
Expires: Sun, 04 Sep 2022 15:21:20 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 10480400066552501467939012072010

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 683C 52 KB
17 KB 8ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=khwcukop&e=1957767944024
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:20 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321497
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301281.793929,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 312C 0
819 B 14ms
14ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLWDPD9VgYAAAMA1gAFAQjf6NKYBhDD9L_D0KPGhS8YjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAA4KNwzT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w77zfDDiYUEDKTkgCUJP8-WZYtfKgAWAAaIn9wwF4yfIFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhdjJRNFlBakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VPLTgzd3hZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBek4tQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCWlV2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUt4ZDFrZzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEUMENaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8EBEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIv8gIRCgZBRFZfSUQSBzQ1MjUzNjLyAhIKBkNQRwEUBAgxbRMY8gIKCgVDUAEUOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAADwkgQENPREUSAzYxNfICFgoIQ1BHCRJECmZkMjA4Y2I3MzPyAgsKB0NQCRgcAPICEAoFSU8BZgAHbaoY8gIOCgdJTwkhCUs4EwoPQ1VTVE9NX01PREVMAS4UAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHA0KCFNQTElUAU30KgEBMIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7bAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTQwqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDzEwMDU4I0FNUzM6NjAzN9oEAggB4AQB8AST_PlmiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFsKIC-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBrsz2gYWChA1ulvgJPVKBoH0Yo_SQQ77EAMYAeAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi6BkAAyAfJ8gXSBw0JAAV0IAAAEAAYANoHBgFvcBgA4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=595f9edb658df2a640d11cf7c8dd89286e05dec5&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkhwcukop%26e%3D1957767944024,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkhwcukop%26e%3D1957767944024&

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=khwcukop&e=1957767944024

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6cec6831-e581-43bd-99ea-cd7556a360d9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2E53 0
747 B 24ms
23ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 33c05b9e-62e5-42bc-9310-50d2936874af
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK request.php Show response
ad.ad-srv.net/ Frame 4F9D 5 KB
2 KB 54ms
31ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkqwlsycf%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP1Svmx6DSP86jYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA6yIkUwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LRcGkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA4NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDg0%2Fbn%3D96847%2Fclickenc%3D
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP1Svmx6DSP86jYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA6yIkUwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LRcGkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA4NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDg0%2Fbn%3D96847%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1251418248
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 99645501e9491336d3eb6d1d91100bab25f87597c7a49e0d32d1f2ea8bf84aa7

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1796
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 14:21:20 GMT
Expires: Sun, 04 Sep 2022 15:21:20 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 37787700066552701467939012072010

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CD88 52 KB
17 KB 7ms
6ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kqwlsycf&e=1534108800930
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:20 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321499
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301281.828927,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 5CF8 0
819 B 14ms
14ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLWDPD9VgYAAAMA1gAFAQjf6NKYBhDU3u70sZDS_zoYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAAoJmZyT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w16_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaJzcxAF4z_QFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhMldTYlhRakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOZXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBNE5PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCY1F2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUxSY0drdzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8EBEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIv8gIRCgZBRFZfSUQSBzQ1MjUzNjLyAhIKBkNQRwEUBAgxbRMY8gIKCgVDUAEUOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAADwkgQENPREUSAzYxNfICFgoIQ1BHCRJECmZkMjA4Y2I3MzPyAgsKB0NQCRgcAPICEAoFSU8BZgAHbaoY8gIOCgdJTwkhCUs4EwoPQ1VTVE9NX01PREVMAS4UAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHA0KCFNQTElUAU3w7QEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MDg02gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGuzPaBhYKEAAAAAAFNw0BXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi6BkAAyAfP9AXSBw0JDTcFOAjaBwYJJ2jgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=8ec814784ede78afab9ffa769ebc6ea39ee35984&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkqwlsycf%26e%3D1534108800930,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkqwlsycf%26e%3D1534108800930&

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kqwlsycf&e=1534108800930

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8d1917cb-c33a-4e1a-92a9-6361c7919018
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B25D 143 B
163 B 13ms
13ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 14:11:26 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0CA3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffd31f1a119a35784591574dadb08b5bf61831ead705fe9e29cc60556db59605

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK request.php Show response
ad.ad-srv.net/ Frame B230 5 KB
2 KB 57ms
34ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Daabgaam%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUPwURx_nJzGQgjYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAGiOtYQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdKkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjE0OECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTQ4%2Fbn%3D97180%2Fclickenc%3D
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUPwURx_nJzGQgjYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAGiOtYQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdKkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjE0OECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTQ4%2Fbn%3D97180%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=914353365
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1827b33859eb5896fed0115e644c8d34944585a557eafae155934eaa2fe40039

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1792
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 14:21:20 GMT
Expires: Sun, 04 Sep 2022 15:21:20 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 61469100066553001467939012072010

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 759D 52 KB
17 KB 8ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=aabgaam&e=1534108800930
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:20 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321500
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301281.882223,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 768C 0
819 B 15ms
14ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLWDPD9VgYAAAMA1gAFAQjf6NKYBhCFopzOn5mzsiAYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAAoJmZyT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w16_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaJzcxAF4nPcFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhbTJUNk9RakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOZXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpFME9PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCWVF3cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUxoZEtrdzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8EBEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIv8gIRCgZBRFZfSUQSBzQ1MjUzNjLyAhIKBkNQRwEUBAgxbRMY8gIKCgVDUAEUOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAADwkgQENPREUSAzYxNfICFgoIQ1BHCRJECmZkMjA4Y2I3MzPyAgsKB0NQCRgcAPICEAoFSU8BZgAHbaoY8gIOCgdJTwkhCUs4EwoPQ1VTVE9NX01PREVMAS4UAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHA0KCFNQTElUAU3w7QEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MTQ42gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGuzPaBhYKEAAAAAAFNw0BXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi6BkAAyAec9wXSBw0JDTcFOAjaBwYJJ2jgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=c862f6cefb0ebda769e400c8f160a54e6019b49c&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Daabgaam%26e%3D1534108800930,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Daabgaam%26e%3D1534108800930&

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=aabgaam&e=1534108800930

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: fdf0253c-95a6-4348-9859-758b831c2394
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK request.php Show response
ad.ad-srv.net/ Frame 3FF0 5 KB
2 KB 61ms
33ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dxfnkvhpoaq%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP05HambBkCwVjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAhibppQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96722%2Fclickenc%3D
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP05HambBkCwVjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAhibppQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96722%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=699077580
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 091947b2487d26f854607a6f963ba911f3cc168e797b2e6903db5d645f43efd7

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1797
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 14:21:20 GMT
Expires: Sun, 04 Sep 2022 15:21:20 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 59642400066553101467939012072010

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D2CC 52 KB
17 KB 11ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xfnkvhpoaq&e=1957767944024
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:20 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321501
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301281.890366,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame D12A 0
819 B 14ms
13ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLWDPD9VgYAAAMA1gAFAQjf6NKYBhDOjqmzlpiklhUYjYHql4-bxtEoKjYJjXHQvsBmkj8R9vLvPuFviD8ZAAAA4KNwzT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w77zfDDiYUEDKTkgCUJP8-WZYtfKgAWAAaIn9wwF40vMFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhMm1UWGJ3akZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VPLTgzd3hZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBMk5PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCYkF2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUt4ZDRrZzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8EBEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIv8gIRCgZBRFZfSUQSBzQ1MjUzNjLyAhIKBkNQRwEUBAgxbRMY8gIKCgVDUAEUOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAADwkgQENPREUSAzYxNfICFgoIQ1BHCRJECmZkMjA4Y2I3MzPyAgsKB0NQCRgcAPICEAoFSU8BZgAHbaoY8gIOCgdJTwkhCUs4EwoPQ1VTVE9NX01PREVMAS4UAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHA0KCFNQTElUAU3w7QEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MDY02gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGuzPaBhYKEAAAAAAFNw0BXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi6BkAAyAfS8wXSBw0JDTcFOAjaBwYJJ2jgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=3b00a082cda1e66880d7b42d23844e854840883c&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dxfnkvhpoaq%26e%3D1957767944024,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dxfnkvhpoaq%26e%3D1957767944024&

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xfnkvhpoaq&e=1957767944024

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6aa0ab87-3fed-4d4b-a23c-62d8a0cc1034
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK request.php Show response
ad.ad-srv.net/ Frame 1709 5 KB
2 KB 66ms
38ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Ddyafdikm%26e%3D1834762243861&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUP3QAhFfjEMULjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAZSM8LgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96723%2Fclickenc%3D
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUP3QAhFfjEMULjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAZSM8LgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96723%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1235416354
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 7bf9d89a0f5414b003b68cb8d9e0707003122bc2cabc5daadb51397f712e3113

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1794
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 14:21:20 GMT
Expires: Sun, 04 Sep 2022 15:21:20 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 50892600066553201467939012072010

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6907 52 KB
17 KB 14ms
6ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=dyafdikm&e=1834762243861
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:20 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321502
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301281.899901,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 68B8 0
819 B 15ms
15ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLWDPD9VgYAAAMA1gAFAQjf6NKYBhD0gJC8tZzE4gsYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAAgOtRyD8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w26_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaLifwwF40_MFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMheDJUaFZRakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOdXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBMk5PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCYkF2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUt4ZDRrZzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8EBEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIv8gIRCgZBRFZfSUQSBzQ1MjUzNjLyAhIKBkNQRwEUBAgxbRMY8gIKCgVDUAEUOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAADwkgQENPREUSAzYxNfICFgoIQ1BHCRJECmZkMjA4Y2I3MzPyAgsKB0NQCRgcAPICEAoFSU8BZgAHbaoY8gIOCgdJTwkhCUs4EwoPQ1VTVE9NX01PREVMAS4UAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHA0KCFNQTElUAU3w7QEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MDY02gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGuzPaBhYKEAAAAAAFNw0BXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi6BkAAyAfT8wXSBw0JDTcFOAjaBwYJJ2jgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=bf952d745df2428e4e37f93d219f8662f08ef564&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Ddyafdikm%26e%3D1834762243861,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Ddyafdikm%26e%3D1834762243861&

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=dyafdikm&e=1834762243861

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9deb2b36-4b99-4d3a-80ae-3acc97f71f2a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 86E3 0
747 B 18ms
18ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 160692eb-9d98-4697-b986-d9618de47861
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK request.php Show response
ad.ad-srv.net/ Frame A167 5 KB
2 KB 64ms
37ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsjucnsasr%26e%3D1834762243861&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FnyvqSOsokT9k-Avqy8mGPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUPzkfOsE94mtpjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAXCUTEAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdNkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA5NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDk0%2Fbn%3D96880%2Fclickenc%3D
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FnyvqSOsokT9k-Avqy8mGPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUPzkfOsE94mtpjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAXCUTEAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdNkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA5NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDk0%2Fbn%3D96880%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1431256302
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 7906f9d066af037d1fe806047b60d717d4b1fe7fd0588b77e60b506c0f7a3d68

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1798
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 14:21:20 GMT
Expires: Sun, 04 Sep 2022 15:21:20 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 88059700066553301467939012072010

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C059 52 KB
17 KB 8ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sjucnsasr&e=1834762243861
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:20 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321826
X-Served-By: cache-lga21953-LGA, cache-fra19136-FRA
X-Timer: S1662301281.900125,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 5CB0 0
819 B 21ms
19ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLWDPD9VgYAAAMA1gAFAQjf6NKYBhC5vuiJ3Mf4tWkYjYHql4-bxtEoKjYJnyvqSOsokT8RZPgL6svJhj8ZAAAAgOtRyD8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w26_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaLifwwF48PQFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhNkdTbWFRakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOdXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBNU5PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCYzR2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUxoZE5rdzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8EBEd1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIv8gIRCgZBRFZfSUQSBzQ1MjUzNjLyAhIKBkNQRwEUBAgxbRMY8gIKCgVDUAEUOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAADwkgQENPREUSAzYxNfICFgoIQ1BHCRJECmZkMjA4Y2I3MzPyAgsKB0NQCRgcAPICEAoFSU8BZgAHbaoY8gIOCgdJTwkhCUs4EwoPQ1VTVE9NX01PREVMAS4UAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHA0KCFNQTElUAU3w7QEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MDk02gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGuzPaBhYKEAAAAAAFNw0BXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFITBgAIAAwADi6BkAAyAfw9AXSBw0JDTcFOAjaBwYJJ2jgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=135551703b2b8387e536ee929c81829b3f92050d&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsjucnsasr%26e%3D1834762243861,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsjucnsasr%26e%3D1834762243861&

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=sjucnsasr&e=1834762243861

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ee55259c-4bcb-4afa-b2a5-3ee65bd96f5d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 index_0_250_00000.ts Show response
streaming.playstream.media/storage/videos/489cf6ec-67fb-41aa-ab10-6385d5071f8a/ 645 KB
646 KB 12ms
12ms XHR
video/mp2t 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.playstream.media/storage/videos/489cf6ec-67fb-41aa-ab10-6385d5071f8a/index_0_250_00000.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: dd0a2e34838848891e3548f20ab6086ba496e0d17f17c963def633ef0b978217

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:20 GMT
last-modified: Tue, 29 Mar 2022 11:34:42 GMT
server: nginx/1.17.10
etag: "6242eed2-a1498"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
content-length: 660632
x-hw: 1662301280.cds139.fr8.hn,1662301280.cds216.fr8.c

GET
H/1.1 200
OK request.php Show response
ad.ad-srv.net/ Frame 31C9 5 KB
2 KB 67ms
39ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dyfqcmrenshr%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP3dAqpV0pb9ojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAYSNJeQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521MBfWkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2OUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY5%2Fbn%3D96751%2Fclickenc%3D
Requested by: Host: tm.ad-srv.net
URL: https://tm.ad-srv.net/tm/a/container/html/75d02d930b.html?liuid=fd208cb733&cguid=f52ab6ea57&click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP3dAqpV0pb9ojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAYSNJeQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521MBfWkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2OUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY5%2Fbn%3D96751%2Fclickenc%3D&eVS=10264&eVR=https%3A%2F%2Fearnme.club%2F&rnd=1251337577
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f7eb85220b60d0fe0a9975f63b4dbed24d3f68dc6f5334ef8f6824d9713fd399

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1799
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 14:21:20 GMT
Expires: Sun, 04 Sep 2022 15:21:20 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 64787900066553401467939012072010

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0DBE 52 KB
17 KB 11ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=yfqcmrenshr&e=1534108800930
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:20 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321827
X-Served-By: cache-lga21953-LGA, cache-fra19136-FRA
X-Timer: S1662301281.914544,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 537C 0
819 B 21ms
17ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLWDPD9VgYAAAMA1gAFAQjf6NKYBhD3gKmtya7p32gYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAAoJmZyT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w16_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaJzcxAF47_MFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMheldSWFZ3akZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOZXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBMk9lQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCYlV2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBATxDNEJnby6aApkBIU1CZldrOgECLHRmS2dBU0FBS0FBeBltGDg2Q1VGTlUxURRVQ1pMMG05BQAxPSQERmsBZgkBAEcdGABHHRgASB0YEEhnQWlRERDwQER3UHcuLtgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi_yAhEKBkFEVl9JRBIHNDUyNTM2MvICEgoGQ1BHARQECDFtExjyAgoKBUNQARQ4ATDyAg0KCEFEVl9GUkVRERAcUkVNX1VTRVIFEAAPCSBAQ09ERRIDNjE18gIWCghDUEcJEkQKZmQyMDhjYjczM_ICCwoHQ1AJGBwA8gIQCgVJTwFmAAdtqhjyAg4KB0lPCSEJSzgTCg9DVVNUT01fTU9ERUwBLhQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcDQoIU1BMSVQBTfDtATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO2wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjE0MKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA8xMDA1OCNBTVMzOjYwNjnaBAIIAeAEAfAEk_z5ZogFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbCiAvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aa7M9oGFgoQAAAAAAU3DQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOLoGQADIB-_zBdIHDQkNNwU4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=750ab836d01751a5b9bc6bd843d2af7cd4783a92&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dyfqcmrenshr%26e%3D1534108800930,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dyfqcmrenshr%26e%3D1534108800930&

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=yfqcmrenshr&e=1534108800930

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 474243b1-1e82-4a61-ac16-8ee467b2166b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame E76D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEFArhSyvwdrgax-0PJrP6Ww&google_cver=1

23 B
172 B

36ms
35ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEFArhSyvwdrgax-0PJrP6Ww&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8NiZyAEwAQ&v=APEucNULggbGckJdnosTUmUgu_KmqVFZzC0iGUH8l1MCDetLzCjLryQ98X5x08LDWrBNwtS9BQkaHDSlDRVxhwrxZ4M9V9zBpWeekTc91F17S1UKzdtSfHB5jo-NzuNh2j7j6ThE1YryBdqILkalNaw7mVLyJANW-oNCQbN1pmYXFwy5QK6Ny5Y
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 04 Sep 2022 14:21:21 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEFArhSyvwdrgax-0PJrP6Ww&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame E76D 23 B
172 B 142ms
56ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8NiZyAEwAQ&v=APEucNULggbGckJdnosTUmUgu_KmqVFZzC0iGUH8l1MCDetLzCjLryQ98X5x08LDWrBNwtS9BQkaHDSlDRVxhwrxZ4M9V9zBpWeekTc91F17S1UKzdtSfHB5jo-NzuNh2j7j6ThE1YryBdqILkalNaw7mVLyJANW-oNCQbN1pmYXFwy5QK6Ny5Y
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 04 Sep 2022 14:21:21 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame E76D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAByLWWHYEgu9D2skIRp0k8&google_cver=1

43 B
549 B

46ms
18ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAByLWWHYEgu9D2skIRp0k8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8NiZyAEwAQ&v=APEucNULggbGckJdnosTUmUgu_KmqVFZzC0iGUH8l1MCDetLzCjLryQ98X5x08LDWrBNwtS9BQkaHDSlDRVxhwrxZ4M9V9zBpWeekTc91F17S1UKzdtSfHB5jo-NzuNh2j7j6ThE1YryBdqILkalNaw7mVLyJANW-oNCQbN1pmYXFwy5QK6Ny5Y
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 105
Connection: keep-alive
Content-Length: 43

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAByLWWHYEgu9D2skIRp0k8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E76D
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZDk1OGZhYjYtMmM1Yy0xMWVkLWE4OTQtMWEzY2Y5ZDEwMzA2

170 B
188 B

24ms
24ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZDk1OGZhYjYtMmM1Yy0xMWVkLWE4OTQtMWEzY2Y5ZDEwMzA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY8NiZyAEwAQ&v=APEucNULggbGckJdnosTUmUgu_KmqVFZzC0iGUH8l1MCDetLzCjLryQ98X5x08LDWrBNwtS9BQkaHDSlDRVxhwrxZ4M9V9zBpWeekTc91F17S1UKzdtSfHB5jo-NzuNh2j7j6ThE1YryBdqILkalNaw7mVLyJANW-oNCQbN1pmYXFwy5QK6Ny5Y

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZDk1OGZhYjYtMmM1Yy0xMWVkLWE4OTQtMWEzY2Y5ZDEwMzA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 79
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DA65 0
747 B 16ms
16ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:20 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5a9f8575-9bfe-40c5-b110-5bb2b8b70906
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 910E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEFArhSyvwdrgax-0PJrP6Ww&google_cver=1

23 B
172 B

36ms
35ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEFArhSyvwdrgax-0PJrP6Ww&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjLzZmxATAB&v=APEucNWEnDAkk0pWCyYUCNdZxxQzvhbWqGqdJfXT43hBhLGlC7C0K26vqVfScjZpYXqyAfyW2WLb9kR77ceunGqeYFuMNTYCqlWb978ar6wu8ZduZ-XLRAotuJIO5SiiJzTTmZe4u4YsLOjJYCLY3nTw64zSe2Lhn2W4R8-cuhTs9f44NthKi64
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 04 Sep 2022 14:21:21 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEFArhSyvwdrgax-0PJrP6Ww&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 910E 23 B
172 B 120ms
60ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjLzZmxATAB&v=APEucNWEnDAkk0pWCyYUCNdZxxQzvhbWqGqdJfXT43hBhLGlC7C0K26vqVfScjZpYXqyAfyW2WLb9kR77ceunGqeYFuMNTYCqlWb978ar6wu8ZduZ-XLRAotuJIO5SiiJzTTmZe4u4YsLOjJYCLY3nTw64zSe2Lhn2W4R8-cuhTs9f44NthKi64
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.8 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 04 Sep 2022 14:21:21 GMT
server: akka-http/10.2.8
content-length: 23
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 910E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAByLWWHYEgu9D2skIRp0k8&google_cver=1

43 B
549 B

47ms
16ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAByLWWHYEgu9D2skIRp0k8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjLzZmxATAB&v=APEucNWEnDAkk0pWCyYUCNdZxxQzvhbWqGqdJfXT43hBhLGlC7C0K26vqVfScjZpYXqyAfyW2WLb9kR77ceunGqeYFuMNTYCqlWb978ar6wu8ZduZ-XLRAotuJIO5SiiJzTTmZe4u4YsLOjJYCLY3nTw64zSe2Lhn2W4R8-cuhTs9f44NthKi64
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 107
Connection: keep-alive
Content-Length: 43

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAByLWWHYEgu9D2skIRp0k8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 910E
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZDk1OGZhYjYtMmM1Yy0xMWVkLWE4OTQtMWEzY2Y5ZDEwMzA2

170 B
188 B

27ms
27ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZDk1OGZhYjYtMmM1Yy0xMWVkLWE4OTQtMWEzY2Y5ZDEwMzA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjLzZmxATAB&v=APEucNWEnDAkk0pWCyYUCNdZxxQzvhbWqGqdJfXT43hBhLGlC7C0K26vqVfScjZpYXqyAfyW2WLb9kR77ceunGqeYFuMNTYCqlWb978ar6wu8ZduZ-XLRAotuJIO5SiiJzTTmZe4u4YsLOjJYCLY3nTw64zSe2Lhn2W4R8-cuhTs9f44NthKi64

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=ZDk1OGZhYjYtMmM1Yy0xMWVkLWE4OTQtMWEzY2Y5ZDEwMzA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 4
Connection: keep-alive
Content-Length: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/886862/62195780/ Frame 5E6D 236 KB
70 KB 41ms
41ms Script
application/javascript 34.250.54.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/886862/62195780/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.54.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-54-135.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0b3d53392a2ebb6a2fe0c7d4c5ab95663cbb75a2ae9dc8d8506c1d7aa8f51646

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 5E6D 170 KB
59 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
Origin: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Sep 2022 17:52:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 5E6D 8 KB
3 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bp7JWRUMRogF1yA5uG-w_Kj3zLp_HSYBJRDMSV3DhLkKKBnV7-FmNsdLJfZzDs9pWd8YXwnWwzvdDcMS8K3na0gId4Qvyp7ItWi0nU6ItXOxYPLzKJgzJQjIjTcGfWBcmy-ytMFyJSm1QSnhuar3WWc8V2vg&dbm_d=AKAmf-DSfb5m22A69XLSvs1O4ByQzo85DqSosbSqUTmtl5VoNsh7mkjECAhLkUf0W8SlAQZTh-U1lujk3Q31iWZSS2kmWpBntjrSZVlmz3G6QNk2aRH-ehvHHEhcTwxOG_AYqQHucKiA53oDByL2LeFpWm-XzWF2v17rfwg6Ka-Y6uhvahfUcbGeVgOphYS5aWpvuKX3AB3p6ju1ejFrG_D4i4U9iy_REXraJdMDeZO7rXF095wKAAq59toyb8BgX0ehduO-ByX2GRj_Qqd_jYi-iFdeCjVGYRZZSbI_hlNpL6c1ud0l_e0j9DdLMx8_RZHd3bjK6wfoEPJGJPl1RzdJbqsZokjP9AIp7WkjNNXcKTsivQay3f-lVQwhszGumZj1VqDtvKyk8buLJZLoWR1cEqONf1aieM7O4V8NQrEIG4wWN8JxPJ4E-_QNdM0A3XsxXnCvaNmG355_UODiFMNapxQDTTz9g2O6gANJnxPzBI9IGYO7iimTTvklu9S53itSfv8hf8zKjJlcKNMZcRshgVmwSxbyMzHhbUayk9tW2ntIijIaSOvTvM9KXXstIeYFUJ56mSL6QRodDrwALN7zgUxRqnyxeul9fT0DmYdbLyIlQlmt6Rom_b7wZTgg-yt1FveWo2yAMRqsfAVm1iP1MuCmH2xI7BBanbyStW0fJtD9ECAESrzIfIx3rAwlFpyyKOB2Y9k9yOs7OOSicw8MuTTptfYtu35BlCPARLr7X1xOalnj_naY39tZpM2L_eHdg7LwGOV_m7Bo4oOvn8VYDDo9Xk0tkJNvu_07jCPWDHzfQMCIu-ahHMl_vTDqR7HuZSxHO0m358FxXWuP7kfwnuAltKYyxipiVyoqNpa1mXv-XI0pSvlXl_Y2Y7G4Wlr1rgbBOoFCKBgugo16LMR7BH4PaM5vzALaxYGTWU5k-CUCo2eNP_5JLV9ZY-mKLPa76YSwADd8A7z1UDo66ZZRRmVw_3IrrXbEraesWCOvQFtcR0O-UfldugoEoMR6-s44tXg-21my_A75pMj37kahYTgVH4fr9xN-MGw6HL66E75i8pkq9vIl8Bl2d33iRfDbezuORH94EkFWcK8Ws7PuW3j_hOOT_7wMbirKHFRXoAhvVVSNn_na3Z0V_v9RXL82m8R-GOOXxL-pvAXj_DbQ-PjPmmFGfJHEWCBLTRPDztEcBBrV7dbBx0FxAUNR5QiwxYQ6Icj2e9YIkXCl_1TgBGn3UyIY53pKGPpuJJSIPlRE76IF_UpzsGlzLURvLpm5uujGnfaviiILMxGfnKJPWTDcnAPc6ihCdKjOwlbObC_2xggpA7b8BFNy0WX3b43RTd97OaYc0bFBL6gJGbIruWpiJSI-LS_JGNrRQX_B4hmOnXeQT_iWiAulME6co8xXXbT0kscwt19xdGXZcZ8bv3OMcaa-jns1oGB_qZXtcHf1qCRe6oqMq_0a084RLFeycckmyexd7OpCkz3DhDKA2p8xOBSqwdSpfoj3xBQ-ypP-8dDyvbpm10hS4Gjj4t88Q1BNqAZBqdyEqnaGx5iBD592L0hW2m1ksvWkJ57BdwNwoJ9Mc2ZsG1SwFtLic7aNenbBEZbjOqUibi4erY2m-FPfhejAy9OgScOtvB-0lgLKb1ZvRAti__4tJ1iB1---hvAQ52peAyyti2sCK1MZnT2Ar66YyVFqB7-pl_0zOPDpXRCaFOsQ-sek5XpytMyxBAEE27fVSHoxksSGuckqB9Tk77BqORz7pqmSAyMqCyWX3a0fMvJDGuP2_trSYD5dHZBaW4bccY0PeABWRskSl_pp524XKGBhMoRdX4ll8OpRw0dyPN6rb4Kve4Iz34-uqpafC8Wvjt5k0KXI4HMeJx_iOxd23O0Vuyd--z9qUKNIij7FQ-dG-LfJ_YT_mIoV9Qoupln2maHTr4x52nhb-ULib6g9g6m7_mJJbZ0TgOJz-vbzOUeUc3A9uE0anX0nKNQ49Jh3Z-Cvi8Fm0lKOGA5otUs2ubKBjR684jMkhrVqLhTct01VW7j8yU-aXacd_W8DA8j2kIaq_nvJRwG3VNJtSM44jcHEO7kPjafIgJ2ZqVUjZ_E8rwk-EP4PD2kjLx8Qh2y0YnBVD32YyfRsYKa9qD2ca1hy-37pTnB5weX5DvMtU7fKQjk-7YIo1XvrvL_DqdkSOd3fcsP3Y86pOtWA0yBgAsJQrRcG5myNQQSNb3AcXgW-E8fna0M9M8iCXCWYOnu978HAr0k28UPBVLBUlSz0ajVfz9ojRQtXvt4pBboL1qZEOKekYS3TzhiCfo5D7HlZMsNbrcGFH6v-r4JRTMfOpMCOL9fWh1BFkE79SVM2lGmqRDkpDhA0DQvtjeHUt7fiXqXl4XEd3ld-I0mWuhH_nnhrEY20svhuq98Ljmt0v5h_L_MmNVLaAyo4dfU6pgmi0_5eTn5cYsJqwhS6ZxBO8pYlcfuq3vcsI0VSqnurNMRr5_sT-L9vnbAyRZ3LJ5zij0RzcIMeE4CN5Tb51rseOhd2qioUs6hu1eZeNDxjSnWviMuSL1ZcFENPGUredUxZpxNuBpGGkYvqdwTceqtdajCeit5KxrYo94pfft2F2QXw9rE52YCzx0UyCONmBtPhOQMkWjoaRNgb32lm7mvTZ3xI3OBArac7Wly7kPvX6_ZpAoA7LQ-CIO3ilXf0aVqs_M0YcNuq3rPhZff76T6xicyGbL39r3rMExTvMCwJsKeuW1PFpsD9KK4ij6TViK0yYcmAxm377JqHgYKii-wdc6dxwW8desfbFyihPWk2yQWAklPIWshnmYtXOBAa7jMJ-pq-O9E9LZ_VuSL9TNGW6fc5kC6cqzLU5qmlzc3VX6wwq19mYnJpxPZfx_NLU2XbIWJNnzQSho25KuY67g4vxtX9wWrVCO7cRp-sEN8mxXmdMRZOTW8a5qEX1_pJREIWFLMCErWyhl4ArOjIPbVr-bBZ-fD4hfQIimdbZuxqhNboBYjtEoiknj-fYFz-lamLBAeGazde69v22QsrNYu6gx0LLte56U_b8-2N-r5pTYn1BR6T-KPr0pVnLg7TMGT22hGzfabmFDz-M5S4aEizYZNxQm-pmG_nQxqAShfpOjQPTmyE71rZ5gPuSsWvGpkXhWAY3zwBI5vX1UEO-jfOu4s0GVQ-qvFSjWZEj8ATFmIzS2Pm9HooAd-Xq3k49v0ZjPMcAFqVnBOAttg7sV1FBStiBVCudFG636uHuaSudgRBBKreFUyKM3qYRwp2PssQmzP4ICtLe1ZDRFCKwitxllJrUqm-bpB2kcddOvBCbyx_95d4GylEGAQSdKQmtLGV&cid=CAASJORof034HnhNnbd4k9fN_7dMIW-5ZXnmgRoM1A8i7dAeRFOXWg&rfl=2%2Chttps%253A%252F%252Fearnme.club%242%2Chttps%253A%252F%252Fearnme.club%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:07:31 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 5E6D 30 KB
12 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11778
x-xss-protection: 0
server: cafe
etag: 15541287485089275602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:19:17 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F6A7 0
747 B 30ms
29ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: a94c5cd7-fdde-4939-986b-f159419bb89f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 764B 22 KB
8 KB 15ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3EEB 52 KB
17 KB 8ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=vksbyedf&e=1957767944024
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34363
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:21 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321828
X-Served-By: cache-lga21953-LGA, cache-fra19136-FRA
X-Timer: S1662301281.068148,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 8D4C 0
819 B 14ms
14ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLLDfBMywYAAAMA1gAFAQjf6NKYBhCjt9nMls_ypSkYjYHql4-bxtEoKjYJZb0Yyol2ZT8R4s4vSIYVYD8ZAAAA4KNwzT8h4s4vSIYVYD8pZr0JJPCaMQAAAEDhepQ_MO-83ww4mFBAmglIAlDJnvW0AVi18qABYABoif3DAXj-9QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDYwNzg0NzEsIDE2NjIzMDEyNzkpO3VmKCdpJywgNzQwNTIyNiwgMTY2MjMwMTI3OSkFHTBnJywgMTg0NjQ3MTMsQjsAMHMnLCAyNzYzNjczMTVGHwAwcicsIDM3OTQwODIwMTYfAPReAZIC0QQhQW5KUlBRaWN1YnNaRU1tZTliUUJHQUFndGZLZ0FUQUJPQUJBQUVpYUNWRHZ2TjhNV0FCZ2JXZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0JYckQ3RGVPS1pUX0JBVU15OFVuV2NtVV95UUVBQUFDZ0NYSHVQOWtCaXhwTXdfQVI4RF9nQWFyOXd3UDFBZGhzVnp5WUFnQ2dBZ0MxQWdBQUFBQzlBZ0FBQUFEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHaUF3NElfcE8zSkJBRUdBRXRaS2NITzZJREV3am52cWNrRUFvWUFTMU5pSE1fTWdOMWJtdWlBdzRJbU5UNkloQUxHQUl0QUFBQUFMb0RDVUZOVXpNNk5qRXlNdUFEbVMtQUJLdjI1QWlJQktLMjZ3aVFCQUNZQkFUQkJBQUFBQQGoEEFBeVFRCQkBARhOZ0VBUEVFAQsJAVBDSUJlb3ZtQVhUai1TREFha0ZpeHAtDAgteEIdOwh3UVUJMwEBCE1rRgEHHFFGT2QwVF9SLigAADIVKMBEd1AtQUZoZ0x3QmNuXzVnajRCWWVBOHdLQ0JnTkZWVktJQmdTUUJnR1lCZ0NoQmdBAVM0QUFCQkFxQVlFc2dZa0MdgABFHQwARx0MAEkdDDR1QVlLmgKZASFJeFRIbj5VAixMWHlvQUVnQUNnQU0RNVhCQkFPZ2xCVFZNek9qWXhNakpBbVM5SjkFBDlSCZYBAQRCWgEGCQEEQmgJCAEBBEJwAQYJAQRCeAkIAQFBoQRrQgEKAQHwPjhEOC7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIv8gIRCgZBRFZfSUQSBzYwNzg0NzHyAhIKBkNQRwEUAAhxhgEVCAVDUAEUBAkycXw88gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEAB40YAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fDtgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMTE3OCNBTVMzOjYxMjLaBAIIAeAEAfAEyZ71tAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWr90b6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG4APaBhYKEAAAAAAAAAUWBQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaQCAAMAA4ugZAAMgH_vUF0gcNFXYBOAjaBwYJJ2jgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=2300512cdfbf5145c90bf3f6a4903e30aa2dcf19&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dvksbyedf%26e%3D1957767944024,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dvksbyedf%26e%3D1957767944024&

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=vksbyedf&e=1957767944024

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 20e09301-1766-473a-85cf-66b302c4f319
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2AA6 281 B
554 B 50ms
7ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=ruschf&e=1834762243861
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:21 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 8 KB
3 KB 15ms
15ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf502616f6f03cc07ed9840f59bc76e575097e2eeb85f0657acc01227a64ab45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 344396
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2858
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 14:41:25 GMT
expires: Thu, 31 Aug 2023 14:41:25 GMT
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7807 0
27 B 68ms
68ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss3ushyTNfR1kfMx9Txf9HtbgWYYhKm7jUrz8cf7oPnUl5bavNV1Aok3xQD2SIAEEzY8E2ifD1KI453MhsiQAcmBJsunKkXo9oX77JvHIuxttpzmG2UPz1S5V_3slWu3wQ1tv-_iULCGDXEYa2f5H1sIRhMRiKV5751SW9tmeMs7i3T_oBxCSPPpm6NdijCjClicrh_qCIkWkC4_f38C5H9l9ZiosWddL4Rbza3BuyTGd0kOsH4kEe6wOTlhk19UR9Fdwr8gLzTHN2Xsie31V8FPE7xK_0T1-9nrIUDb0jO02gboXs6jny6usSKX9EK7rAbIugoHqMT2VraJWQzVOngKtT66IFhidVBkNoR5EJuK3sSIazY2f26l73vdyb5lQA80LluXdE_YqZ5Ai14kmnxY7p0yQ8iv7zac3gC-z89xwTEO7uaf72pyE8xib6woiaIDlbo7jJ-f940fPxLHKZrnO_MYzHubqsTUE-v9Egtimj4jF4N1ZtQB9S1mI8tbOb0kPZJLby2kkiPlwEAYh3pyBOIDIFJe_CuhoJwNG9nMblRWIhzpqzdOqBMONN4qUmlM9KotSA3CNVuwcMe3cu_1P5pBXMsBtRKU0MnUTeNGHwKueXaA7szg49wmzwx5RV0TSI3MZ83wwJ7KFJt9PV_2Jogao6hlt3bTmsoxnuqSuwYYZBqV3DqGAXMoGLh5VDVzvgwqvNzhd10lBttbfdZKE2o7KnxoFeGB_bmxI_Se2hA25cfGprsOpErMUMF5MSbLdv29zrjkG7HgB11eFAjGDUM7r4ddGuEKNbhjrwKGVHR2HwQuyymxRvQOgbj1zgz6M_lgyvfr2NYm6UQEnL4-ooetdweyspzYdCrq900ahrs1ReTTnLe9YQFL72GnTG8zKMBb5_QsHzVAOQjoPJFNdTy8AoUda5QGlUtw_NqN8drSUt3uToemMDO_mq2UwlYdGMP-9HK9hcg1_ftP9sM0EoszAKXReUvlcvU5OUI0oitn-CpyCDkzb_EVOqmFsc9r3o4Hwk7EN1xPJ5r1cV_0LmWqhtiPVFdT9yfUlUMFDres2AER0jgLviszMNZfYUWAmWtqnJNMs98QPIQvAlWevA3ZO1PfhBNClCdcCjTSZTn8toA_EiXI2QPQY9h6Ee2MOgo1IIFrNVD6etp0OOthDfWsPFyKW_xRGnhzx3f3Q7ibNzF9Is7PqMvyZwz8hBIY5l506hBdOd7q5BA6TVscjgK8HS4_pUtPv3Tvbpg-_PQo3I9eslFtGmWrXZgtbCtsf14VF-WMuHnevsC8Jd1OEdUBTtfI3Dp&sai=AMfl-YT9-yHU70FzjTpDZAtMauzakXWH6eKSrtlicdTghtg1LJjsk_P1jGXEnEgt5EDF9sqvUt7sD1u5gzx63mTdMz8wEiBrJS76Eqdl3s33Q-TFerBzV55KjJnwx95FNaO6E4-Lu3hPan7J340xyCVRtOo-pwP-_InsjtIU1yqPkF_dW5uTMvsjxwFfD3v59GvHO-s-mEEqJ2XpNqoh8FeNGej7VwQlOjk&sig=Cg0ArKJSzMbnuLPTJ3-cEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=776&cbvp=1&cstd=774&cisv=r20220831.77462&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 04 Sep 2022 14:21:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
BLOB 200
OK 4f3615ad-d23f-4332-b8cc-bc45ff432e06
https://earnme.club/ 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://earnme.club/4f3615ad-d23f-4332-b8cc-bc45ff432e06
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 8 KB
3 KB 16ms
16ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf502616f6f03cc07ed9840f59bc76e575097e2eeb85f0657acc01227a64ab45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 344396
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2858
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 14:41:25 GMT
expires: Thu, 31 Aug 2023 14:41:25 GMT
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E8CE 0
27 B 64ms
64ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKRc_VGtWeNoGqozan8i5iWtulkdqfMGCoh-bAq0pZBVFQ-mNzOWFqKfckeZQRLIU0b8tWHd58SaCg9yixDgKB7I08e2Z155fugVAp7Dm2ensgRlAPBhhj7obSzfrSp_8HPzAADZ7yhxunckQQdzdeEcI-LASHC2_Gd8UiByiUL2_CNYuTjGj_mv6AjoTHvLzM7PD3FfoTOPdIQc_1mn4TOmilSy07XVhL0B73L-Or5egtm2INijf_Kke2gqfBYuaq5IbxRELsdgxJr1DVivQ0wX0Spw3VP4P0sjD1A0Baq05gIQDOE7MFCplILFb5_0IQtC79MFkxvRFihSiGW0o4xfYi5131EP2rHmphj3Ww2_m7YIMFu2TnpvcibPFLPO_hCirKKjjyh2TZmRUUlWvFkU56N8ChDaJSxzAokTtOI6TT5iG1XdAnJYMvOb5S3ppGZPzWm48XUvx9oF-NgVjbhK-xs-vc20lH28e6FUnapJ4thVvw_rpd9Rvl0q1cWImGBqX_Vf1D3znjrYMmDBlF6cFvke-GFZH0kEo37OD5Vi-ktPoATZXvwd13WcfDHVNCNHxFxW3DXc4Sc_Ua0PIWOQnWRZiPaC7u7nHZswPGXHJAlRfmoArQu26XAjKiaJubo9HEXx569iOAMNn4CAzDy2SIr8Keejm1DG-V__gDBcWUaSz-Rn_yWRBVK7hNvSmLZ3XH0hsmv1W7US8-qyi2NymCoQKMWje-BdIfzYBQq4wlyVJ7WK4ICLWLX9QNEXS43203CfQ3uLaXz9RFF70XE5lzPmMeNQAn_9V1d1Jv_90wrQ9tXs_WPRx1Dm-KXZBFbsRR1koxVauUCMn1HXFH48D22080b-FGC0uK6pbZjaIbLbzUvnqTU9piON3xd9Ra8mHyr3XMC4NOB2kizzkgg2pkLcUWJAiBKjkGY_tCRnJDWdZEAcjAmQnlNsUuM42txAyQ2aBLKk07R7nmGjHLsjLAlioF2pRZzJOAAWg4mKR2FkPsHq6iVY7KOKyaIa07ubkb7I8B-nZEPqlnkJ_qla3cvB0dPnANqDnZf4DS1yFrH0XhjuWlXeL9gHf2cUHERDl_RAIJFMwRIPgr6jFbm-I0YisyLplyWqY2QNsDyQitlW6I4T1MopgPF0F-2xuDT-rSElp72xt3nUAvmuYZ4U633LegJ9kjTV7MKNXR_b0eS6bKdlBSq5hpM0Xw0bVltXf8hXeEi2d2YZM1Lvb4zHD0dJBUjPtSFCbBgYdzsZGDQppALVP8Ux9iYS1lh_BWlgyxq-PapEBBzhBxnDnWkevbaNGA9Doj&sai=AMfl-YREoWOg1_5E4Hu9q39ba0Bv8AaMJbUszLmyjbBLo60QybZ0-f7jas0WHAIIECtzDav1HXrXHl4vCnv0qhYR-XuVs-IaeQjqIC4IQGc3L581FgWhefeLc9ara59h2UJbOXJ9PRIVoPbb0ESUouPyroQ3eNIZvSVKJN3TRl9b7NZK2gHjo1fgSw_-n42WRVlbPjZTv3BwxleDs7U3Dxqy4ZbIVaITGoI&sig=Cg0ArKJSzEBxUY1exWctEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=786&cbvp=1&cstd=784&cisv=r20220831.10407&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 04 Sep 2022 14:21:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 90EC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3dd40f4fc7893dda92c8a8911e0fdb3b28c3fa465582358376d0775b93e73903

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2753383143326280557/ Frame 8157 38 KB
6 KB 15ms
15ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de24e1eed5d9105cafd245df0b2ee43e6f3a900c77c862dbcd6c9b10fbc9dc56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 147545
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5784
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 21:22:16 GMT
expires: Sat, 02 Sep 2023 21:22:16 GMT
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 43D4 0
27 B 61ms
61ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssz-3WOtknsglXoH_QKy7RaVXtGTj8jp799vfjG0TN0cu6L70YlgiN-egdnXDuetIEiJuMY_kgAGSWaUUjSsZPYaFYz6dSR8Uc9gS_VkDWcLCXojpBK4QXCn-y7TnNJW8diIUqTYxRJ7Ep1_XTkMOOB6NIhB7OWwLBwBs7Mj2z5eXhXnUxwF9IYVZo_hQ2ecsOUhENHTmy3XrWDdRDKfn9TP7GZ7pKM5ssZ247ZMU_DbQCdPp17W9HnOZFZ_HRK6FgY5UM2XMHZZc2fsEWR_d7vXOMtHaRUjhxYlyCoJPZwqFLkMA-iYdcTWuCGpMPo27qI1KIUa59K0J7bmmZBnBUzwmg-VUD_aRppKmFFD4vQOm3npNBpraYN2xooauGkE0HWvYFaHgZHFSHjPPk_Lo3_11nSD80XsTbN0JKNiUIhIg-yPxpV8DVpGv5fOhLhS90V9wF83sgGeX8NcmblVpIXN8jQeRT9cB51kEYFkD_SqqPeue5B0Zz_TIJFtaxVfV8jMDR6ROYPlXnxi6ys_NAAGJGHpUV4QTEH3BINUya_sFb1d-BC3xA7mVYaa7IwhaVORt15BKkTJxBpP2Lp7I1PWGtGD7Y2dkYcHJi87UCfRRTaQIFEuvv6Z5Q443QRu1NpaUFwGxHhkyCQ8XcyEBXa_BP0xeMYdcFB6V2n084yfr6lWEluD_L2b46ChjfGEbkBQEA8MK5JzkDoC7B9UKKIi0-MOMhcNP0SjV5_25GT2dY8fkISpKvnSyGS4HEHuxsIiIjAwWFk5tVIvrRjWOHxwhafsIYI07ZbsR2rI181USQ7rQiMNAAlMqP0s0t_M8E5JfbHQivSVXIEzk5Xb6UiwtBz7hAhGeZWmXIGxhwcJnGG7SskMrj-w6f9ON9sjvy55LA-ViDNutZl7lHeFgsy1s8EpJ3My-jhA3wot4_cGy8xmnGgXEKJcbE8mp2sWCpipU2MhYh6ogQ17zGflI0mSJQ-60ZbVuosD5JwTzqdaCyqppfnYDzHAC0tuXEQPa4kNUZAB8x3wplZLRoV_NGmnPajnzArBWpHj9w6lOXMAXZIcF3ycCcj2jQ6AeWlq8fqN8X7bcBTu60Bqtr3097PyO959_Mjzo0hHUHWuRUhRv3xVv-P0lyHK8F9aXraIcY4V1kyWM6jH69EKep5_ysE6S0_EOQ8RMoUJileegdfpvBzNAWXiClVUf6CUw&sai=AMfl-YTgcujmmgW2FzbJaF-SSyZCEVvmCcUuZBjWXj5kq3NCszkobEppjeXaRJMtfsUJmagDVTtms_AXXkhgLHMqhI-u1vQaXTFsqPB0f-919shYKP2jkQAMJp3Jrue2Bx_TXlhGGTJoK758BXplxvO6d2XUVNB57yZb-Q7ymiA3X_EcmXuc1GjvikWRJQ-aZN-HYt6lTorzfjliqsCT3xgzwaqKl7MEoI4Rs-DAvLEaoQk4P_J2YsVzauq0OXZ71Y6b89ZLaeXnfL7r8oes-RRHPDDkxa9VN7Fh-YkbpTg&sig=Cg0ArKJSzIqyy_dA38IkEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=775&cbvp=1&cstd=773&cisv=r20220831.46936&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 04 Sep 2022 14:21:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 29FC 0
26 B 51ms
51ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 B25247223.292818147;dc_ver=90.265;sz=300x250;u_sd=1;gdpr=0;aucid=4277661968790706888;crid=266301912;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%2... Show response
ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/ Frame C7BD 65 KB
27 KB 120ms
70ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B25247223.292818147;dc_ver=90.265;sz=300x250;u_sd=1;gdpr=0;aucid=4277661968790706888;crid=266301912;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3062143102;ord=pzzupd;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FVdl3RfC_hT-Ash2bujWAPwAAAIDrUcg_gLIdm7o1gD9V2XdF8L-FP8ja94blTl07jYD68tgYoyhftBRjAAAAANtXmwEYKAAA6h8AAAIAAADYcd8PNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAKynsKQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ARcylgjahNQVENjj_X4YtfKgASAAKAAxmpmZmZmZuT86CUFNUzM6NjAxNkCZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAADQP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DODE3MCNBTVMzOjYwMTY%3D%2Fbn%3D96473%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fearnme.club%2F$0;xdt=1;crlt=_!wYP!_V'_;gcsr=m;stc=1;chaa=1;sttr=683;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v90.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

bbc9f1bed18cf74eb7b2db59162e562dde1c63fe5e1bdbc6e2800b8743544405

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27672
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B25209229.293788719;dc_ver=90.265;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;aucid=3426929627831539629;crid=275448214;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_C... Show response
ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/ Frame 2249 65 KB
28 KB 101ms
57ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B25209229.293788719;dc_ver=90.265;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;aucid=3426929627831539629;crid=275448214;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3210668679;ord=1b85se;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FDKZh-IiYYj8_WXRU9bdbPwAAAKCZmck_P1l0VPW3Wz8NpmH4iJhiP60XKQFX5o4vjYD68tgYoyhftBRjAAAAANdXmwEYKAAA6h8AAAIAAACWAWsQNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA1yPsvQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhUq7wjOwJwXEJaDrIMBGLXyoAEgACgAMXsUrkfheoQ_OglBTVMzOjU5OTNAmS9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DODE3MCNBTVMzOjU5OTM%3D%2Fbn%3D96446%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fearnme.club%2F$0;xdt=1;crlt=_!wYP!_V'_;gcsr=m;stc=1;chaa=1;sttr=692;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v90.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

3701c4a3bc16d9adb16be9e22dca15c38e69902880850080dce8301e04ee6378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27822
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D6D0 281 B
554 B 7ms
7ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=kzkosoqog&e=1534108800930
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:21 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 1EED 0
840 B 15ms
14ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QKPBvBMDwMAAAMA1gAFAQjf6NKYBhD3m--W0dzl_WgYjYHql4-bxtEoKjYJDaZh-IiYgj8RPQUjo8F1fj8ZAAAA4KNwzT8hPQUjo8F1fj8pDaYJJPS7AjEAAABA4XqUPzDvvN8MOJhQQOUeSGVQoZ_pJFi18qABYABoif3DAXiI9wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi-AAwCIAwGQAwCYAxegAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLUNjR25MMFVmbUxKQTBEb0xZcWxEUlBkLUk4SnpjeDU2Q1I3b2RnOEFQX3RLM1ViME4xYm9IVkVqckUyYkZpZUYtaEFjQlJqZk1xSkgwcEg1NmotVkhaWkNEOURnJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzc1NjQ4MDU5MDk3MDY5NTIxODMiCDc3MjIxNzkzKgQzOTQxOgEwwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKGf6SSIBQGYBQCgBba3u7Cd04bzL8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaHHC_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxNDQ4OTE4ODg2NjS6Bw8IABAAGAAgADAAOLoGQADIB4j3BdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=eabab60c5ef0069b2062e85d13847d09c5b7ad7b&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26730095&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 495787ff-7ca7-4e01-82fa-77ad5fad4422
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 7C09 0
840 B 14ms
14ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK3CvBMNwUAAAMA1gAFAQjf6NKYBhDLnqP70b67xnMYjYHql4-bxtEoKjYJ_Knx0k1iUD8RV7ZqMj4nSD8ZAAAA4KNwzT8hV7ZqMj4nSD8p_KkJJPCaMQAAAEDhepQ_MO-83ww4mFBApgZIAlDSifWvAVi18qABYABoif3DAXiQ9gWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNjA4MDUyMywgMTY2MjMwMTI3OSk7dWYoJ2knLCA3MzkwNzkzLCAxNjYyMzAxMjc5KTsBHTRnJywgMTgzNjU3NjUsID47ADByJywgMzY4OTE5NzYyNh8A8IuSAvUDIWxGWVRCQWpvNDdRWkVOS0o5YThCR0FBZ3RmS2dBVEFBT0FCQUFFaW1CbER2dk44TVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkNyQUJBTGtCUVZtaVdVNWlVRF9CQVVGWm9sbE9ZbEFfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBY21Nd3dQMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall4TXpEZ0E1a3ZnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBWHlMNmtGaXhwTXdfQVI4RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGWlBBRnhmcmdDUGdGaTVEekFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRzhXamppTFg0NUQ2b0JnR3lCaVFKAV4NAQBSDQgBAQBaAQUNAQBoDQhMQUFBQzRCZ28umgKZASEzeFUtMlE6-QFkTFh5b0FFZ0FDZ0FNZkZvNDRpMS1PUS1PZ2w9SRRCQW1TOUoBTwEBCDhEOR15AEIdeQBCHXkEQnABLAkBBEJ4CQgBAUFFWQHw10FBQS7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQNODA2I0FNUzM6NjEzMNoEAggB4AQB8ATSifWvAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAEOcNgFAeAFAfAF6_RP-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG-AHaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOLoGQADIB5D2BdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=ea064b100681a2a31c72c60ee4efb478969fb24c&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26730095&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 85b5e3ce-b74f-4e3a-b8a2-8273fc2742e8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3AD2 0
26 B 51ms
50ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame A184 0
840 B 13ms
13ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QKOBvBMDgMAAAMA1gAFAQjf6NKYBhDLxIqk04bK-QQYjYHql4-bxtEoKjYJw7tcxHdihj8R0xsoz0BVgj8ZAAAA4KNwzT8h0xsoz0BVgj8pw7sJJPS6AjEAAABA4XqUPzDvvN8MOJhQQOUeSGVQoZ_pJFi18qABYABoif3DAXiK9QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi-AAwCIAwGQAwCYAxegAwGqA-kBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLUF3SmplODJpdm45Ry1BeWtGcHlvM0paZHRLY0tqT2s4Z3NmVzRuYUtmajNkQm1EOFBNXzZZdE1ZNFdEUXVmY0pKNThPa3VUcVhQSURrSkVHUFVpaW1ZMFpZenNBJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEjM1NjY3MzAwNDQ3MTc1NTMzOSIINzcyMjE3OTMqBDM5NDE6ATDAA6wCyAMA2AO2wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjE0MKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEoZ_pJIgFAZgFAKAF7b-o_97DlokvwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFoccL-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDE0NDg5MTg4ODY2NLoHDwgAEAAYACAAMAA4ugZAAMgHivUF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=b47969674c8a3e7dd3639bc8575b948fd69ff17a&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26730095&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 61182e4a-c8f7-4431-8f30-b7a09318813c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame EFA0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIaX-Fe-vWVbPrXuiXESv2E&google_cver=1

43 B
61 B

19ms
19ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIaX-Fe-vWVbPrXuiXESv2E&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjLzZmxATAB&v=APEucNU02-nESgZfkQnrn7Ri9RNVeTCuc41NJGxhZcg_B0Fy0k8HkQdqa6GP-HYlzknzCz922GEBWYx6umF_TX1L7px_c3k0SbDhOXcIqzZ3IP8PsUCP6U-JTEx8Rf1vBZzvBEKRhwY7AzVDYZBEIOu3TDaBznUWFpv6Ok787H8nbATlaNLhTuw
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIaX-Fe-vWVbPrXuiXESv2E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cm
us-u.openx.net/w/1.0/ Frame EFA0 43 B
75 B 18ms
18ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjLzZmxATAB&v=APEucNU02-nESgZfkQnrn7Ri9RNVeTCuc41NJGxhZcg_B0Fy0k8HkQdqa6GP-HYlzknzCz922GEBWYx6umF_TX1L7px_c3k0SbDhOXcIqzZ3IP8PsUCP6U-JTEx8Rf1vBZzvBEKRhwY7AzVDYZBEIOu3TDaBznUWFpv6Ok787H8nbATlaNLhTuw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EFA0
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS16enFBNkFSRTJ1R1FHZG0uZ1pDejFCOUtIRnRGdUJDV35B

170 B
188 B

26ms
26ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS16enFBNkFSRTJ1R1FHZG0uZ1pDejFCOUtIRnRGdUJDV35B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjLzZmxATAB&v=APEucNU02-nESgZfkQnrn7Ri9RNVeTCuc41NJGxhZcg_B0Fy0k8HkQdqa6GP-HYlzknzCz922GEBWYx6umF_TX1L7px_c3k0SbDhOXcIqzZ3IP8PsUCP6U-JTEx8Rf1vBZzvBEKRhwY7AzVDYZBEIOu3TDaBznUWFpv6Ok787H8nbATlaNLhTuw

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS16enFBNkFSRTJ1R1FHZG0uZ1pDejFCOUtIRnRGdUJDV35B
date: Sun, 04 Sep 2022 14:21:21 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H3 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame 5A1F 82 KB
32 KB 92ms
91ms XHR
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fe251802040e7c75741266a79431e8b081ce83a0d845d23fd9752e17c34fc10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 04 Sep 2022 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32513
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 91A3 0
747 B 25ms
25ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 57ec2373-614a-4f5c-943b-53d3adf20c44
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5C2B 0
26 B 51ms
51ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame BF8A
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1127614/65017073/4.js?ias_dspID=3&ias_campId=1008609693&ias_pubId=pub-1062972861553303&ias_chanId=1&ias_placementId=18181649255&bidurl=https://earnme.club/&ias...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

8ms
7ms

Script
application/javascript

2600:9000:214f:7a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:214f:7a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: MbIR9TkejTs72xujqyO6B7CRlRDcZpEf
content-encoding: gzip
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
age: 40582
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 26 Aug 2022 15:08:00 GMT
server: AmazonS3
date: Sun, 04 Sep 2022 03:05:00 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: G4d_mLiAiPs9FC4lJhCRzRvMpy7Bz0B6srLoiTiY5ME-ZdaOK2TpUQ==

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame EBC6 80 KB
21 KB 52ms
9ms Script
application/javascript 2600:9000:214f:7a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 11:54:48 GMT
content-encoding: gzip
age: 2255194
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: r5QT2rxfSNWRVQhoy_CZlDqho86oA_-sSa92kYTrvnkMq1XVhCedjg==

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 3272 281 B
554 B 10ms
10ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=tlgto&e=1834762243861
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:21 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

POST
H3 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame D5FB 82 KB
32 KB 92ms
91ms XHR
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b860a88f23dca8107e19bfa3af19aa5c58ab70a3531262f47ad371f4c226b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 04 Sep 2022 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32551
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F33D 0
747 B 13ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 30d0b5d3-600f-468f-a1d1-ad84f6af4864
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame D42A 0
840 B 13ms
13ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhCulr3v3fz_oTAYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAA4KNwzT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w77zfDDiYUEDKTkgCUJP8-WZYtfKgAWAAaIn9wwF46vUFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhRFdYMWl3akZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VPLTgzd3hZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpFeU1lQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCZWt2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUpSZlNrQTYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEUVUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MTIx2gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgH6vUF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=605efa0b3391b733d4bd7ab5d98ebb60cf481e48&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26730095&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6f4f9cac-51d5-44da-8503-bb429980c42c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/ Frame 312C 0
145 B 133ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/postback?oz_pl=1&dt=2255451533761563475000&di=https%3A%2F%2Fearnme.club%2F&md=1&gt=DE&c1=ams3&c2=0&ti=3389830757012732483&pv=35ba5be0-24f5-4a06-81f4-628fd2410efb&ac=11493887&cr=215907859&ci=225545&ui=2928211502789460109&sr=10264&pp=2180927&to=3&pc=26730095&pd=avt&ap=&de=2&dm=300x250&cb=1186271738&_x=1
Requested by: Host: s.update.ib.adnxs.net
URL: https://s.update.ib.adnxs.net/2/225545/analytics.js?dt=2255451533761563475000&pd=avt&di=https%3A%2F%2Fearnme.club%2F&ui=2928211502789460109&ap=&sr=10264&pp=2180927&ti=3389830757012732483&pv=35ba5be0-24f5-4a06-81f4-628fd2410efb&to=3&de=2&md=1&dm=300x250&gt=DE&ac=11493887&pc=26730095&cr=215907859&c1=ams3&c2=0&cb=1186271738
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 04 Sep 2022 14:21:20 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.ib.adnxs.net/2/2.67.0/ Frame 312C 161 KB
51 KB 39ms
39ms Script
text/javascript 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.ib.adnxs.net/2/2.67.0/main.js

Requested by

Host: s.update.ib.adnxs.net
URL: https://s.update.ib.adnxs.net/2/225545/analytics.js?dt=2255451533761563475000&pd=avt&di=https%3A%2F%2Fearnme.club%2F&ui=2928211502789460109&ap=&sr=10264&pp=2180927&ti=3389830757012732483&pv=35ba5be0-24f5-4a06-81f4-628fd2410efb&to=3&de=2&md=1&dm=300x250&gt=DE&ac=11493887&pc=26730095&cr=215907859&c1=ams3&c2=0&cb=1186271738

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-209-222.eu-west-1.compute.amazonaws.com

Software

Resource Hash

df6c3fb8a6e7410b4436c8af2ba78cd7ac29df9a10c92010e39bf56d06aede7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:20 GMT
Content-Encoding: br
Accept-Ch: Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 51436
Expires: Wed, 13 May 2054 10:06:40 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 312C 0
840 B 19ms
19ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhDD9L_D0KPGhS8YjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAA4KNwzT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w77zfDDiYUEDKTkgCUJP8-WZYtfKgAWAAaIn9wwF4yfIFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhdjJRNFlBakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VPLTgzd3hZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBek4tQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCWlV2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUt4ZDFrZzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEUMENaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MDM32gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEm8EzwP9AGuzPaBhYKEDW6W-Ak9UoGgfRij9JBDvsQAxgB4AYB8gYCCACABwGIBwCgBwG6Bw8IABAAGAAgADAAOLoGQADIB8nyBdIHDQkAAAFRBAAAAR4I2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=448ca316817112ca26e6c694d83d58b5541de7b6&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26730095&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4f6e7196-85ed-4cb0-8ced-622f7a180ddf
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B26 36 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F4B1 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstJMJzMAi9s896kvaFN0LSCA2L5cknl8opOK8f3hDzoLjntVfhHpfKsoC2ahVAvZWkuIANDOrWgxx4JfV_49ixJALpTmEZrDYjZJEe_B0r_3afufy3p&sig=Cg0ArKJSzBBA0fFA4XAkEAE&id=lidar2&mcvt=1299&p=720,456,1000,792&mtos=1299,1299,1299,1299,1299&tos=1299,0,0,0,0&v=20220831&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=174271567&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662301278923&rpt=1159&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 8F91 0
840 B 18ms
18ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhCV9-e_9fvJmigYjYHql4-bxtEoKjYJjXHQvsBmkj8R9vLvPuFviD8ZAAAAoJmZyT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w16_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaJzcxAF44vUFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhLTJRRWNRakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOZXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpFeE9lQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCZWN2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUxCZTdrZzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEUVUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MTE52gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgH4vUF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=7792d0fc3a7425dcee72fdeea091b8c839219adc&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957783&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ad61e224-87a3-4558-abff-ba5a2e3d03a0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame EEF9 0
840 B 32ms
31ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK3CvBMNwUAAAMA1gAFAQjf6NKYBhDWofeU7u2TmhoYjYHql4-bxtEoKjYJ_Knx0k1iUD8RV7ZqMj4nSD8ZAAAA4KNwzT8hV7ZqMj4nSD8p_KkJJPCaMQAAAEDhepQ_MO-83ww4mFBApgZIAlDSifWvAVi18qABYABoif3DAXiq9gWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNjA4MDUyMywgMTY2MjMwMTI3OSk7dWYoJ2knLCA3MzkwNzkzLCAxNjYyMzAxMjc5KTsBHTRnJywgMTgzNjU3NjUsID47ADByJywgMzY4OTE5NzYyNh8A8IuSAvUDIW5sYlZDZ2pvNDdRWkVOS0o5YThCR0FBZ3RmS2dBVEFBT0FCQUFFaW1CbER2dk44TVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkNyQUJBTGtCUVZtaVdVNWlVRF9CQVVGWm9sbE9ZbEFfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBY21Nd3dQMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall4TXpYZ0E1a3ZnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBWDNMNmtGaXhwTXdfQVI4RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGWlBBRnhmcmdDUGdGaTVEekFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRzhXamppTFg0NUQ2b0JnR3lCaVFKAV4NAQBSDQgBAQBaAQUNAQBoDQhIQUFBQzRCZ28umgKZASE1QldjMj75AWRMWHlvQUVnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFZBbVM5SgFPAQEIOEQ5HXkAQh15AEIdeQRCcAEsCQEEQngJCAEBQUVZAfDXQUFBLtgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO2wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjE0MKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMzo2MTM12gQCCAHgBAHwBNKJ9a8BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXr9E_6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ugZAAMgHqvYF0gcNCRE6ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=8e6919f4125a4d6c23ed42b4f70bc5861fabe01c&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26730095&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 56cd4e2d-8d52-4488-bc6c-ac42ffdddd44
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 768C 0
840 B 15ms
15ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhCFopzOn5mzsiAYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAAoJmZyT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w16_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaJzcxAF4nPcFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhbTJUNk9RakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOZXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpFME9PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCWVF3cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUxoZEtrdzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MTQ42gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgHnPcF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=8cb5d75298677a733c35560bd24383a976c76226&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957783&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4af8f74a-e49b-4ce0-bb67-362a61449deb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame D12A 0
840 B 33ms
33ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhDOjqmzlpiklhUYjYHql4-bxtEoKjYJjXHQvsBmkj8R9vLvPuFviD8ZAAAA4KNwzT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w77zfDDiYUEDKTkgCUJP8-WZYtfKgAWAAaIn9wwF40vMFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhMm1UWGJ3akZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VPLTgzd3hZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBMk5PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCYkF2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUt4ZDRrZzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MDY02gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgH0vMF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=68c5586f11f8dedd205f184135fd8894177211ce&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26730095&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: daba2d71-4fbe-44cd-b07b-51d0a8ca3102
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 5CF8 0
840 B 15ms
15ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhDU3u70sZDS_zoYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAAoJmZyT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w16_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaJzcxAF4z_QFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhMldTYlhRakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOZXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBNE5PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCY1F2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUxSY0drdzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MDg02gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgHz_QF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=aba58926cc013ece87286802d9a0883829504a3d&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957783&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1e114e21-952b-41c6-b853-0c9db73fc9ea
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame 28D4 82 KB
32 KB 88ms
88ms XHR
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dea9b644dd50689274730cb79eb80c83470f1cdb4de3ecb584ddec2d0b0bc28d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sun, 04 Sep 2022 14:21:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32555
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F628 0
747 B 25ms
25ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 24f353e6-3b62-4a33-90d8-3d4a83ffc706
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 68B8 0
840 B 15ms
15ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhD0gJC8tZzE4gsYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAAgOtRyD8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w26_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaLifwwF40_MFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMheDJUaFZRakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOdXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBMk5PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCYkF2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUt4ZDRrZzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MDY02gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgH0_MF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=bdde42b3ddbb1c76b515da0811789e700d7037a2&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957787&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: a1df9ad4-5101-415d-aa4b-d0b7d919223e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 5635 0
840 B 17ms
16ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QKPBvBMDwMAAAMA1gAFAQjf6NKYBhD1h5iqw8HLtXsYjYHql4-bxtEoKjYJZoaNsn4zgT8RQMvmtuwsfD8ZAAAAgOtRyD8hQMvmtuwsfD8pZoYJJPS7AjEAAABA4XqUPzDbr-0MOJhQQOUeSGVQoZ_pJFi18qABYABouJ_DAXjb8wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi-AAwCIAwGQAwCYAxegAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLUMtRDdqOVpFTW9abE8tYlFPLVhMVVpldDk0aC1laFNaTFJkN3hjalg3NEloUi1kck9SNUk2TkhTVG9lcXFtdVpHLW5wcUVjeDhNeGFoc1N5bFY5MXlSd3JIUmZ3JnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzg4OTMyNTI1MTkxNDE0NDI1NDkiCDc3MjIxNzkzKgQzOTQxOgEwwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKGf6SSIBQGYBQCgBbzQj9jslKSCOMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaHHC_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxNDQ4OTE4ODg2NjS6Bw8IABAAGAAgADAAOLoGQADIB9vzBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=c3ef6bbb3105370f108c619dbd1fbcadeaf8b984&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957787&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8cca1fc5-3697-4251-a8e8-871e355d660b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 537C 0
840 B 47ms
47ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhD3gKmtya7p32gYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAAoJmZyT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w16_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaJzcxAF47_MFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMheldSWFZ3akZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOZXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBMk9lQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCYlV2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBATxDNEJnby6aApkBIU1CZldrOgECLHRmS2dBU0FBS0FBeBltGDg2Q1VGTlUxURRVQ1pMMG05BQAxPSQERmsBZgkBAEcdGABHHRgASB0YEEhnQWlRERDw_UR3UHcuLtgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO2wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjE0MKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA8xMDA1OCNBTVMzOjYwNjnaBAIIAeAEAfAEk_z5ZogFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbCiAvoFBAgAEACQBgCYBgC4BgDBBgAAASYo8D_QBrsz2gYWChABDy4BAGAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpEIAAwADi6BkAAyAfv8wXSBw0JETwBOAjaBwYJJ2jgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=2f4eb1ece21d33430a3f3cd8e43ceff4e219f6a2&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957783&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 44aae448-1f2d-4379-b272-c53ae98ab60b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2753383143326280557/ Frame 986C 38 KB
6 KB 15ms
14ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de24e1eed5d9105cafd245df0b2ee43e6f3a900c77c862dbcd6c9b10fbc9dc56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 147545
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5784
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 21:22:16 GMT
expires: Sat, 02 Sep 2023 21:22:16 GMT
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 526B 0
27 B 61ms
60ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlIX_QMtlNXatkwvAcZSUxD-NB8N0ORligkUOw-WBwjWLj_uvSSOX6mBMtwhPGR9iiGbPksRT8eDeDriJv0tAMDbAU9t2LX_z0IWP8nm46th6wpy61Dsmx1X3kB7TSvc2z4yFbz4qEWVlALRmWNGgnOUDya90BKSDDj0s_XCNhcb1BdfzjjfQ0vhdNu4wRzpb1zu1YeuISnih-kv5w_6v0MZAXG-FVnTKJGZ7i1Wa3Br_jKnsknzErixrZ30vzH30350hPoTt34AQLU3sGGp6FLhqbBF0ntfE1NgHh9eYmn1R2QU_eeNIA6BTdpqJ1EBYfCTna_FEOrWpnb1ZSnZTDDboMXv1ss9jyB5_oTU-Xar6z8r5rA5j-0vnE6iv2tZY1fCeDmCfAJXldv1P4RD_TgKuEqAOHIKlpn60lGAikgT3WJ6zDDaHxlkPkDsGntr9Ano5N4LAu4m3Kvr-IkKjRDn_2TwFHWS3e8PZMYdBrYQqiD1I4Yc2hOCvh8XOII6xnP7oMgg9Hdp7jIIm7J4D2u4PshDS-LW01pKe5K2lLcKgoB3aHJIbTKt5ThUh6blTQeM7HVU-tgoVIDlLSJJ_ytH3QOlJfomSZgg4No6fguFJqD7N9diQO1QqpoCnL8SgQuTv8nhZ72lIjXXyDicURufka2FNXs7m3IfsVVhXHeE3P-mS9JcuFzZMETKRqIW2Ak0ArWCDvFKM0py9yWHiaVebFK3wZyqaVOZTzNKq_plOaFf4IqDbZs6yQVrnOmVxlA571cHc6i_oIXhfwdlVeLgBuHwrrM7KNBWYqAwEPRxpEoQGPl5TgGupq4uNu5vWssy718OLNrGhSCjoUQHn6KMBXGpGM7OE_sS0Ockm9pJEj0NdTkSLWsGC4S5f7f-EfylMUWk_4RaivwleR_z_CM4XRwsErOyuuhvM3wImv8Tv6mlIRpczwpVjwRUhlnpWRcOzpKs2kakrAasQagzeVwe6vgpQP05hAZRMT1sIzDbissYR0l0YHeb7A9kb0335WRqvkZjk-SSjLcSYnMSpASJtrPs5TDJ8H0oYfpokTej_iYGZtMJI1V8NZflflB7QWQS2ucUEUoLIUSdNC-XPf4iOiXhZAyWv5tEEdU9AgEs3MFl7UFM4dpIjK1XnCwuwu5luvuwwpWRJCKSi1ZJCVkX4MbbDZ7EeYdKG5257IJte-GnVgc97B3uqJNg&sai=AMfl-YS2jA1Suls5NnyIUW3i0lpMZDUIIe-qVwsd_6r94FVoN1WACS-Lag0awao1qrdrometE7q1-LUd1N9j66-H8bhwYwTm75zd-J9NbYR58hD9mKazPl2N66Neqr6TJYSs274pmwWwgY8u3JvDb3IWV7aY3FZRuKgRB5KYaMN2aKAmGNpQdzAbhtZB1EEeIQDt662BvPNXSOjXkZy5oEMY9MNEtaq5VVQWBpPnf44Y1wBCdLLGUQ6f6AoqQQatldsk071nVZkeICCRhMtSPdvst1q85qUJIsCZF9Sjz0A&sig=Cg0ArKJSzKiPoZ96cWHoEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=946&cbvp=1&cstd=944&cisv=r20220831.62634&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 04 Sep 2022 14:21:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 8AE4 0
840 B 14ms
14ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK3CvBMNwUAAAMA1gAFAQjf6NKYBhD9sfLYwcmy1gsYjYHql4-bxtEoKjYJ_Knx0k1iUD8RV7ZqMj4nSD8ZAAAAgOtRyD8hV7ZqMj4nSD8p_KkJJPCaMQAAAEDhepQ_MNuv7Qw4mFBApgZIAlDSifWvAVi18qABYABouJ_DAXjn8gWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNjA4MDUyMywgMTY2MjMwMTI3OSk7dWYoJ2knLCA3MzkwNzkzLCAxNjYyMzAxMjc5KTsBHTRnJywgMTgzNjU3NjUsID47ADByJywgMzY4OTE5NzYyNh8A8IuSAvUDIUtWYnVzd2pvNDdRWkVOS0o5YThCR0FBZ3RmS2dBVEFBT0FCQUFFaW1CbERici0wTVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFyQUJBTGtCUVZtaVdVNWlVRF9CQVVGWm9sbE9ZbEFfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBY21Nd3dQMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall3TkRYZ0E1a3ZnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBV2RMNmtGaXhwTXdfQVI4RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGWlBBRnhmcmdDUGdGaTVEekFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRzhXamppTFg0NUQ2b0JnR3lCaVFKAV4NAQBSDQgBAQBaAQUNAQBoDQhMQUFBQzRCZ28umgKZASE1QldiMmc6-QFkTFh5b0FFZ0FDZ0FNZkZvNDRpMS1PUS1PZ2w9SRRWQW1TOUoBTwEBCDhEOR15AEIdeQBCHXkEQnABLAkBBEJ4CQgBAUFFWQHw10FBQS7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQNODA2I0FNUzM6NjA0NdoEAggB4AQB8ATSifWvAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAEOcNgFAeAFAfAF6_RP-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG-AHaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOLoGQADIB-fyBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=1b59c8cabcf6f5fd1a5f472bdf14ab9b9f61284e&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957787&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c2dc16c8-2176-4ddc-8ec6-94e8e8925395
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 42B2 0
747 B 13ms
12ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 27b5e0ee-2484-443a-aa38-cf09e725cf83
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 5CB0 0
840 B 16ms
16ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhC5vuiJ3Mf4tWkYjYHql4-bxtEoKjYJnyvqSOsokT8RZPgL6svJhj8ZAAAAgOtRyD8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w26_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaLifwwF48PQFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhNkdTbWFRakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOdXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBNU5PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCYzR2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUxoZE5rdzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MDk02gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgH8PQF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=6eff846eca4f103020d3f6338b099549e24d1a20&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957787&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 452a60b2-71ba-4832-8482-7ca74198ca4c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/ Frame 4703 344 KB
121 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9548364294205117&plah=earnme.club&bust=31069330

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

694ce4f838c91a20a34c29ac78509b8f74ca3243ad823a88d33a0a1def0fe6fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124221
x-xss-protection: 0
server: cafe
etag: 7196157916437402914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 14:21:21 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/ Frame AD26 10 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220831/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 10734
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 11:22:27 GMT
etag: 8616628553774171045
expires: Sun, 18 Sep 2022 11:22:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 6228 0
840 B 13ms
13ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK3CvBMNwUAAAMA1gAFAQjf6NKYBhCFmrOT5LvJkGEYjYHql4-bxtEoKjYJ_Knx0k1iUD8RV7ZqMj4nSD8ZAAAAgOtRyD8hV7ZqMj4nSD8p_KkJJPCaMQAAAEDhepQ_MNuv7Qw4mFBApgZIAlDSifWvAVi18qABYABouJ_DAXiI9QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNjA4MDUyMywgMTY2MjMwMTI3OSk7dWYoJ2knLCA3MzkwNzkzLCAxNjYyMzAxMjc5KTsBHTRnJywgMTgzNjU3NjUsID47ADByJywgMzY4OTE5NzYyNh8A8IuSAvUDIVpsYWEyQWpvNDdRWkVOS0o5YThCR0FBZ3RmS2dBVEFBT0FCQUFFaW1CbERici0wTVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFyQUJBTGtCUVZtaVdVNWlVRF9CQVVGWm9sbE9ZbEFfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBY21Nd3dQMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall3T1RqZ0E1a3ZnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBWFNMNmtGaXhwTXdfQVI4RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGWlBBRnhmcmdDUGdGaTVEekFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRzhXamppTFg0NUQ2b0JnR3lCaVFKAV4NAQBSDQgBAQBaAQUNAQBoDQhIQUFBQzRCZ28umgKZASE3QlhRMz75AWRMWHlvQUVnQUNnQU1mRm80NGkxLU9RLU9nbD1JFGhBbVM5SgFPAQEIOEQ5HXkAQh15AEIdeQRCcAEsCQEEQngJCAEBQUVZAfDXQUFBLtgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO2wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjE0MKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMzo2MDk42gQCCAHgBAHwBNKJ9a8BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXr9E_6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ugZAAMgHiPUF0gcNCRE6ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=c9709d7d834a6307a59bdc4d75a5123cfca7ca1c&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957787&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1c27cf70-ca99-44fc-9711-54f26d853516
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 575F 0
747 B 26ms
26ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f425cd44-89a9-4673-8528-aef985b388e7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF8A 43 B
215 B 630ms
179ms Image
image/gif 2600:1f13:800:7782:2ffd:4913:b6c3:d37a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1127614&asId=ee64977a-7d66-d271-f929-fbee132e10df&tv=%7Bc:nfU97N,pingTime:-3,time:307,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:307,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B302~0%5D,as:%5B302~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tgtwLOY+11%7C1211%7C122%7C123%7C1311%7C1411%7C1412%7C1511%7C1512%7C1611%7C1612%7C1711%7C1712%7C1811%7C1911%7C1912%7C1a11%7C1b11%7C1b12%7C1b2%7C1b3%7C1c11%7C1c12%7C1d11%7C1d12%7C1e11%7C1e12%7C1f11%7C1f12%7C1g11%7C1g12%7C1h1%7C1i1%7C1j11%7C1j2%7C1j3%7C1k1%7C1l11%7C1m11%7C1m12%7C1n11%7C1n12%7C1o11%7C1p11%7C1p12%7C1q11%7C1q12%7C1r11%7C1s%7C1t*.1127614-65017073%7C1t1%7C1u1%7C1u2%7C1v1%7C1v2%7C1w%7C1x1%7C1y1%7C1y2%7C1z%7C1101%7C11111%7C112%7C113%7C114%7C115%7C116,idMap:1t*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by: Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF8A 43 B
216 B 626ms
179ms Image
image/gif 2600:1f13:800:7782:2ffd:4913:b6c3:d37a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1127614&asId=ee64977a-7d66-d271-f929-fbee132e10df&tv=%7Bc:nfU97P,pingTime:-6,time:309,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:309,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B304~0%5D,as:%5B304~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tgtwLOY+11%7C1211%7C122%7C123%7C1311%7C1411%7C1412%7C1511%7C1512%7C1611%7C1612%7C1711%7C1712%7C1811%7C1911%7C1912%7C1a11%7C1b11%7C1b12%7C1b2%7C1b3%7C1c11%7C1c12%7C1d11%7C1d12%7C1e11%7C1e12%7C1f11%7C1f12%7C1g11%7C1g12%7C1h1%7C1i1%7C1j11%7C1j2%7C1j3%7C1k1%7C1l11%7C1m11%7C1m12%7C1n11%7C1n12%7C1o11%7C1p11%7C1p12%7C1q11%7C1q12%7C1r11%7C1s%7C1t*.1127614-65017073%7C1t1%7C1u1%7C1u2%7C1v1%7C1v2%7C1w%7C1x1%7C1y1%7C1y2%7C1z%7C1101%7C11111%7C112%7C113%7C114%7C115%7C116,idMap:1t*,rmeas:1,rend:0,renddet:svg.us%7D&tpiLookup=ao:earnme.club*&br=c
Requested by: Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 872F 87 KB
28 KB 1061ms
572ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:22 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:22 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 93BA 87 KB
28 KB 961ms
473ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:22 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:22 GMT

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 0149 0
150 B 74ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=65059300066552001467939012072010&a=df5fc930&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dzqobcegrs%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUPy5L793l_0MwjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAQiXozgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521JRfSkAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyMUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTIx%2Fbn%3D97002%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
ad.ad-srv.net/ Frame 698A
Redirect Chain

https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=474e4a8f4447D6NEqpObTyZkVQZ1HYZ3pmA3HYA0zHIe4vGCyxGBiPel20fCapXWQ9YD...
https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=474e4a8f4447D6NEqpObTyZkVQZ1HYZ3pmA3HYA0zHIe4vGCyxGBiPel20fCapXWQ9YD...

5 KB
2 KB

55ms
30ms

Document
text/html

138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=474e4a8f4447D6NEqpObTyZkVQZ1HYZ3pmA3HYA0zHIe4vGCyxGBiPel20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=65059300066552001467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp14nt9hfjdlipsp%3Ftprde%3D&uidRedirect=1
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dzqobcegrs%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUPy5L793l_0MwjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAQiXozgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521JRfSkAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyMUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTIx%2Fbn%3D97002%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ac4e912413e83a8d57b9051982ba173096cdcaebc34795cfbc20d279d9e71e81

Request headers

Referer: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dzqobcegrs%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUPy5L793l_0MwjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAQiXozgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521JRfSkAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyMUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTIx%2Fbn%3D97002%2Fclickenc%3D&uidRedirect=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1568
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 14:21:21 GMT
Expires: Sun, 04 Sep 2022 15:21:21 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 14829200066555301649441012072010

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:21 GMT
Expires: Sun, 04 Sep 2022 15:21:21 +0200
Location: request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=474e4a8f4447D6NEqpObTyZkVQZ1HYZ3pmA3HYA0zHIe4vGCyxGBiPel20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=65059300066552001467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp14nt9hfjdlipsp%3Ftprde%3D&uidRedirect=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
DATA 200
OK truncated
/ Frame 0149 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/cynamics/tools/js/ Frame 0149 851 B
1 KB 86ms
12ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dzqobcegrs%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUPy5L793l_0MwjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAQiXozgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521JRfSkAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyMUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTIx%2Fbn%3D97002%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Last-Modified: Tue, 03 May 2016 20:55:13 GMT
Server: nginx
ETag: "57291031-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame F74F 0
150 B 72ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=38291500066552101467939012072010&a=3ed3c104&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dtcsdeolg%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP5X7-VffJzUojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAVyYs5AAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LBe7kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjExOUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTE5%2Fbn%3D96994%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

request.php Show response
ad.ad-srv.net/ Frame 64C6
Redirect Chain

https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=adf7c6b5ceceKORReRtnH2DwfjNQfjFQZ0HwA1DoFIg0mAiHGgbxYk20fCapXWQ9YDiL...
https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=adf7c6b5ceceKORReRtnH2DwfjNQfjFQZ0HwA1DoFIg0mAiHGgbxYk20fCapXWQ9YDiL...

5 KB
2 KB

55ms
30ms

Document
text/html

138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=adf7c6b5ceceKORReRtnH2DwfjNQfjFQZ0HwA1DoFIg0mAiHGgbxYk20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=38291500066552101467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpl48wjso8pzrvht%3Ftprde%3D&uidRedirect=1
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dtcsdeolg%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP5X7-VffJzUojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAVyYs5AAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LBe7kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjExOUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTE5%2Fbn%3D96994%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9d5fb7e96468a61fb39d86fa84c844413be52472cf020edf6a42244e318197e8

Request headers

Referer: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dtcsdeolg%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP5X7-VffJzUojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAVyYs5AAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LBe7kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjExOUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTE5%2Fbn%3D96994%2Fclickenc%3D&uidRedirect=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1569
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 14:21:21 GMT
Expires: Sun, 04 Sep 2022 15:21:21 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 81767300066555401649441012072010

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:21 GMT
Expires: Sun, 04 Sep 2022 15:21:21 +0200
Location: request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=adf7c6b5ceceKORReRtnH2DwfjNQfjFQZ0HwA1DoFIg0mAiHGgbxYk20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=38291500066552101467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpl48wjso8pzrvht%3Ftprde%3D&uidRedirect=1
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache

GET
DATA 200
OK truncated
/ Frame F74F 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/cynamics/tools/js/ Frame F74F 851 B
1 KB 88ms
11ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dtcsdeolg%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP5X7-VffJzUojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAVyYs5AAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LBe7kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjExOUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTE5%2Fbn%3D96994%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Last-Modified: Tue, 03 May 2016 20:55:13 GMT
Server: nginx
ETag: "57291031-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 451F 87 KB
28 KB 1287ms
810ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:22 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:22 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7807 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
DATA 200
OK truncated
/ Frame 7807 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 400962b96edf8fbb443ff0cbe24f87aa13fa5ce6613db8604e2d5334f7f4f4f1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 683C 0
747 B 13ms
12ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3f80af76-3f58-40a3-8536-f0a0d0b587cd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BF8A 41 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
DATA 200
OK truncated
/ Frame BF8A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b3116b096bdf5bc5346cfdf6c61a9924c325551bbbb9bf01ce0979dd54e32eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/7157624420957819130/LR_QMO-759_64698_AWA_L461_Motiv1_CM360_SuperBanner_728x90/ Frame 72FB 8 KB
2 KB 15ms
15ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7157624420957819130/LR_QMO-759_64698_AWA_L461_Motiv1_CM360_SuperBanner_728x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46a3ac9772e00ee618ffdecb3deb469397fa1d732789dad969c8397dc65e328d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 172992
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2211
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 14:18:09 GMT
expires: Sat, 02 Sep 2023 14:18:09 GMT
last-modified: Tue, 09 Aug 2022 09:23:50 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF8A 0
27 B 57ms
57ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugSxnxOVl89ngnFL__7YyGeu2aZy60Acqyj-s-De28bVDdxd2Oa4l6f53j1KSuxigvmT9A5rZMX2tWkvApnR8ZZyOfJ6k9flQVl6ItujHqIwNvmPrPoilyjE8EkQiAF7_xLu9SDKi7Lxulf6bhuUvoWNHTIU2K3Iupp6vMkdnpIGVYpsvKXB0olBi2SlidBcPXQTVtqA7vlc-raheskno2D6lJoCOe_jgoihadVVbuPUgB8UyTXTmmlBYlCfSanFy0cBd2X5WaKVGxL3rFgGkIdgKJ3Plq4ALjfvn93hmBf7_WayWle5aBCXALPOwFNy7J9qj1GMjSjjQrZUIVUczpyrn8uwtdyQDrtlLvbss_7kzSA4NceM19e2yZM09SoGeze55DgkvurjOwolESan6YXk4wM-4Uhx1GHRYeGAbE73ey9T4Mt_JVIWx6FTEajB2HtYl8zOZSeSVtjYuxmxIe6s5WSXmksd_qg-k2VU1guTQuehtip2GWP8PPujkhl3rqZF3dgcaCNXmEPhNRCFmdTKWAUCVsWtqZGTTmmuvGt6fFZ-4ffZ3E9ZsWJx6RuGI_hdegkuwFZWZK29mOpoMV9QQfv4gEavLe0OWGtWiFc3oRawoGS8-fiU4w5Dc9ojo2axsyutekLCIT6QtknZz3jJ1CK54a3V9QqQlcbtRT613Wj778VeYbrG_cj-xdKX02js3W5l15Cx6MeRnsR8dyLEKRnkL-tTibzgwsw5nDzOX0c5AlRo5OJPEWOzPbijdabi1TiiboW8omsjBsf_lf9WACqaU0fMsEuJ_ygM0_VGCPgWud37N0YOh4nw61uh6PrHfsuJlnk4iy5kaMauuEj3IZN1uWqKDKvsv-ZkNeVJL-S220tPV1c9z8CzxUoPtyZztfKpojxfiHzoK5ZIhObVwv7hJMV-scVOz4ky7yY7rKXRSzGiqn4N-ej_jV3V3ygunAOC-Go769Z-WKdZQWzPH963p2glxJjVRxNCYL_DuT5VKG6n9dfG8gK56okyXVEhGURvibQ95ZkudDd53z-KTEry9OFrv87RAWW7Q-hv937UpK6L2Gsi49l4R_AP-3bpW0rSxDf42ShDKSkWlOSwZs9qkpUh5xnajs8FAu63jdXw8qvJxDXto9tNHPAEmaOSAg5lUmj5MgKsVbvXAISbxHDFCuP7kJ8Rdk9kW-X5dPIHv7pJ7rmQbuD4juqSyrYnxQ8Y5Z8DJBYzX3gVrKN6GQ6RKCgP-RbhcTnNbQs-WeklvUNmxPimBn5bZ5WKB9ATKsd4rH9A&sai=AMfl-YQfQH3FW77tanfsu5A77yl7tE2ohWXUuc6MmQX5UuEM2BG8Q26ToE2m_NGDcIsibHCkXkaZrOlnDhq2QRwhOaqvbQtjqhij88xu4-eA_86vXCU9hjhVxFYv8CMUobh5iR4BQwhJs2MKZLZuxz0ptR2NqiXLcAyDOWIi3fz3mHk_lGYwPdnRZ3Z5lAYk8LupGys2NXDalymTO5uY2yTohwP2KZGu18s&sig=Cg0ArKJSzEmX27aH_KUwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1320&cbvp=1&cstd=1318&cisv=r20220831.26427&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 04 Sep 2022 14:21:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 5A1F 30 KB
12 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11778
x-xss-protection: 0
server: cafe
etag: 15541287485089275602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:11:23 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 5A1F 3 KB
1 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1432
x-xss-protection: 0
server: cafe
etag: 15450667304708860052
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:11:04 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 5A1F 26 KB
10 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f882756b47651b0f3e87b7031f4d98412c1f2b43fc6cfa900285b8d00a3d3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10270
x-xss-protection: 0
server: cafe
etag: 538911934249463863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:09:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5A1F 0
0 23ms
22ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSsowTnE8W71CCDdY2uK-utPcVJS4Cetg2YAfUNCY5aNgmb5flr1WqUKTh27EN6ryiAiu4KdN-Aqr7D-tYJr3dmYqTHuw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A1F 142 KB
44 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:21 GMT

GET
H3 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 5A1F 43 KB
16 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/one_click_handler_one_afma.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c8de4984d7c3876d27eebf18970f01083f96f9acfc61535b5815bf3ef22f171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16653
x-xss-protection: 0
server: cafe
etag: 6316855503084746725
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:11:13 GMT

GET
H3 200 6199159463009287899
tpc.googlesyndication.com/simgad/ Frame 5A1F 20 KB
20 KB 19ms
18ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6199159463009287899?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmh-EXdbfYOHViEZU1u6BNGYPJQVg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b37fcba8a09af276b78636ab3c89f164866d714c05061e24ca58f952b034950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:10:29 GMT
x-content-type-options: nosniff
age: 281452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20612
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 08:43:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Sep 2023 08:10:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5A1F 0
17 B 58ms
58ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTmjVX7QUY4qLDf2y9u8P6MOs6A2-pebnaoiO697CEMSEhZ4LEAEg5pfWJWCV4pmCrAegAdz47P0DyAECqQLWhheQFrOwPqgDAcgDyQSqBNcBT9CqrRoi3ADDHw5IOQqtumfj3xgRb-OoRJfJndUFYWePOxZ5hhwADtt0H50j2UHcKhOv98IoYAZlVqJAH3oFj9JJE5tAkyFnZiOYSmqkS_IxE0L5kk7dI634Cj9jifJHSp7W4EuFwTmMJTI9XJfqxsakbsyRewPDwU0HKeN7sjGSCciQEjSyKFIZyQAdRRJk8ERVI2erkoyKDWhs9bQlQJzguPhOPaTRYMq1B7oUVVa9dtBBehoqZ7zrYHXj9YQ-9QMraJ_BBBQ_Eoj2F_1rxXCM_Kgh7IDABJiI6-GbBJIFBAgEGAGSBQQIBRgEoAYCgAeMh5MCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHSCBEIgOGAEBABGAAyAqoCOgKAQPIIDmJpZGRlci02Mjc5ODEwgAoEyAsB2BMN0BUBgBcBshcICgYIABIAGAA&sigh=s6Rodw5NMV0&uach_m=[UACH]&pr=10:0.00908&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 04 Sep 2022 14:21:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 8D4C 0
840 B 13ms
13ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK0C_BMtAUAAAMA1gAFAQjf6NKYBhCjt9nMls_ypSkYjYHql4-bxtEoKjYJZb0Yyol2ZT8R4s4vSIYVYD8ZAAAA4KNwzT8h4s4vSIYVYD8pZr0JJPCaMQAAAEDhepQ_MO-83ww4mFBAmglIAlDJnvW0AVi18qABYABoif3DAXj-9QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDYwNzg0NzEsIDE2NjIzMDEyNzkpO3VmKCdpJywgNzQwNTIyNiwgMTY2MjMwMTI3OSkFHTBnJywgMTg0NjQ3MTMsQjsAMHMnLCAyNzYzNjczMTVGHwAwcicsIDM3OTQwODIwMTYfAPReAZIC0QQhQW5KUlBRaWN1YnNaRU1tZTliUUJHQUFndGZLZ0FUQUJPQUJBQUVpYUNWRHZ2TjhNV0FCZ2JXZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0JYckQ3RGVPS1pUX0JBVU15OFVuV2NtVV95UUVBQUFDZ0NYSHVQOWtCaXhwTXdfQVI4RF9nQWFyOXd3UDFBZGhzVnp5WUFnQ2dBZ0MxQWdBQUFBQzlBZ0FBQUFEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHaUF3NElfcE8zSkJBRUdBRXRaS2NITzZJREV3am52cWNrRUFvWUFTMU5pSE1fTWdOMWJtdWlBdzRJbU5UNkloQUxHQUl0QUFBQUFMb0RDVUZOVXpNNk5qRXlNdUFEbVMtQUJLdjI1QWlJQktLMjZ3aVFCQUNZQkFUQkJBQUFBQQGoEEFBeVFRCQkBARhOZ0VBUEVFAQsJAVBDSUJlb3ZtQVhUai1TREFha0ZpeHAtDAgteEIdOwh3UVUJMwEBCE1rRgEHHFFGT2QwVF9SLigAADIVKMBEd1AtQUZoZ0x3QmNuXzVnajRCWWVBOHdLQ0JnTkZWVktJQmdTUUJnR1lCZ0NoQmdBAVM0QUFCQkFxQVlFc2dZa0MdgABFHQwARx0MAEkdDDR1QVlLmgKZASFJeFRIbj5VAixMWHlvQUVnQUNnQU0RNVhCQkFPZ2xCVFZNek9qWXhNakpBbVM5SjkFBDlSCZYBAQRCWgEGCQEEQmgJCAEBBEJwAQYJAQRCeAkIAQFBoQRrQgEKAQHw1zhEOC7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMTE3OCNBTVMzOjYxMjLaBAIIAeAEAfAEyZ71tAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAUOcNgFAeAFAfAFq_dG-gUECAAQAJAGAJgGALgGAMEGBSIsAPA_0AbgA9oGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ugZAAMgH_vUF0gcNCRE6ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=f4044244f8036fc0937dfa16964013edda8bbf3e&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26730095&cid=3&cr=nv&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5b7c44b5-2949-4d0d-a223-fc989f3644cd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E8CE 41 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
DATA 200
OK truncated
/ Frame E8CE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9654143a6201edb2c90d881fd3f22c725b41e9104596cb4c5c7b693a8f718304

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CD88 0
747 B 13ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 92720f57-79fe-482c-a30d-69942444a2b7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame F6C9 0
150 B 39ms
15ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=10480400066552501467939012072010&a=22e2e00b&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkhwcukop%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP0P6bwgdGQsvjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAyiJtAQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd1kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0CZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96585%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK request.php Show response
ad.ad-srv.net/ Frame F0CA 5 KB
2 KB 64ms
37ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=60d2a4a60c30SPH4gRtnHlRwZjHGgjpmA3pGg0DoFE9PmC7FGd8Zml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=10480400066552501467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp0kz5cq9vyno49h%3Ftprde%3D
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkhwcukop%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP0P6bwgdGQsvjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAyiJtAQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd1kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0CZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96585%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 04aaeea5e77f0952bdcb590233ccb5aedd78a387cdfc15d5f9d73d67be72d3b4

Request headers

Referer: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkhwcukop%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP0P6bwgdGQsvjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAyiJtAQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd1kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0CZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96585%2Fclickenc%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1569
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 14:21:21 GMT
Expires: Sun, 04 Sep 2022 15:21:21 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 48487700066555701649441012072010

GET
DATA 200
OK truncated
/ Frame F6C9 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/cynamics/tools/js/ Frame F6C9 851 B
1 KB 53ms
11ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkhwcukop%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP0P6bwgdGQsvjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAyiJtAQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd1kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0CZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96585%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Last-Modified: Tue, 03 May 2016 20:55:13 GMT
Server: nginx
ETag: "57291031-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D8E2 236 KB
63 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Sep 2022 14:21:21 GMT

GET
H3 200 TEF_o2Business_22-02_K1_03-Produktfunnel_KPA_PERF_StO-Netz_300x250.js Show response
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 39 KB
6 KB 16ms
15ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/TEF_o2Business_22-02_K1_03-Produktfunnel_KPA_PERF_StO-Netz_300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40f06e2fa7d180e086d73705d465e636048378a1eb00def94a5aefa675c0886b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344396
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5921
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:25 GMT

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 4F9D 0
150 B 39ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=37787700066552701467939012072010&a=35dd6e07&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkqwlsycf%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP1Svmx6DSP86jYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA6yIkUwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LRcGkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA4NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDg0%2Fbn%3D96847%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK request.php Show response
ad.ad-srv.net/ Frame FEF5 5 KB
2 KB 62ms
36ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=1115e44546182O02gRtnH2DwfjNQfjFQZ0HwA1DoFE90Ghvvmg8Pml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=37787700066552701467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpdhy0vsgeo2osnp%3Ftprde%3D
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkqwlsycf%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP1Svmx6DSP86jYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA6yIkUwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LRcGkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA4NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDg0%2Fbn%3D96847%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 562ebd4cea76dbbbeb4a6c7bf1b51792e0b675fcf9634bff8725724dfa0151d5

Request headers

Referer: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkqwlsycf%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP1Svmx6DSP86jYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA6yIkUwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LRcGkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA4NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDg0%2Fbn%3D96847%2Fclickenc%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1568
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 14:21:21 GMT
Expires: Sun, 04 Sep 2022 15:21:21 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 18038400066555601649441012072010

GET
DATA 200
OK truncated
/ Frame 4F9D 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/cynamics/tools/js/ Frame 4F9D 851 B
1 KB 54ms
12ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkqwlsycf%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP1Svmx6DSP86jYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA6yIkUwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LRcGkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA4NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDg0%2Fbn%3D96847%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Last-Modified: Tue, 03 May 2016 20:55:13 GMT
Server: nginx
ETag: "57291031-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2AA6 31 KB
10 KB 9ms
9ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12539
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 759D 0
747 B 19ms
19ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c7a85e42-6f16-434f-b3c9-46a581f4bb97
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D2CC 0
747 B 13ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e8dfd1b3-bb7a-4f8c-85a5-f312fdb5bb80
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 43D4 41 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
URL: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9714 1 KB
755 B 15ms
14ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
URL: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 13:15:15 GMT
etag: 48472445140208031
expires: Mon, 05 Sep 2022 13:15:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6907 0
747 B 15ms
15ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: af5c5a16-7046-4cac-ad82-6ce15aba2f7e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C059 0
747 B 14ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: a85fa5b6-20fa-48fb-afb7-311a946da313
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1130 236 KB
63 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Sep 2022 14:21:21 GMT

GET
H3 200 TEF_o2Business_22-02_K1_03-Produktfunnel_KPA_PERF_StO-Netz_300x250.js Show response
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 39 KB
6 KB 15ms
14ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/TEF_o2Business_22-02_K1_03-Produktfunnel_KPA_PERF_StO-Netz_300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40f06e2fa7d180e086d73705d465e636048378a1eb00def94a5aefa675c0886b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344396
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5921
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:25 GMT

GET
H3 200 6199159463009287899
tpc.googlesyndication.com/simgad/ Frame D5FB 20 KB
20 KB 19ms
19ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6199159463009287899?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmh-EXdbfYOHViEZU1u6BNGYPJQVg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b37fcba8a09af276b78636ab3c89f164866d714c05061e24ca58f952b034950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:10:29 GMT
x-content-type-options: nosniff
age: 281452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20612
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 08:43:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Sep 2023 08:10:29 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame D5FB 30 KB
12 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11778
x-xss-protection: 0
server: cafe
etag: 15541287485089275602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:11:23 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame D5FB 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1432
x-xss-protection: 0
server: cafe
etag: 15450667304708860052
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:11:04 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame D5FB 26 KB
10 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f882756b47651b0f3e87b7031f4d98412c1f2b43fc6cfa900285b8d00a3d3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10270
x-xss-protection: 0
server: cafe
etag: 538911934249463863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:09:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D5FB 0
0 27ms
25ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTxAE4kEciAcOSuQuhYuPEAUYNXqMuL4AFMV1dkhon2UoH6jSaIFyXwcNvfYMhT_ioIyVLQxOub7Z_1afbDn826kg20Ag
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5FB 142 KB
44 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:21 GMT

GET
H3 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame D5FB 43 KB
16 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/one_click_handler_one_afma.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c8de4984d7c3876d27eebf18970f01083f96f9acfc61535b5815bf3ef22f171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16653
x-xss-protection: 0
server: cafe
etag: 6316855503084746725
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:11:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D5FB 0
17 B 63ms
62ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgugDX7QUY-P_DtKU-gaA05DQC76l5udqiI7r3sIQxISFngsQASDml9YlYJWCgICsB6AB3Pjs_QPIAQKpAtaGF5AWs7A-qAMByAPJBKoE2AFP0JodgadPlncvKLHvaieGDvEjocfN5pYlP7l5L05mERkz6qViIMsJKR5lARw6a1VZYOIwSkVhjr1oHi7DrzqBhiZ5H57F3qd5BrwKPUhcb3ndkDEJ2Og8lGlOdOQvSRMhugJtpe7tORV2SOWdMrejJgz1ihodMN_B0_v3WlnZe4xJ_A2iLuh2xeD4IZFcEDtTfZp5rg1ymm9Af3vwMSG9G7U49wDkja2puMz5tS3jQ59BhgZZ9PUd71GXLqTgn-btB1VAJVnV1pZQZREIh322PW1jakuYT2zABJiI6-GbBJIFBAgEGAGSBQQIBRgEoAYCgAeMh5MCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHSCBEIgOGAEBABGAAyAqoCOgKAQPIIDmJpZGRlci02Mjc5ODEwgAoEyAsB2BMN0BUBgBcBshcICgYIABIAGAA&sigh=n3wrYQf1RsA&uach_m=[UACH]&pr=10:0.01093&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 04 Sep 2022 14:21:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0DBE 0
747 B 19ms
19ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 11548a23-f01f-4032-9588-0ffd769b7cd8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 a8355064648aa7a1ab68278019a58f4a.js Show response
s0.2mdn.net/sadbundle/2753383143326280557/ Frame 8157 65 KB
17 KB 17ms
16ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ddcd6353390a194d3a68b5f7c2fbf5ccf142dbb32421c927042af27e9c400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 03:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 472522
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17337
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 03:05:59 GMT

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame B230 0
150 B 36ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=61469100066553001467939012072010&a=925dd11f&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Daabgaam%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUPwURx_nJzGQgjYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAGiOtYQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdKkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjE0OECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTQ4%2Fbn%3D97180%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK request.php Show response
ad.ad-srv.net/ Frame 2808 5 KB
2 KB 60ms
30ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=0c5a64f00551j7CRYrNdEMQAlPQZjPYAjDGA2HQgWI1mAkRFC5RGj20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=61469100066553001467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp0wpsq0atmt01rl%3Ftprde%3D
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Daabgaam%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUPwURx_nJzGQgjYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAGiOtYQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdKkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjE0OECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTQ4%2Fbn%3D97180%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1fd0b2ae3a82b08ac40493caa5c246e6f10e35d7357d495a26d2f0ec02c7ec53

Request headers

Referer: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Daabgaam%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUPwURx_nJzGQgjYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAGiOtYQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdKkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjE0OECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTQ4%2Fbn%3D97180%2Fclickenc%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1568
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 14:21:21 GMT
Expires: Sun, 04 Sep 2022 15:21:21 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 39536800066556001649441012072010

GET
DATA 200
OK truncated
/ Frame B230 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/cynamics/tools/js/ Frame B230 851 B
1 KB 63ms
14ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Daabgaam%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUPwURx_nJzGQgjYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAGiOtYQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdKkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjE0OECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTQ4%2Fbn%3D97180%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Last-Modified: Tue, 03 May 2016 20:55:13 GMT
Server: nginx
ETag: "57291031-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 3FF0 0
150 B 43ms
13ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=59642400066553101467939012072010&a=2c6c8f4b&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dxfnkvhpoaq%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP05HambBkCwVjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAhibppQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96722%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK request.php Show response
ad.ad-srv.net/ Frame 5B01 5 KB
2 KB 61ms
32ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=616649953d598IDnroNdEWGZlNGA1PmA3pmA1FQgWI1YZu8XVmllXi0ej20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=59642400066553101467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpra7js7vbzy6012%3Ftprde%3D
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dxfnkvhpoaq%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP05HambBkCwVjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAhibppQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96722%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 5d20e5400f784c60650aac191c6f1c33f1c7ac3075244b24bdcbddf789d99bb6

Request headers

Referer: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dxfnkvhpoaq%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP05HambBkCwVjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAhibppQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96722%2Fclickenc%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1568
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 14:21:21 GMT
Expires: Sun, 04 Sep 2022 15:21:21 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 54264600066556101649441012072010

GET
DATA 200
OK truncated
/ Frame 3FF0 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/cynamics/tools/js/ Frame 3FF0 851 B
1 KB 64ms
13ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dxfnkvhpoaq%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP05HambBkCwVjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAhibppQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96722%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Last-Modified: Tue, 03 May 2016 20:55:13 GMT
Server: nginx
ETag: "57291031-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D6D0 31 KB
10 KB 10ms
8ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12539
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 1709 0
150 B 37ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=50892600066553201467939012072010&a=31e235d0&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Ddyafdikm%26e%3D1834762243861&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUP3QAhFfjEMULjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAZSM8LgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96723%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK request.php Show response
ad.ad-srv.net/ Frame D39A 5 KB
2 KB 61ms
30ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=8792da03ba34LORJdRtnIlNmgjVGZlLmZ3Rwg0DoFI9pmXwHGCuXGk20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=50892600066553201467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp9qi2g7umd8uy8z%3Ftprde%3D
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Ddyafdikm%26e%3D1834762243861&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUP3QAhFfjEMULjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAZSM8LgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96723%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b451a9f9a0d031ae626504830f334a708ff3634e8688688d1d4cf17a6fb756e3

Request headers

Referer: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Ddyafdikm%26e%3D1834762243861&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUP3QAhFfjEMULjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAZSM8LgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96723%2Fclickenc%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1568
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 14:21:21 GMT
Expires: Sun, 04 Sep 2022 15:21:21 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 38808200066556201649441012072010

GET
DATA 200
OK truncated
/ Frame 1709 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/cynamics/tools/js/ Frame 1709 851 B
1 KB 55ms
11ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Ddyafdikm%26e%3D1834762243861&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUP3QAhFfjEMULjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAZSM8LgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96723%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Last-Modified: Tue, 03 May 2016 20:55:13 GMT
Server: nginx
ETag: "57291031-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H3 200 6199159463009287899
tpc.googlesyndication.com/simgad/ Frame 28D4 20 KB
20 KB 22ms
18ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6199159463009287899?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmh-EXdbfYOHViEZU1u6BNGYPJQVg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b37fcba8a09af276b78636ab3c89f164866d714c05061e24ca58f952b034950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:10:29 GMT
x-content-type-options: nosniff
age: 281452
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20612
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 08:43:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Sep 2023 08:10:29 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/ Frame 28D4 30 KB
12 KB 22ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:11:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11778
x-xss-protection: 0
server: cafe
etag: 15541287485089275602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:11:23 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 28D4 3 KB
1 KB 22ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1432
x-xss-protection: 0
server: cafe
etag: 15450667304708860052
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:11:04 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 28D4 26 KB
10 KB 22ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f882756b47651b0f3e87b7031f4d98412c1f2b43fc6cfa900285b8d00a3d3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:09:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 730
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10270
x-xss-protection: 0
server: cafe
etag: 538911934249463863
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:09:11 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 28D4 0
0 26ms
21ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRdHRJHB81I8zEC7h4JBOBgPGJUpcYpj0WniNHt2V4XXyHEurJu1VI_RqXb_Kfz9ZrShywL5W-ZuXLTky1eGVr8pe6apQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 28D4 142 KB
44 KB 28ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:21 GMT

GET
H3 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/ Frame 28D4 43 KB
16 KB 22ms
18ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220831/r20110914/client/one_click_handler_one_afma.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c8de4984d7c3876d27eebf18970f01083f96f9acfc61535b5815bf3ef22f171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16653
x-xss-protection: 0
server: cafe
etag: 6316855503084746725
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:11:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 28D4 0
17 B 61ms
56ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ch7LBX7QUY8DMK9Sy9u8PkIKY8Au-pebnaoiO697CEMSEhZ4LEAEg5pfWJWCVgoCArAegAdz47P0DyAECqQLWhheQFrOwPqgDAcgDyQSqBNcBT9BFza0N0k3hP8mDM-ljTqxEardlsriH6k_Uh0tzCocjpjLtBA8icqcrXtSyzv0fam_u0VbhCM6TZ0W7Y9D1ZIaf5Cb_I1B4diVUhrKRVpsWugOJPKguQ6RWkkI5px_LXtASjhtusDZYPThR2kAHLsFOsWUKsswK0DoQiVM-OMUmoSFeEtbvydSlprsAaaM7X5CxOvQQRkATaZAL2SWQx7WlSKsq0YaW1jFq8JmO7WqoR2ZsU9FDLp1pIsumB3f7wzKvW1lqSneMRIFogYdcPy5DxU1VBvTABJiI6-GbBJIFBAgEGAGSBQQIBRgEoAYCgAeMh5MCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHSCBEIgOGAEBABGAAyAqoCOgKAQPIIDmJpZGRlci02Mjc5ODEwgAoEyAsB2BMN0BUBgBcBshcICgYIABIAGAA&sigh=xh27p8J4eMo&uach_m=[UACH]&pr=10:0.008399&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 04 Sep 2022 14:21:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 43D4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03871471a0675b4fba54a0f9932f69342b3a351c4a4855f8cf930d353ffd7f49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame A167 0
150 B 39ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=88059700066553301467939012072010&a=9b47b9ee&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsjucnsasr%26e%3D1834762243861&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FnyvqSOsokT9k-Avqy8mGPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUPzkfOsE94mtpjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAXCUTEAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdNkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA5NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDk0%2Fbn%3D96880%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK request.php Show response
ad.ad-srv.net/ Frame 1715 5 KB
2 KB 61ms
34ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=5847ed2bdfcdj6NgwpObJyZjpYZlRwZ2ZmAkLYA0zHHi4vGb48Gd0fYl20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=88059700066553301467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpzisq3d9x6v89fe%3Ftprde%3D
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsjucnsasr%26e%3D1834762243861&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FnyvqSOsokT9k-Avqy8mGPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUPzkfOsE94mtpjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAXCUTEAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdNkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA5NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDk0%2Fbn%3D96880%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1da1d4b69a98776d3f77ea14b63ac16ededd29266f62fa4a87c2b5d88d17b2f0

Request headers

Referer: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsjucnsasr%26e%3D1834762243861&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FnyvqSOsokT9k-Avqy8mGPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUPzkfOsE94mtpjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAXCUTEAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdNkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA5NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDk0%2Fbn%3D96880%2Fclickenc%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1568
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 14:21:21 GMT
Expires: Sun, 04 Sep 2022 15:21:21 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 35926900066556301649441012072010

GET
DATA 200
OK truncated
/ Frame A167 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/cynamics/tools/js/ Frame A167 851 B
1 KB 56ms
11ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dsjucnsasr%26e%3D1834762243861&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FnyvqSOsokT9k-Avqy8mGPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUPzkfOsE94mtpjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAXCUTEAAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdNkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA5NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDk0%2Fbn%3D96880%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Last-Modified: Tue, 03 May 2016 20:55:13 GMT
Server: nginx
ETag: "57291031-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 31C9 0
150 B 39ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=64787900066553401467939012072010&a=4ffcedcf&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dyfqcmrenshr%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP3dAqpV0pb9ojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAYSNJeQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521MBfWkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2OUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY5%2Fbn%3D96751%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK request.php Show response
ad.ad-srv.net/ Frame 92E0 5 KB
2 KB 57ms
30ms Document
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=416001b9e73a0THg7UtnH2DwfjNQfjFQZ0HwA1DoFEgvmb48Fg4pGdj0ej20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=64787900066553401467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fphz41rhwbol80qk%3Ftprde%3D
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dyfqcmrenshr%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP3dAqpV0pb9ojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAYSNJeQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521MBfWkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2OUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY5%2Fbn%3D96751%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 4083c44d2860140b136b84fdb3ff8f248074dd47481040f70445f619c1815f94

Request headers

Referer: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dyfqcmrenshr%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP3dAqpV0pb9ojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAYSNJeQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521MBfWkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2OUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY5%2Fbn%3D96751%2Fclickenc%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1570
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Sep 2022 14:21:21 GMT
Expires: Sun, 04 Sep 2022 15:21:21 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-NEORY-SubId: 43127800066556401649441012072010

GET
DATA 200
OK truncated
/ Frame 31C9 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/cynamics/tools/js/ Frame 31C9 851 B
1 KB 53ms
11ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/cynamics/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dyfqcmrenshr%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP3dAqpV0pb9ojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAYSNJeQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521MBfWkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2OUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY5%2Fbn%3D96751%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Last-Modified: Tue, 03 May 2016 20:55:13 GMT
Server: nginx
ETag: "57291031-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2249 106 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Origin: https://flashnetic.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 16:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77147
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Sep 2022 16:55:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 2249 8 KB
3 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B25209229.293788719;dc_ver=90.265;dc_eid=40004000;sz=300x250;u_sd=1;gdpr=0;aucid=3426929627831539629;crid=275448214;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3210668679;ord=1b85se;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FDKZh-IiYYj8_WXRU9bdbPwAAAKCZmck_P1l0VPW3Wz8NpmH4iJhiP60XKQFX5o4vjYD68tgYoyhftBRjAAAAANdXmwEYKAAA6h8AAAIAAACWAWsQNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA1yPsvQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhUq7wjOwJwXEJaDrIMBGLXyoAEgACgAMXsUrkfheoQ_OglBTVMzOjU5OTNAmS9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DODE3MCNBTVMzOjU5OTM%3D%2Fbn%3D96446%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fearnme.club%2F$0;xdt=1;crlt=_!wYP!_V'_;gcsr=m;stc=1;chaa=1;sttr=692;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:07:31 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2249 41 KB
15 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 2249 27 KB
10 KB 158ms
107ms Script
text/javascript 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?sz=300x250&c=87880815&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=87880815&sz=300x250&js=st_dapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

c633fe85b434ffcabfc6e51b4bf9c6394022218c1528968ec41dc8f409f91dce

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: od4n2i2QgvuCnD7rhkxqsM0v50cj2TnkT6MP0w5mwYwhK9wrMYk-vA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF8A 43 B
215 B 396ms
180ms Image
image/gif 2600:1f13:800:7782:2ffd:4913:b6c3:d37a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1127614&asId=ee64977a-7d66-d271-f929-fbee132e10df&tv=%7Bc:nfU9bA,pingTime:-2,time:542,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2498,beZ:2500,mfA:2501,cmA:2502,inA:2502,inZ:2506,prA:2506,prZ:2522,si:2528,poA:2529,poZ:2548,cmZ:2548,mfZ:2548,loA:2808,loZ:2811,ltA:3040,ltZ:3040%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:542,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B537~0%5D,as:%5B537~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tgtwLOY+11%7C1211%7C122%7C123%7C1311%7C1411%7C1412%7C1511%7C1512%7C1611%7C1612%7C1711%7C1712%7C1811%7C1911%7C1912%7C1a11%7C1b11%7C1b12%7C1b2%7C1b3%7C1c11%7C1c12%7C1d11%7C1d12%7C1e11%7C1e12%7C1f11%7C1f12%7C1g11%7C1g12%7C1h1%7C1i1%7C1j11%7C1j2%7C1j3%7C1k1%7C1l11%7C1m11%7C1m12%7C1n11%7C1n12%7C1o11%7C1p11%7C1p12%7C1q11%7C1q12%7C1r11%7C1s%7C1t*.1127614-65017073%7C1t1%7C1u1%7C1u2%7C1v1%7C1v2%7C1w%7C1x1%7C1y1%7C1y2%7C1z%7C1101%7C11111%7C112%7C113%7C114%7C115%7C116,idMap:1t*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,sinceFw:511,readyFired:false%7D&br=c
Requested by: Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
x-server-name: dt18.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C7BD 106 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Origin: https://flashnetic.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 16:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77147
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Sep 2022 16:55:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame C7BD 8 KB
3 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B25247223.292818147;dc_ver=90.265;sz=300x250;u_sd=1;gdpr=0;aucid=4277661968790706888;crid=266301912;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3062143102;ord=pzzupd;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FVdl3RfC_hT-Ash2bujWAPwAAAIDrUcg_gLIdm7o1gD9V2XdF8L-FP8ja94blTl07jYD68tgYoyhftBRjAAAAANtXmwEYKAAA6h8AAAIAAADYcd8PNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAKynsKQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521ARcylgjahNQVENjj_X4YtfKgASAAKAAxmpmZmZmZuT86CUFNUzM6NjAxNkCZL0kAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAADQP2kAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DODE3MCNBTVMzOjYwMTY%3D%2Fbn%3D96473%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fearnme.club%2F$0;xdt=1;crlt=_!wYP!_V'_;gcsr=m;stc=1;chaa=1;sttr=683;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 830
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:07:31 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C7BD 41 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196224
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame C7BD 27 KB
10 KB 147ms
106ms Script
text/javascript 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?sz=300x250&c=788328540&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=788328540&sz=300x250&js=st_dapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d67bc3d235ddbcccaf2f45fcb6a680f8cf27f7e20afb75af42bf010f0cead11b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: zX5ESouQxpHw7vEPCeFuG6h5RycOU1VBIJcTp-YZxV86jayhfPE5jQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 5E6D
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/886862/62195780/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_YLQUY7...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

9ms
8ms

Script
application/javascript

2600:9000:214f:7a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Server: 2600:9000:214f:7a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id: MbIR9TkejTs72xujqyO6B7CRlRDcZpEf
content-encoding: gzip
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
age: 40583
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 26 Aug 2022 15:08:00 GMT
server: AmazonS3
date: Sun, 04 Sep 2022 03:05:00 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 6NDenmcig4AyaXSgDFgvv_Nb0NFNGNUmDUOzqXAa6wBT8VdRBVAebA==

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:21 GMT
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 7070 80 KB
21 KB 8ms
8ms Script
application/javascript 2600:9000:214f:7a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 09 Aug 2022 11:54:48 GMT
content-encoding: gzip
age: 2255194
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
content-type: application/javascript
x-amz-cf-id: W8bAhzynlN2M92cxgtRWx4vPVbzaHdY7OuVyRTtt5goVxnWUJfrAKA==

GET
H3 200 impl_v90.js Show response
www.googletagservices.com/dcm/ Frame 60E3 54 KB
21 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v90.js

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 16:29:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 251499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21331
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 13:07:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Sep 2023 16:29:42 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3272 31 KB
10 KB 14ms
14ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12539
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 48EF 22 KB
8 KB 15ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3EEB 0
747 B 13ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:21 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0448647e-9976-48ef-8ef7-4c2690499225
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BE34 0
0 48ms
47ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022083001&jk=1838023014114108&rc=
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 526B 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
URL: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B743 1 KB
755 B 14ms
13ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
URL: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3967
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 13:15:15 GMT
etag: 48472445140208031
expires: Mon, 05 Sep 2022 13:15:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 526B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf2be06d19a68f71fdee682bdcaa39cffa36c4deb5918fb5b8fa79e335376332

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame BEE5 22 KB
8 KB 14ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2E53 0
747 B 13ms
12ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c764a61a-0594-417d-88fe-b068314f3a47
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 a8355064648aa7a1ab68278019a58f4a.js Show response
s0.2mdn.net/sadbundle/2753383143326280557/ Frame 986C 65 KB
17 KB 15ms
15ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ddcd6353390a194d3a68b5f7c2fbf5ccf142dbb32421c927042af27e9c400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 03:05:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 472523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17337
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 03:05:59 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 03D2 22 KB
8 KB 15ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2BE2 0
0 48ms
47ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022083001&jk=4208870347843066&rc=
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7612 0
0 48ms
48ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022083001&jk=1629497221745310&rc=
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 90EC 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsth9z0mRJ40syPTu1c125Re5lLQ9BBvmmAlNifm4Nb_IGanpL9u-G6FgboUYHNP4TMyELOunqEsdo6lirt0w6e6bX-THZmFFwO4-XE87qTY8EdW1xycG7E1b7w5uqOomUcjwfureXk&sai=AMfl-YTk-kTjJYx6GGrATyBhff1J-IIs6BkJIknD_njTr9ZbYOeQ25_xOmBDSyhpwMavMs8VsFh5Jq7kR1vHYvNOKHD4CJasoyrHTazHXlYGp31DcoGYpqxQK6MTMihko-o&sig=Cg0ArKJSzN8eiLgl3G8PEAE&cid=CAAST-RoXF97Ts53UDiL-m5a2HEhMikoEAcwVuWi-_a6hqLTdxwu1ywVFSPla60Exvn-H0F0P7jN-UT3MzOfVVrg2Tqd8GPqGcpN47olakyzr4s&id=lidar2&mcvt=1253&p=713,989,963,1289&mtos=1253,1253,1253,1253,1253&tos=1253,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=174271566&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662301278943&rpt=1873&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5E6D 43 B
215 B 182ms
181ms Image
image/gif 2600:1f13:800:7782:2ffd:4913:b6c3:d37a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=5cce56d9-e083-dead-168c-7a649c183f0b&tv=%7Bc:nfU9gk,pingTime:-3,time:282,type:v,im:%7BpBlk:58%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:38%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:282,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B277~0%5D,as:%5B277~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tgtwLXU+11%7C121*.886862-62195780%7C1211%7C122%7C123%7C1311%7C1411%7C1412%7C15111%7C1512%7C16111%7C1612%7C1711%7C1712%7C1811%7C19111%7C1912%7C1a11%7C1b11%7C1b12%7C1b13%7C1b2%7C1b3%7C1c111%7C1c12%7C1d111%7C1d12%7C1e111%7C1e12%7C1f111%7C1f12%7C1g11%7C1g12%7C1h1%7C1i1%7C1j11%7C1j12%7C1j2%7C1j3%7C1k1%7C1l11%7C1l12%7C1m11%7C1m12%7C1n111%7C1n12%7C1o11%7C1p11%7C1p12%7C1q111%7C1q12%7C1r11%7C1s%7C1t1%7C1t2%7C1t3%7C1u1%7C1u2%7C1v1%7C1v2%7C1w%7C1x11%7C1y1%7C1y2%7C1z%7C1101%7C11111%7C112%7C113%7C114%7C115%7C116,idMap:121*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by: Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5E6D 43 B
215 B 271ms
270ms Image
image/gif 2600:1f13:800:7782:2ffd:4913:b6c3:d37a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=5cce56d9-e083-dead-168c-7a649c183f0b&tv=%7Bc:nfU9gm,pingTime:-6,time:284,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:284,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B279~0%5D,as:%5B279~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tgtwLXU+11%7C121*.886862-62195780%7C1211%7C122%7C123%7C1311%7C1411%7C1412%7C15111%7C1512%7C16111%7C1612%7C1711%7C1712%7C1811%7C19111%7C1912%7C1a11%7C1b11%7C1b12%7C1b13%7C1b2%7C1b3%7C1c111%7C1c12%7C1d111%7C1d12%7C1e111%7C1e12%7C1f111%7C1f12%7C1g11%7C1g12%7C1h1%7C1i1%7C1j11%7C1j12%7C1j2%7C1j3%7C1k1%7C1l11%7C1l12%7C1m11%7C1m12%7C1n111%7C1n12%7C1o11%7C1p11%7C1p12%7C1q111%7C1q12%7C1r11%7C1s%7C1t1%7C1t2%7C1t3%7C1u1%7C1u2%7C1v1%7C1v2%7C1w%7C1x11%7C1y1%7C1y2%7C1z%7C1101%7C11111%7C112%7C113%7C114%7C115%7C116,idMap:121*,rmeas:1,rend:0,renddet:svg.us%7D&tpiLookup=ao:earnme.club*%2Cearnme.club*&br=c
Requested by: Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 pd
u.openx.net/w/1.0/ Frame 872F 43 B
120 B 59ms
19ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 86E3 0
747 B 14ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: cd73c718-2921-4974-af73-16e5b7739315
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DA65 0
747 B 25ms
24ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: cacabd02-9808-42ff-b8c1-68f34f86e532
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 72FB 236 KB
63 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7157624420957819130/LR_QMO-759_64698_AWA_L461_Motiv1_CM360_SuperBanner_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7157624420957819130/LR_QMO-759_64698_AWA_L461_Motiv1_CM360_SuperBanner_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Sep 2022 14:21:22 GMT

GET
H3 200 index.js Show response
s0.2mdn.net/sadbundle/7157624420957819130/LR_QMO-759_64698_AWA_L461_Motiv1_CM360_SuperBanner_728x90/ Frame 72FB 25 KB
6 KB 16ms
15ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7157624420957819130/LR_QMO-759_64698_AWA_L461_Motiv1_CM360_SuperBanner_728x90/index.js?1653565212534

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7157624420957819130/LR_QMO-759_64698_AWA_L461_Motiv1_CM360_SuperBanner_728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2119289f05d9a59a96284785dc13266dc3b8564835df6a2382e64d82aa94067f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7157624420957819130/LR_QMO-759_64698_AWA_L461_Motiv1_CM360_SuperBanner_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 14:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172993
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5936
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 09:23:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 14:18:09 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6D5C 143 B
163 B 13ms
13ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 596
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 14:11:26 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ic5.php Show response
data00.adlooxtracking.com/ads/ Frame 8D4C 80 B
493 B 70ms
36ms XHR
text/plain 35.241.31.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_314%26tagid%3D498%26typejs%3Dtvaf%26fwtype%3D1%26creatype%3D2%26targetelt%3D%26custom1area%3D50%26custom1sec%3D1%26custom2area%3D80%26custom2sec%3D5%22%7D&adloox_io=1&client=gamned&campagne=314&banniere=0&visite_id=1694433363&seq=0&timezone=0&js=tfav_adl_314.js&date_regen=2021-12-16%2013%3A16%3A12&plat=12&tagid=498&fw=1&version=1&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=2180927&id2=276367315&id3=379408201&id4=300x250&id5=26730095&id6=6078471&id7=10264&id8=18464713&id9=2928211502789460109&id10=1193304316&id11=display&id12=italie&id13=%24ADLOOX_WEBSITE&id14=iab_80_5&id20=614b730&p_d=1.17&d5=2550&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=postbid_if_1662301278509%40https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dvksbyedf%26e%3D1957767944024&iframe=1&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=6%3A%20top%20%21%3D%20window%20-%3E%20GLOBAL.document.referrer%20https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dvksbyedf%26e%3D1957767944024&url_referrer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dvksbyedf%26e%3D1957767944024&ao=https%3A%2F%2Fflashnetic.com&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by: Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_314.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: nginx/1.19.8 / PHP/7.4.30
Resource Hash: f3382cc87fdb08eae6e65526325b1ebccef876c8d85e241ef9b1113d32d56580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:22 GMT
content-encoding: gzip
access-control-allow-origin: https://flashnetic.com
x-powered-by: PHP/7.4.30
route: ads-prod-dcf4477bc-5qgnx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
server: nginx/1.19.8
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
timing-allow-origin: *
expires: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F6A7 0
747 B 13ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 84f97a35-40a8-4c8e-8aa6-69359ca08d5f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

evergreen-kis-300x250.jpg
media.kaspersky.com/de/affiliates/ Frame 698A
Redirect Chain

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=14829200066555301649441012072010
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

80 KB
80 KB

341ms
279ms

Image
image/jpeg

185.85.15.23
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=474e4a8f4447D6NEqpObTyZkVQZ1HYZ3pmA3HYA0zHIe4vGCyxGBiPel20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=65059300066552001467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp14nt9hfjdlipsp%3Ftprde%3D&uidRedirect=1

Protocol

Server

185.85.15.23 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

06d9487d0d05b38994c2a06ab9639cfa33afe0c98f89cbb0f3bcefb4cfb0aa84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 12:09:27 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "1b72585d61a9d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
x-server: fr1/FRA2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 81829
date: Sun, 04 Sep 2022 14:21:22 GMT

Redirect headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2

200

evergreen-kis-300x250.jpg
media.kaspersky.com/de/affiliates/ Frame 64C6
Redirect Chain

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=81767300066555401649441012072010
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

80 KB
80 KB

396ms
90ms

Image
image/jpeg

185.85.15.23
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=adf7c6b5ceceKORReRtnH2DwfjNQfjFQZ0HwA1DoFIg0mAiHGgbxYk20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=38291500066552101467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpl48wjso8pzrvht%3Ftprde%3D&uidRedirect=1

Protocol

Server

185.85.15.23 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

06d9487d0d05b38994c2a06ab9639cfa33afe0c98f89cbb0f3bcefb4cfb0aa84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 12:09:27 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "1b72585d61a9d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
x-server: fr1/FRA2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 81829
date: Sun, 04 Sep 2022 14:21:22 GMT

Redirect headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B25D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
33ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:22 GMT
expires: Sun, 04 Sep 2022 14:21:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pd
u.openx.net/w/1.0/ Frame 93BA 43 B
75 B 24ms
23ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 pd
u.openx.net/w/1.0/ Frame 451F 43 B
75 B 20ms
20ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 82B3 143 B
163 B 13ms
13ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 596
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 14:11:26 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

evergreen-kis-300x250.jpg
media.kaspersky.com/de/affiliates/ Frame FEF5
Redirect Chain

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=18038400066555601649441012072010
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

80 KB
80 KB

416ms
103ms

Image
image/jpeg

185.85.15.23
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=1115e44546182O02gRtnH2DwfjNQfjFQZ0HwA1DoFE90Ghvvmg8Pml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=37787700066552701467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpdhy0vsgeo2osnp%3Ftprde%3D

Protocol

Server

185.85.15.23 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

06d9487d0d05b38994c2a06ab9639cfa33afe0c98f89cbb0f3bcefb4cfb0aa84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 12:09:27 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "1b72585d61a9d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
x-server: fr1/FRA4
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 81829
date: Sun, 04 Sep 2022 14:21:22 GMT

Redirect headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2

200

evergreen-kis-300x250.jpg
media.kaspersky.com/de/affiliates/ Frame F0CA
Redirect Chain

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=48487700066555701649441012072010
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

80 KB
80 KB

211ms
150ms

Image
image/jpeg

185.85.15.23
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=60d2a4a60c30SPH4gRtnHlRwZjHGgjpmA3pGg0DoFE9PmC7FGd8Zml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=10480400066552501467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp0kz5cq9vyno49h%3Ftprde%3D

Protocol

Server

185.85.15.23 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

06d9487d0d05b38994c2a06ab9639cfa33afe0c98f89cbb0f3bcefb4cfb0aa84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 12:09:27 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "1b72585d61a9d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
x-server: fr1/FRA2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 81829
date: Sun, 04 Sep 2022 14:21:22 GMT

Redirect headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5E6D 41 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9CB3 1 KB
755 B 15ms
14ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3967
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 13:15:15 GMT
etag: 48472445140208031
expires: Mon, 05 Sep 2022 13:15:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 90E9 21 KB
4 KB 26ms
26ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

054c480b41dbb8bb1a0db0dd51f85a18dafa9679cd1988d4824f9da3f8aa1215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:22 GMT
expires: Mon, 04 Sep 2023 14:21:22 GMT
last-modified: Tue, 10 May 2022 13:01:32 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5E6D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af72b36eb0c3b1b8b320582239a6d1467929873676e7aba4707eaa7187e1590a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5E6D 0
27 B 62ms
62ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvD-ta1B3XhnpELr34zc8U93RipzKQTbLeG2-5czCVfy6q-l6HgCDRcx9jcLNyu0zbUNmvxbDtpeTq3NK7_bvBZ5tSZwkm1iSacPnVO25t9v0cyczVj5EUI12II6gQLR4_mt3pVKZOUo3yI_aokE7Q-7OgixxW7kxUIHkU0OYYr_CUWivSSsDNpd_DFgDwdYHTjsMAW8vD4iBQ7ZBdPohQSSh3T5nihqtu2aArhxUrKqNwQ75ORT5FTaDwJJjq2ichOpFX76uKlEI3cwxF4pq8yYVTUDi2Aiwje_8yjNqjpKbZBplvPBWRGkkfCjFiGh2a8pafE1SNSIEM_hBCNKlkGedziSoz1Dkxdt4M8hhzKJ4_-Qv4DNe2PvN8Ep0Mgn1QpwUm-a4aj-DgkUH7roJROQVF-ESQCfxmd6CyVOqa-We2P1VS_iJII7-1TDSJjKkqbxYfW6D7TlzcQfvBD-Yhd3JMtRlGeFytE49xlH-K0-By8Cz_TZvogU3DqJEEtknHFSZZQ7-YZNL2vkD_SZY1uXJdgS27ycHCJu7iHQ3xBxl-pI1LuAvgJK91mrxQhKuvClI-4dZRMpoZJDZbsoOvCn-J0DJIr2p1ilxMvACOY-lyrZvDgl9l_pH0EQlv7AhtkijpgUpKrglS0yPIe5FY7GFHzIVj5MI5WGx9rw6zO1yMEt-aiNZ-FD1pPA9rRCaF0IGmNUScdr1bi5UGnor9K1SsxhdRepd4IxGZfppeqDZrisrDDRE6hu9VnNRLQuffjAvFzt4QUU81bgcogZYIx5KGCsGpN0QNKaFXa481r5pjWe-l0-vSQl3aJRqp3vcuHW-KahiO6r5ka3AcGi7Y-P3ilqZT20dN7xW9TFJHWtVaTRrIr4E-uJ_Mqn2OUbSKrW1H7mfHCzO4WH-PdJRaRGARQ7QkW9OVNzGEMYhsETJazHBD73-dTAh5YQSwqGi9DqPgTtPg2yoIxFjhI9WkoggYtSO66JRQTEwKwXBLE-Qm9EiEbPscEJCnU70-5hwfFXLL3aZ2rmD0FadfqbDEMU0ewlemALrExm-CsD0jXDhT8c7Qsp9_UmqrY0PaVyW63CGvFzsBIMcl-TS8kuq2F3m4Ogo0wGFVy_ktgWpzFfLSwUwFUdsWAmI01cJxwhTHdj31g4Anfhr48eCPIVvDhxnneFLpNhC2PFTbNfW5v2RLiAnLwDuzozRWxfIVMKtk9hftWd3hiCobwSwNSL6ZYEspZEEun9PkF2yo&sai=AMfl-YTwkHGH-5fapaYtTga9tkmlOPpSCwcYz32fz1M94sRrsTR_OfYytP-reD13DnCdZVMhKyoRcYq14XAg_Y4Xzky3lc7cX8-__PuWRSNRVIwPZ083A0rWEpZEtveHswTUEptmYQT3LLo3kCQ0Jlw_kGlCzUoXHtCr5BNoBmDL4EGS5AFuFdTrKc4RVsBUANWbg014AIcW-HV-Y0_zqBh3pA&sig=Cg0ArKJSzMKTuQ6GmsXCEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1375&cbvp=1&cstd=1370&cisv=r20220831.85866&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 04 Sep 2022 14:21:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AC7A 143 B
163 B 14ms
13ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 596
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 04 Sep 2022 14:11:26 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

evergreen-kis-300x250.jpg
media.kaspersky.com/de/affiliates/ Frame 2808
Redirect Chain

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=39536800066556001649441012072010
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

80 KB
80 KB

336ms
36ms

Image
image/jpeg

185.85.15.23
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=0c5a64f00551j7CRYrNdEMQAlPQZjPYAjDGA2HQgWI1mAkRFC5RGj20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=61469100066553001467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp0wpsq0atmt01rl%3Ftprde%3D

Protocol

Server

185.85.15.23 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

06d9487d0d05b38994c2a06ab9639cfa33afe0c98f89cbb0f3bcefb4cfb0aa84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 12:09:27 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "1b72585d61a9d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
x-server: fr1/FRA3
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 81829
date: Sun, 04 Sep 2022 14:21:22 GMT

Redirect headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2

200

evergreen-kis-300x250.jpg
media.kaspersky.com/de/affiliates/ Frame 5B01
Redirect Chain

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=54264600066556101649441012072010
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

80 KB
80 KB

86ms
25ms

Image
image/jpeg

185.85.15.23
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=616649953d598IDnroNdEWGZlNGA1PmA3pmA1FQgWI1YZu8XVmllXi0ej20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=59642400066553101467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpra7js7vbzy6012%3Ftprde%3D

Protocol

Server

185.85.15.23 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

06d9487d0d05b38994c2a06ab9639cfa33afe0c98f89cbb0f3bcefb4cfb0aa84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 12:09:27 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "1b72585d61a9d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
x-server: fr1/FRA2
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 81829
date: Sun, 04 Sep 2022 14:21:22 GMT

Redirect headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2

200

evergreen-kis-300x250.jpg
media.kaspersky.com/de/affiliates/ Frame D39A
Redirect Chain

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=38808200066556201649441012072010
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

80 KB
80 KB

556ms
250ms

Image
image/jpeg

185.85.15.23
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=8792da03ba34LORJdRtnIlNmgjVGZlLmZ3Rwg0DoFI9pmXwHGCuXGk20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=50892600066553201467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp9qi2g7umd8uy8z%3Ftprde%3D

Protocol

Server

185.85.15.23 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

06d9487d0d05b38994c2a06ab9639cfa33afe0c98f89cbb0f3bcefb4cfb0aa84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 12:09:27 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "1b72585d61a9d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
x-server: fr1/FRA4
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 81829
date: Sun, 04 Sep 2022 14:21:22 GMT

Redirect headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2

200

evergreen-kis-300x250.jpg
media.kaspersky.com/de/affiliates/ Frame 1715
Redirect Chain

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=35926900066556301649441012072010
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

80 KB
80 KB

465ms
152ms

Image
image/jpeg

185.85.15.23
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=5847ed2bdfcdj6NgwpObJyZjpYZlRwZ2ZmAkLYA0zHHi4vGb48Gd0fYl20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=88059700066553301467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpzisq3d9x6v89fe%3Ftprde%3D

Protocol

Server

185.85.15.23 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

06d9487d0d05b38994c2a06ab9639cfa33afe0c98f89cbb0f3bcefb4cfb0aa84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 12:09:27 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "1b72585d61a9d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
x-server: fr1/FRA4
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 81829
date: Sun, 04 Sep 2022 14:21:22 GMT

Redirect headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2

200

evergreen-kis-300x250.jpg
media.kaspersky.com/de/affiliates/ Frame 92E0
Redirect Chain

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=0&pref1=43127800066556401649441012072010
https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

80 KB
80 KB

394ms
92ms

Image
image/jpeg

185.85.15.23
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=416001b9e73a0THg7UtnH2DwfjNQfjFQZ0HwA1DoFEgvmb48Fg4pGdj0ej20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=64787900066553401467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fphz41rhwbol80qk%3Ftprde%3D

Protocol

Server

185.85.15.23 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

06d9487d0d05b38994c2a06ab9639cfa33afe0c98f89cbb0f3bcefb4cfb0aa84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 12:09:27 GMT
server
x-powered-by: Kaspersky Labs, Kaspersky Labs
etag: "1b72585d61a9d71:0"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
x-xss-protection: 1; mode=block
x-server: fr1/FRA4
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 81829
date: Sun, 04 Sep 2022 14:21:22 GMT

Redirect headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://media.kaspersky.com/de/affiliates/evergreen-kis-300x250.jpg
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5E6D 43 B
215 B 181ms
180ms Image
image/gif 2600:1f13:800:7782:2ffd:4913:b6c3:d37a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=5cce56d9-e083-dead-168c-7a649c183f0b&tv=%7Bc:nfU9jV,pingTime:-2,time:505,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2103,beZ:2104,mfA:2105,cmA:2106,inA:2107,inZ:2111,prA:2111,prZ:2137,si:2142,poA:2143,bl:2162,poZ:2162,cmZ:2162,mfZ:2162,loA:2387,loZ:2391,ltA:2608,ltZ:2608%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:38%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:505,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B500~0%5D,as:%5B500~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tgtwLOY+11%7C121*.886862-62195780%7C1211%7C122%7C123%7C1311%7C1411%7C1412%7C15111%7C1512%7C16111%7C1612%7C1711%7C1712%7C1811%7C19111%7C1912%7C1a11%7C1b11%7C1b12%7C1b13%7C1b2%7C1b3%7C1c111%7C1c12%7C1d111%7C1d12%7C1e111%7C1e12%7C1f111%7C1f12%7C1g11%7C1g12%7C1h1%7C1i1%7C1j11%7C1j12%7C1j2%7C1j3%7C1k1%7C1l11%7C1l12%7C1m11%7C1m12%7C1n111%7C1n12%7C1o11%7C1p11%7C1p12%7C1q111%7C1q12%7C1r11%7C1s%7C1t.1127614-65017073%7C1t1%7C1t2%7C1t3%7C1u1%7C1u2%7C1v1%7C1v2%7C1w%7C1x11%7C1y1%7C1y2%7C1z%7C1101%7C11111%7C112%7C113%7C114%7C115%7C116,idMap:121*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,sinceFw:465,readyFired:false%7D&br=c
Requested by: Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0143 22 KB
8 KB 16ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 22C9 22 KB
8 KB 15ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 4703 215 B
646 B 107ms
32ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=earnme.club&callback=_gfp_s_&client=ca-pub-9548364294205117&cookie=ID%3D0e400c037c8bfdab%3AT%3D1662301277%3AS%3DALNI_MZzw-cdoPIN5zf3SH1xeA6xcBPz3A

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209010201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9548364294205117&plah=earnme.club&bust=31069330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ac076bd50b0a7ed3d1a893e3cebefee5ead614b25d761d7681e449fe2f417f8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4703 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=earnme.club

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4703 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=earnme.club

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 10B5 436 B
232 B 70ms
70ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9548364294205117&output=html&h=250&slotname=7769709079&adk=3124451273&adf=2662694622&pi=t.ma~as.7769709079&w=300&lmt=1662301282&psa=0&format=300x250&url=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1662301281571&bpp=4&bdt=2640&idt=817&shv=r20220831&mjsv=m202209010201&ptt=9&saldr=aa&cookie=ID%3D0e400c037c8bfdab%3AT%3D1662301277%3AS%3DALNI_MZzw-cdoPIN5zf3SH1xeA6xcBPz3A&correlator=1765505669578&frm=23&ife=4&pv=2&ga_vid=937080875.1662301278&ga_sid=1662301282&ga_hid=1565264521&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=456&ady=720&biw=1600&bih=1200&isw=336&ish=280&ifk=1447988040&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069330&oid=2&pvsid=68508337944220&tmod=1294096044&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kk8na3eovx6q&fsb=1&dtd=832

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03b0f5c2cbb2aef4c2ed814b15a73d064a1bf968b984a461b7a5c96fa1f9e4ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4703 14 KB
11 KB 62ms
62ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220831&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd99f977221654076dccf6724c6ecb00d577bae6af56f13d13cb7e52f68f312d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11078
x-xss-protection: 0

GET
H3 200 B25307397.293769735;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;aucid=8744289642907626095;crid=275446379;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_C... Show response
ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/ Frame 60E3 66 KB
27 KB 103ms
74ms Script
text/javascript 142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N163801.2560713PROPERTYSOLUTIONS/B25307397.293769735;dc_ver=90.265;dc_eid=40004001;sz=300x250;u_sd=1;gdpr=0;aucid=8744289642907626095;crid=275446379;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=1241189742;ord=5ohnvf;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FBcB4Bg39Yz-pidmqX8tdPwAAAKCZmck_qYnZql_LXT8FwHgGDf1jP2_qotoZ9Vl5jYD68tgYoyhftBRjAAAAANdXmwEYKAAA6h8AAAIAAABr-moQNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAYCbvegAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521vRWJKAihwJwXEOv0q4MBGLXyoAEgACgAMXsUrkfheoQ_OglBTVMzOjYwNjVAmS9JAAAAAAAA8D9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIkBAAAAAAAA8D8.%2Fcca%3DODE3MCNBTVMzOjYwNjU%3D%2Fbn%3D96748%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Fearnme.club%2F$0;xdt=1;crlt=_!wYP!_V'_;gcsr=m;stc=1;chaa=1;sttr=491;prcl=s

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

bccecb44351b2fdb1821323ebd6851fe740e30b79a0ba383211e9aac11ed7aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27860
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 764B 36 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A2B 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 698A 0
150 B 37ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=14829200066555301649441012072010&a=0a2b8470&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=474e4a8f4447D6NEqpObTyZkVQZ1HYZ3pmA3HYA0zHIe4vGCyxGBiPel20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=65059300066552001467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp14nt9hfjdlipsp%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 2D9D 43 B
702 B 39ms
37ms Document
image/gif 23.205.253.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=14829200066555301649441012072010

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-253-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ad.ad-srv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 04 Sep 2022 14:21:22 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
DATA 200
OK truncated
/ Frame 698A 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/hofe/tools/js/ Frame 698A 851 B
1 KB 70ms
12ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=474e4a8f4447D6NEqpObTyZkVQZ1HYZ3pmA3HYA0zHIe4vGCyxGBiPel20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=65059300066552001467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp14nt9hfjdlipsp%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:29 GMT
Server: nginx
ETag: "57a48d39-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 64C6 0
150 B 40ms
13ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=81767300066555401649441012072010&a=4919e104&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=adf7c6b5ceceKORReRtnH2DwfjNQfjFQZ0HwA1DoFIg0mAiHGgbxYk20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=38291500066552101467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpl48wjso8pzrvht%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame C46F 43 B
702 B 50ms
43ms Document
image/gif 23.205.253.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=81767300066555401649441012072010

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=adf7c6b5ceceKORReRtnH2DwfjNQfjFQZ0HwA1DoFIg0mAiHGgbxYk20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=38291500066552101467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpl48wjso8pzrvht%3Ftprde%3D&uidRedirect=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-253-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ad.ad-srv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 04 Sep 2022 14:21:22 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
DATA 200
OK truncated
/ Frame 64C6 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/hofe/tools/js/ Frame 64C6 851 B
1 KB 74ms
11ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=adf7c6b5ceceKORReRtnH2DwfjNQfjFQZ0HwA1DoFIg0mAiHGgbxYk20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=38291500066552101467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpl48wjso8pzrvht%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:29 GMT
Server: nginx
ETag: "57a48d39-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B0F1 22 KB
8 KB 17ms
17ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 07F6 22 KB
8 KB 16ms
16ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0CA3 42 B
64 B 54ms
53ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssM5OwomZ04j5Y-DczlCszN8T0KndOPXDzgPDyOpI5Kp7qTtTbt67q5VrkuVBMLaci6M5ijetgzdMLZ7ZjOCAWRZxyBydjQOjBFC2kBq2DJcnNK9W08Wmgmii2VqArFoO_310nqhO0&sai=AMfl-YTHJKx51-UxVr9yf1EpnXhVJmcI0yUV0myLpy2hUmX-N_wKH_A673uNy9Q1fTejJV6c5rn8xDu2AglyCm45VJ6z3PRjTjH3EoETJyxDQ-ffoLDIRF2vNfqDOlodiII&sig=Cg0ArKJSzG4YMyVTuLL5EAE&cid=CAAST-Rony3qrSq5UH4WD9vRxYE97f81FOlEn2HqDDQee8exBKF6h4vvuhemM5hKisbY6xr8uz8XBZxMUsMXfG7LhCEbPCWFGGJ843TKoyl__3E&id=lidar2&mcvt=1168&p=1111,437,1156,1165&mtos=1168,1168,1168,1168,1168&tos=1168,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=9&adk=3490001028&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662301278956&rpt=2270&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5FFB 42 B
73 B 52ms
50ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_m6bYshYHnQPQEZfwbJFmdSMNcJn3FBZfCu1ByGnotYfONWKZGORFu5a40dul18JUb6d50zQwGjGzjYdSukNiR9VhjXW1PLEJAtPQiNrxJHh5XwzhxrhtreWiBlO0zQ4d_e8PQ2o&sai=AMfl-YS0c1Ht0XuXpdKFDtNrP33VxYZLqESRSm4xaLaV_t5ksbia29PG01tQ3rL-gDnBA6NoF8AV9bpWFBR8g9bRLKwlcEap6VDZfVhmKuYzB-WBgXb17YPKlE0xbnRSO6E&sig=Cg0ArKJSzH8oIGkcTp47EAE&cid=CAAST-RobFOf3rSpZw88H6RJMS24VwnFGi5v33dm9mebA7ooBai_gcMJUT3H0J0_BxalloSGWFwrBt4MyY6GVJAH9oM3fWQT5e5N5LV7eSjc6Ec&id=ampim&o=464,268&d=672,280&ss=1600,1200&bs=1600,1200&mcvt=1259&mtos=0,0,1259,1259,1259&tos=0,0,1259,0,0&tfs=2126&tls=3385&g=100&h=100&tt=3385&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=174271564

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B4B 36 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 91A3 0
747 B 32ms
32ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8be0ad19-2077-46f2-be13-03fb8e5c5446
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame FEF5 0
150 B 36ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=18038400066555601649441012072010&a=e4056189&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=1115e44546182O02gRtnH2DwfjNQfjFQZ0HwA1DoFE90Ghvvmg8Pml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=37787700066552701467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpdhy0vsgeo2osnp%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 4F24 43 B
702 B 48ms
48ms Document
image/gif 23.205.253.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=18038400066555601649441012072010

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=1115e44546182O02gRtnH2DwfjNQfjFQZ0HwA1DoFE90Ghvvmg8Pml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=37787700066552701467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpdhy0vsgeo2osnp%3Ftprde%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-253-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ad.ad-srv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 04 Sep 2022 14:21:22 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
DATA 200
OK truncated
/ Frame FEF5 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/hofe/tools/js/ Frame FEF5 851 B
1 KB 54ms
14ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=1115e44546182O02gRtnH2DwfjNQfjFQZ0HwA1DoFE90Ghvvmg8Pml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=37787700066552701467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpdhy0vsgeo2osnp%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:29 GMT
Server: nginx
ETag: "57a48d39-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame F0CA 0
150 B 38ms
13ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=48487700066555701649441012072010&a=a75c92f9&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=60d2a4a60c30SPH4gRtnHlRwZjHGgjpmA3pGg0DoFE9PmC7FGd8Zml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=10480400066552501467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp0kz5cq9vyno49h%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 7CD9 43 B
702 B 63ms
62ms Document
image/gif 23.205.253.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=48487700066555701649441012072010

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=60d2a4a60c30SPH4gRtnHlRwZjHGgjpmA3pGg0DoFE9PmC7FGd8Zml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=10480400066552501467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp0kz5cq9vyno49h%3Ftprde%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-253-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ad.ad-srv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 04 Sep 2022 14:21:22 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
DATA 200
OK truncated
/ Frame F0CA 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/hofe/tools/js/ Frame F0CA 851 B
1 KB 51ms
11ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=60d2a4a60c30SPH4gRtnHlRwZjHGgjpmA3pGg0DoFE9PmC7FGd8Zml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=10480400066552501467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp0kz5cq9vyno49h%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:29 GMT
Server: nginx
ETag: "57a48d39-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame E416 36 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 2808 0
150 B 37ms
13ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=39536800066556001649441012072010&a=26e29525&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=0c5a64f00551j7CRYrNdEMQAlPQZjPYAjDGA2HQgWI1mAkRFC5RGj20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=61469100066553001467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp0wpsq0atmt01rl%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 4B7F 43 B
702 B 50ms
50ms Document
image/gif 23.205.253.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=39536800066556001649441012072010

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=0c5a64f00551j7CRYrNdEMQAlPQZjPYAjDGA2HQgWI1mAkRFC5RGj20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=61469100066553001467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp0wpsq0atmt01rl%3Ftprde%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-253-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ad.ad-srv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 04 Sep 2022 14:21:22 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
DATA 200
OK truncated
/ Frame 2808 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/hofe/tools/js/ Frame 2808 851 B
1 KB 52ms
12ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=0c5a64f00551j7CRYrNdEMQAlPQZjPYAjDGA2HQgWI1mAkRFC5RGj20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=61469100066553001467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp0wpsq0atmt01rl%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:29 GMT
Server: nginx
ETag: "57a48d39-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 5B01 0
150 B 44ms
14ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=54264600066556101649441012072010&a=7cecb39a&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=616649953d598IDnroNdEWGZlNGA1PmA3pmA1FQgWI1YZu8XVmllXi0ej20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=59642400066553101467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpra7js7vbzy6012%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 687E 43 B
702 B 42ms
41ms Document
image/gif 23.205.253.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=54264600066556101649441012072010

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=616649953d598IDnroNdEWGZlNGA1PmA3pmA1FQgWI1YZu8XVmllXi0ej20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=59642400066553101467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpra7js7vbzy6012%3Ftprde%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-253-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ad.ad-srv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 04 Sep 2022 14:21:22 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
DATA 200
OK truncated
/ Frame 5B01 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/hofe/tools/js/ Frame 5B01 851 B
1 KB 65ms
11ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=616649953d598IDnroNdEWGZlNGA1PmA3pmA1FQgWI1YZu8XVmllXi0ej20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=59642400066553101467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpra7js7vbzy6012%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:29 GMT
Server: nginx
ETag: "57a48d39-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame D39A 0
150 B 41ms
14ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=38808200066556201649441012072010&a=03ed6a51&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=8792da03ba34LORJdRtnIlNmgjVGZlLmZ3Rwg0DoFI9pmXwHGCuXGk20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=50892600066553201467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp9qi2g7umd8uy8z%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 2F25 43 B
702 B 54ms
53ms Document
image/gif 23.205.253.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=38808200066556201649441012072010

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=8792da03ba34LORJdRtnIlNmgjVGZlLmZ3Rwg0DoFI9pmXwHGCuXGk20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=50892600066553201467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp9qi2g7umd8uy8z%3Ftprde%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-253-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ad.ad-srv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 04 Sep 2022 14:21:22 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
DATA 200
OK truncated
/ Frame D39A 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/hofe/tools/js/ Frame D39A 851 B
1 KB 62ms
11ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=8792da03ba34LORJdRtnIlNmgjVGZlLmZ3Rwg0DoFI9pmXwHGCuXGk20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=50892600066553201467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp9qi2g7umd8uy8z%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:29 GMT
Server: nginx
ETag: "57a48d39-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H2 200 ca Show response
choices.truste.com/ Frame 2249 28 KB
9 KB 10ms
10ms Script
text/javascript 143.204.215.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=25209229&js=st0

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-67.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

7e13632e083c3a84a6f4e4e75519fd27738b1556e6e192dda168ac909415c8ad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 16:31:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78598
cross-origin-embedder-policy: unsafe-none
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
content-length: 8031
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: lEe-wM16MkRcagWOdiOUsdJVFLQP-HI0eFQh0QXguf_tTuv8IVrp1w==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2249 142 KB
44 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:22 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4116114141538100331/ Frame 62AA 21 KB
5 KB 16ms
14ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4116114141538100331/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f14746077c4b21d233ef06920b4db14f9517c774d959e4e0c6d47d30f4b202ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 548140
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4953
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 06:05:42 GMT
expires: Tue, 29 Aug 2023 06:05:42 GMT
last-modified: Tue, 24 May 2022 05:37:54 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2249 0
26 B 58ms
58ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvRY_kl_N7BimXtJSxh6MJPQ_yYp6_8G4OLxYHXqCZaYFaQ_RLrQMwxg7Xk5-nkDUEQ3baQIiQtgz3GM7MWRDGtpsheCeIP3yzE3Kbl4P9PFdyt7XtPMZADvpWndsVogDJyUvU9PMo4CX_b-QCQMmPy4BY&sig=Cg0ArKJSzH4zQcheh98hEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=684&cbvp=1&cstd=683&cisv=r20220831.92662&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 dcm
beacon.sojern.com/imp/ Frame 2249 42 B
56 B 42ms
23ms Image
image/gif 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.sojern.com/imp/dcm?auc=3426929627831539629&io=${INSERTION_ORDER_ID}&li=${CAMPAIGN_ID}&cr=275448214&io=${INSERTION_ORDER_ID}&seg=${PIXEL_ID_COMMA}&src=${SOURCE_URL}&ord=%c
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xfsjbwvy&e=1534108800930
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:22 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 1715 0
150 B 38ms
13ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=35926900066556301649441012072010&a=23c8028a&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=5847ed2bdfcdj6NgwpObJyZjpYZlRwZ2ZmAkLYA0zHHi4vGb48Gd0fYl20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=88059700066553301467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpzisq3d9x6v89fe%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame 3B9E 43 B
702 B 41ms
41ms Document
image/gif 23.205.253.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=35926900066556301649441012072010

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=5847ed2bdfcdj6NgwpObJyZjpYZlRwZ2ZmAkLYA0zHHi4vGb48Gd0fYl20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=88059700066553301467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpzisq3d9x6v89fe%3Ftprde%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-253-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ad.ad-srv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 04 Sep 2022 14:21:22 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
DATA 200
OK truncated
/ Frame 1715 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/hofe/tools/js/ Frame 1715 851 B
1 KB 54ms
11ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=5847ed2bdfcdj6NgwpObJyZjpYZlRwZ2ZmAkLYA0zHHi4vGb48Gd0fYl20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=88059700066553301467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpzisq3d9x6v89fe%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:29 GMT
Server: nginx
ETag: "57a48d39-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H2 200 ca Show response
choices.truste.com/ Frame C7BD 28 KB
9 KB 9ms
9ms Script
text/javascript 143.204.215.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=25247223&js=st0

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-67.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

5b82f3cfb4321b69d1c7a978bbc29d67a6bff2f5efb2ecca0935c9d46a9371d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 08:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20789
cross-origin-embedder-policy: unsafe-none
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
content-length: 8031
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: VBjm_SMqBJC6DDTTdEB7a6LwtW10BLI82WTEOR28VK65yU8UUDVmDQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C7BD 142 KB
44 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:22 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6882349452927450974/ Frame CE7C 16 KB
4 KB 15ms
14ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6882349452927450974/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e196d4ba5941a2d4ba1cd45b1290c46ffb95face19dfe004af04538c94b1eb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 373759
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4404
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 06:32:03 GMT
expires: Thu, 31 Aug 2023 06:32:03 GMT
last-modified: Fri, 08 Jan 2021 20:57:45 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C7BD 0
26 B 53ms
53ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssccTRCCBncj38vpqC5OSbKTCTN_mq6OCsgDJNwP4rMK9oYhjH3KhfmgjkplNPslzyc5L0bCqzbz3jnggHbHyYXBTpTattcadkTUXiL2YOn2TVoQW7BwgR3VBm0U_vZ2gTnH_gQI-dThafKip-3TEfjAs4&sig=Cg0ArKJSzI3NQkpY9q5qEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=682&cbvp=1&cstd=680&cisv=r20220831.89304&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 dcm
beacon.sojern.com/imp/ Frame C7BD 42 B
56 B 27ms
19ms Image
image/gif 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.sojern.com/imp/dcm?auc=4277661968790706888&io=${INSERTION_ORDER_ID}&li=${CAMPAIGN_ID}&cr=266301912&io=${INSERTION_ORDER_ID}&seg=${PIXEL_ID_COMMA}&src=${SOURCE_URL}&ord=%c
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lqajnjktk&e=1834762243861
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:22 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 92E0 0
150 B 39ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=43127800066556401649441012072010&a=88a869f3&vb=m
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=416001b9e73a0THg7UtnH2DwfjNQfjFQZ0HwA1DoFEgvmb48Fg4pGdj0ej20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=64787900066553401467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fphz41rhwbol80qk%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK cshow.php Show response
www.awin1.com/ Frame E38B 43 B
702 B 52ms
51ms Document
image/gif 23.205.253.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.awin1.com/cshow.php?s=2519519&v=14098&q=379074&r=559379&pv=1&pref1=43127800066556401649441012072010

Requested by

Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=416001b9e73a0THg7UtnH2DwfjNQfjFQZ0HwA1DoFEgvmb48Fg4pGdj0ej20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=64787900066553401467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fphz41rhwbol80qk%3Ftprde%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.205.253.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-205-253-64.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://ad.ad-srv.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Awin-Akamai-Rule-Set: default
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Sun, 04 Sep 2022 14:21:22 GMT
Expires: 0
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Pragma: no-cache
Strict-Transport-Security: max-age=86400

GET
DATA 200
OK truncated
/ Frame 92E0 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK addDoubleBorder.js Show response
cdn.contentspread.net/hofe/tools/js/ Frame 92E0 851 B
1 KB 52ms
12ms Script
application/javascript 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.contentspread.net/hofe/tools/js/addDoubleBorder.js
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=416001b9e73a0THg7UtnH2DwfjNQfjFQZ0HwA1DoFEgvmb48Fg4pGdj0ej20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=64787900066553401467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fphz41rhwbol80qk%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Last-Modified: Fri, 05 Aug 2016 12:57:29 GMT
Server: nginx
ETag: "57a48d39-353"
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 851

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F33D 0
747 B 45ms
45ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 250337b2-110b-4a8a-b038-5759047df60f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 2AA6
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/ZAT7n4lHn2bTg_35GNK8msn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3322640959834942664

0
239 B

13ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3322640959834942664
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

date: Sun, 04 Sep 2022 14:21:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3322640959834942664
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2AA6
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=SHiVXJmQQ32acpckUm9TaA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=SHiVXJmQQ32acpckUm9TaA

43 B
556 B

37ms
37ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=SHiVXJmQQ32acpckUm9TaA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 4HNBBJTH83NBJNH0NH7Z
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=SHiVXJmQQ32acpckUm9TaA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 2AA6 70 B
265 B 105ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2AA6
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDllMWUzODkxM2RjY2ExOWQ3YmY3MTk5M2M3ZjE2ZjQxYTc1NDc1NA

170 B
188 B

24ms
24ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDllMWUzODkxM2RjY2ExOWQ3YmY3MTk5M2M3ZjE2ZjQxYTc1NDc1NA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDllMWUzODkxM2RjY2ExOWQ3YmY3MTk5M2M3ZjE2ZjQxYTc1NDc1NA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2AA6
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdORjlFVFMtMU8tTUZBTA==

170 B
188 B

28ms
28ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdORjlFVFMtMU8tTUZBTA==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdORjlFVFMtMU8tTUZBTA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 2AA6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGMhmGNMrkX6xhgtL9RGhz8&google_cver=1

0
239 B

37ms
11ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGMhmGNMrkX6xhgtL9RGhz8&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGMhmGNMrkX6xhgtL9RGhz8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 2AA6 0
98 B 57ms
18ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 2AA6
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7NF9ETS-1O-MFAL

0
707 B

150ms
115ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7NF9ETS-1O-MFAL
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:22 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: FCCD9DB9072743F88A45200B13792446 Ref B: FRAEDGE1221 Ref C: 2022-09-04T14:21:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXn2q17ZwKr0QT2CjZXGA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L7NF9ETS-1O-MFAL
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H/1.1 200
OK postback Show response
s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/ Frame 312C 0
145 B 32ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/postback?oz_pl=1&dt=2255451533761563475000&di=https%3A%2F%2Fearnme.club%2F&md=1&gt=DE&c1=ams3&c2=0&ti=3389830757012732483&pv=35ba5be0-24f5-4a06-81f4-628fd2410efb&ac=11493887&cr=215907859&ci=225545&ui=2928211502789460109&sr=10264&pp=2180927&to=3&pc=26730095&pd=avt&ap=&de=2&dm=300x250&cb=1186271738&_x=1
Requested by: Host: s.update.ib.adnxs.net
URL: https://s.update.ib.adnxs.net/2/225545/analytics.js?dt=2255451533761563475000&pd=avt&di=https%3A%2F%2Fearnme.club%2F&ui=2928211502789460109&ap=&sr=10264&pp=2180927&ti=3389830757012732483&pv=35ba5be0-24f5-4a06-81f4-628fd2410efb&to=3&de=2&md=1&dm=300x250&gt=DE&ac=11493887&pc=26730095&cr=215907859&c1=ams3&c2=0&cb=1186271738
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 04 Sep 2022 14:21:21 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
DATA 200
OK truncated
/ Frame 5A1F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d97be599c4a60be37624ac37389f1044372972a1fe7fe3ef14344c3f291e6f46

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9714 35 B
463 B 43ms
9ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENvwqxkfXetwTAddD-QxQv4&google_cver=1&google_push=AehlK4A99HkDqlHf3x5rcNIdlDE7xfltFPcmN_iAfSaLqcMcWfqteYvnoGBHHycvlg-vRyMyOLROrtz82xiXI33TcKKFT5uB94Gl2A

Requested by

Host: 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
URL: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 9714 0
104 B 160ms
25ms Image
text/plain 2a02:fa8:8806:20::2040
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMEuE-C5PeTlxmIV0wMxNiA&google_cver=1&google_push=AehlK4DKBQ_UPfIDoBU_G0E__54MW1_ZFWFu1tWq5aYflmP_aOTSVepxzvoE8690N8GAOYYhKZFPM_77OofylTJh-YZJnxx-OmHMIw
Requested by: Host: 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
URL: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9714
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFlXrP3gPQeZyd5n4oAot9o&google_cver=1&google_push=AehlK4CCAIhKfvUQTV7w4PPtpCsaYKPOifHelnTGjd_IRnkGZqjxhTEfIWzaXr6yIs70Ccg8_P85SyUClNKYECRc...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CCAIhKfvUQTV7w4PPtpCsaYKPOifHelnTGjd_IRnkGZqjxhTEfIWzaXr6yIs70Ccg8_P85SyUClNKYECRcIi6L_Q8umK4yJA

170 B
188 B

26ms
26ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CCAIhKfvUQTV7w4PPtpCsaYKPOifHelnTGjd_IRnkGZqjxhTEfIWzaXr6yIs70Ccg8_P85SyUClNKYECRcIi6L_Q8umK4yJA

Requested by

Host: 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
URL: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Server: MT3 4505 5b23575 master cdg-pixel-x34 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4CCAIhKfvUQTV7w4PPtpCsaYKPOifHelnTGjd_IRnkGZqjxhTEfIWzaXr6yIs70Ccg8_P85SyUClNKYECRcIi6L_Q8umK4yJA
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sun, 04 Sep 2022 14:21:21 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 9714 70 B
264 B 34ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEF0ZwUrgLL9-yJt1R-x_YiQ&google_cver=1&google_push=AehlK4CEc3GO8YH1PWtgXd9EsGpOOTObOy8d5KjyjykgChkBDMaH0mX1Ojs3WaPfvnsFA0pLVa1nbWRUGONx6wxs_VlFDItAoWOfNA
Requested by: Host: 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
URL: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9714
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECC1iD4fAqp85_cc1IHCLOo&google_cver=1&google_push=AehlK4AeXNmdBedxvvJzc3zcrGTiYa39x850oJPfaIHe3E6jzkJuFZaKI9xqfDPK-SQqfXAmL13...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdORjlFVFMtMU8tTUZBTA==&google_push=AehlK4AeXNmdBedxvvJzc3zcrGTiYa39x850oJPfaIHe3E6jzkJuFZaKI9xqfDPK-SQqfXAmL13e5XnJCdQjH7Ucp5XyQuR4Ce386w

170 B
188 B

30ms
29ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdORjlFVFMtMU8tTUZBTA==&google_push=AehlK4AeXNmdBedxvvJzc3zcrGTiYa39x850oJPfaIHe3E6jzkJuFZaKI9xqfDPK-SQqfXAmL13e5XnJCdQjH7Ucp5XyQuR4Ce386w

Requested by

Host: 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
URL: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDdORjlFVFMtMU8tTUZBTA==&google_push=AehlK4AeXNmdBedxvvJzc3zcrGTiYa39x850oJPfaIHe3E6jzkJuFZaKI9xqfDPK-SQqfXAmL13e5XnJCdQjH7Ucp5XyQuR4Ce386w
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9714
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESENhNSahVu-TKIKqpBm9OFHs&google_cver=1&google_push=AehlK4CXzLghJLBWoBw2QXctvGCOl_7SvRfCO-2wgXYZ1FjMDriZ_eT08dCW2QPVhjB2fRxsXS84gQYINF1st5KRTlulizHIc6...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4CXzLghJLBWoBw2QXctvGCOl_7SvRfCO-2wgXYZ1FjMDriZ_eT08dCW2QPVhjB2fRxsXS84gQYINF1st5KRTlulizHIc6w...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDc4MTc4NjAzMTcwNTE2MjM3NjA0&google_push=AehlK4CXzLghJLBWoBw2QXctvGCOl_7SvRfCO-2wgXYZ1FjMDriZ_eT08dCW2QPV...

170 B
188 B

23ms
23ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDc4MTc4NjAzMTcwNTE2MjM3NjA0&google_push=AehlK4CXzLghJLBWoBw2QXctvGCOl_7SvRfCO-2wgXYZ1FjMDriZ_eT08dCW2QPVhjB2fRxsXS84gQYINF1st5KRTlulizHIc6wDRw

Requested by

Host: 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
URL: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDc4MTc4NjAzMTcwNTE2MjM3NjA0&google_push=AehlK4CXzLghJLBWoBw2QXctvGCOl_7SvRfCO-2wgXYZ1FjMDriZ_eT08dCW2QPVhjB2fRxsXS84gQYINF1st5KRTlulizHIc6wDRw
date: Sun, 04 Sep 2022 14:21:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9714
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENDKetOccOdFBs74yKDere8&google_cver=1&google_push=AehlK4DbRsAuOI0mjtNa3OE7GUzElIdYLGvorRcHz_wqTCE7nKS0snjOzN378svY0BUhORS4Rt...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ZV2ZnMXFCRTJ1RjYyejdDc0w1NzZtR3FvdFlYdGl3VH5B&google_push=AehlK4DbRsAuOI0mjtNa3OE7GUzElIdYLGvorRcHz_wqTCE7nKS0snjOz...

170 B
188 B

29ms
28ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ZV2ZnMXFCRTJ1RjYyejdDc0w1NzZtR3FvdFlYdGl3VH5B&google_push=AehlK4DbRsAuOI0mjtNa3OE7GUzElIdYLGvorRcHz_wqTCE7nKS0snjOzN378svY0BUhORS4RtU0--j1SuaEvmD1D3rtpBUVVMD8WHw

Requested by

Host: 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
URL: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1ZV2ZnMXFCRTJ1RjYyejdDc0w1NzZtR3FvdFlYdGl3VH5B&google_push=AehlK4DbRsAuOI0mjtNa3OE7GUzElIdYLGvorRcHz_wqTCE7nKS0snjOzN378svY0BUhORS4RtU0--j1SuaEvmD1D3rtpBUVVMD8WHw
date: Sun, 04 Sep 2022 14:21:22 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9714 0
12 B 29ms
28ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KjaP9C7f4vtHY3U4UkXXnq9A0K7Vvbp0tfPc9wwn30dRdQz3VZklbe95PHhaeW8LQbu5RopA

Requested by

Host: 1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
URL: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 bg_img.jpg
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 12 KB
12 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/bg_img.jpg

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

186b0a55e7275c84c35a6d1535e9f05a13fd6bdd959ddba21c3d73f159762122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:05 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12366
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:05 GMT

GET
H3 200 bg_img_01.jpg
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 20 KB
20 KB 19ms
17ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/bg_img_01.jpg

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ee1aafe7fc3760e4f8e7531e236a9ee0ca51ecaf7361cc63b3a115f8fcb1e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:05 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20007
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:05 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 26 KB
26 KB 25ms
22ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/bubblespritesheettiny.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:32:59 GMT
x-content-type-options: nosniff
age: 344903
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:32:59 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 510 B
544 B 24ms
22ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/cta.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4fb40605171ead73d378f3bf90d138679f7d4cbc215be7b4e1e6bd16cd05f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:05 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 510
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:05 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 2 KB
2 KB 22ms
20ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/logo.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bae4a5df5ad2928d29b1664add68f4cc8070c283864945b9243cd09867270d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:05 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1554
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:05 GMT

GET
H3 200 logo_white.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 2 KB
2 KB 21ms
19ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/logo_white.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

632455e18650def1247aeacc25754ad0eb43e504ee0ae3da61c63182dc5081b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:05 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1601
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:05 GMT

GET
H3 200 siegel.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 5 KB
5 KB 23ms
22ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/siegel.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4870915b661e4b212581ce157e4d1507f127f6d71dc562af0f8bc7fba3829c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:05 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4794
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:05 GMT

GET
H3 200 stage_01_01.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 519 B
553 B 21ms
19ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/stage_01_01.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f5b2a1d8445987e9bea4ea40115e763b53d81f6a7ff765f3d97850c540b806d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 519
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 stage_01_02.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 510 B
544 B 19ms
17ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/stage_01_02.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

401fe5a4c1c7065544d860e5a3af5fa5f7707f221ea7b82e21fbc95562d9469e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:05 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 510
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:05 GMT

GET
H3 200 stage_01_03.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 519 B
552 B 19ms
17ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/stage_01_03.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115657adc9f6a18b895a254b86eba723f4a7b83fbdf51ad4aa8e173a8887387d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:05 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 519
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:05 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7807 0
26 B 53ms
53ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss3ushyTNfR1kfMx9Txf9HtbgWYYhKm7jUrz8cf7oPnUl5bavNV1Aok3xQD2SIAEEzY8E2ifD1KI453MhsiQAcmBJsunKkXo9oX77JvHIuxttpzmG2UPz1S5V_3slWu3wQ1tv-_iULCGDXEYa2f5H1sIRhMRiKV5751SW9tmeMs7i3T_oBxCSPPpm6NdijCjClicrh_qCIkWkC4_f38C5H9l9ZiosWddL4Rbza3BuyTGd0kOsH4kEe6wOTlhk19UR9Fdwr8gLzTHN2Xsie31V8FPE7xK_0T1-9nrIUDb0jO02gboXs6jny6usSKX9EK7rAbIugoHqMT2VraJWQzVOngKtT66IFhidVBkNoR5EJuK3sSIazY2f26l73vdyb5lQA80LluXdE_YqZ5Ai14kmnxY7p0yQ8iv7zac3gC-z89xwTEO7uaf72pyE8xib6woiaIDlbo7jJ-f940fPxLHKZrnO_MYzHubqsTUE-v9Egtimj4jF4N1ZtQB9S1mI8tbOb0kPZJLby2kkiPlwEAYh3pyBOIDIFJe_CuhoJwNG9nMblRWIhzpqzdOqBMONN4qUmlM9KotSA3CNVuwcMe3cu_1P5pBXMsBtRKU0MnUTeNGHwKueXaA7szg49wmzwx5RV0TSI3MZ83wwJ7KFJt9PV_2Jogao6hlt3bTmsoxnuqSuwYYZBqV3DqGAXMoGLh5VDVzvgwqvNzhd10lBttbfdZKE2o7KnxoFeGB_bmxI_Se2hA25cfGprsOpErMUMF5MSbLdv29zrjkG7HgB11eFAjGDUM7r4ddGuEKNbhjrwKGVHR2HwQuyymxRvQOgbj1zgz6M_lgyvfr2NYm6UQEnL4-ooetdweyspzYdCrq900ahrs1ReTTnLe9YQFL72GnTG8zKMBb5_QsHzVAOQjoPJFNdTy8AoUda5QGlUtw_NqN8drSUt3uToemMDO_mq2UwlYdGMP-9HK9hcg1_ftP9sM0EoszAKXReUvlcvU5OUI0oitn-CpyCDkzb_EVOqmFsc9r3o4Hwk7EN1xPJ5r1cV_0LmWqhtiPVFdT9yfUlUMFDres2AER0jgLviszMNZfYUWAmWtqnJNMs98QPIQvAlWevA3ZO1PfhBNClCdcCjTSZTn8toA_EiXI2QPQY9h6Ee2MOgo1IIFrNVD6etp0OOthDfWsPFyKW_xRGnhzx3f3Q7ibNzF9Is7PqMvyZwz8hBIY5l506hBdOd7q5BA6TVscjgK8HS4_pUtPv3Tvbpg-_PQo3I9eslFtGmWrXZgtbCtsf14VF-WMuHnevsC8Jd1OEdUBTtfI3Dp&sai=AMfl-YT9-yHU70FzjTpDZAtMauzakXWH6eKSrtlicdTghtg1LJjsk_P1jGXEnEgt5EDF9sqvUt7sD1u5gzx63mTdMz8wEiBrJS76Eqdl3s33Q-TFerBzV55KjJnwx95FNaO6E4-Lu3hPan7J340xyCVRtOo-pwP-_InsjtIU1yqPkF_dW5uTMvsjxwFfD3v59GvHO-s-mEEqJ2XpNqoh8FeNGej7VwQlOjk&sig=Cg0ArKJSzMbnuLPTJ3-cEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2351&vt=11&dtpt=1575&dett=3&cstd=774&cisv=r20220831.77462&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FC38 22 KB
8 KB 19ms
19ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196225
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D5FB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 742f3207cc1915facc61291fdd7b78f93a8d880d4c6aeeddab150d4f374cc332

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F628 0
747 B 13ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 894d883c-33cc-43ac-b8af-2db58d7fa389
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 62cb648c2b03099a9d7af6cb0f943ca4.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 4 KB
2 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/62cb648c2b03099a9d7af6cb0f943ca4.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1a7e0734e57be7f5ca3f90c5e30ac070e93a1f2f55100884920da36aaf57705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1717
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:49 GMT

GET
H3 200 9b623992979c2c99451765094199c43a.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 1 KB
718 B 21ms
17ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/9b623992979c2c99451765094199c43a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3ae1be851de91fea1d6c42b19df2f1a35df8fa626b30c879b090324eda44ce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 680
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:49 GMT

GET
H3 200 3212338bb0be0b574ad231e216e32f4c.jpg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 6 KB
6 KB 20ms
16ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/3212338bb0be0b574ad231e216e32f4c.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e01229bbb5b2f75d84278ab92afb8d3613223493bb7f58700b7f26b5bd7c71d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 02:30:30 GMT
x-content-type-options: nosniff
age: 474652
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6140
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 02:30:30 GMT

GET
H3 200 0e882d2e9d695c89581c4d3d88957eec.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 3 KB
998 B 19ms
16ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/0e882d2e9d695c89581c4d3d88957eec.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cca43627e4d80bb78c2437c793b99da78310efaf2d7f6d041671c73d3a693f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 961
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:49 GMT

GET
H3 200 46a20774c1da411f51bca4b8ca9b3774.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 2 KB
760 B 23ms
19ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/46a20774c1da411f51bca4b8ca9b3774.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475316d3002b7bf04d39e01825b8443b2748411e616908cbc2a87e49faa1f1ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 722
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:49 GMT

GET
H3 200 41086e9e644dfd6edb1dee1a27276fbe.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 1 KB
527 B 22ms
19ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/41086e9e644dfd6edb1dee1a27276fbe.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06e0e91a01af508f9eb830feafe8dbf0b381e0333ce3667489e6cf48809c927b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 489
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:49 GMT

GET
H3 200 edab4929a40146fb821d586457d137e6.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 5 KB
2 KB 21ms
18ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/edab4929a40146fb821d586457d137e6.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c486bf7d530918b59fe569c9b232ff2356ec265bdd25c3977a4dbbd9da123e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1633
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:49 GMT

GET
H3 200 756d757e6528c3a0a9338cc41f9a61b1.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 299 B
265 B 21ms
18ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/756d757e6528c3a0a9338cc41f9a61b1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

572bc0584a0476c0e03db0b475dcf119873378e8e950ddd66ba027264432f2b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181652
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:50 GMT

GET
H3 200 9c31fe11844006970ffaccbcad1fd41f.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 4 KB
2 KB 20ms
17ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/9c31fe11844006970ffaccbcad1fd41f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43a9a2154c658cf0a3a1aebe3d5ce4ea817564fc27e85b90f2651cf46f37deda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181652
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1712
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:50 GMT

GET
H3 200 20cd3c9c87a3dcad42074ff89b4391e0.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 8 KB
2 KB 32ms
27ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/20cd3c9c87a3dcad42074ff89b4391e0.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181654
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2458
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:48 GMT

GET
H3 200 ccddd80afeb32369f13a2e1a87086966.png
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 2 KB
2 KB 30ms
26ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/ccddd80afeb32369f13a2e1a87086966.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b78344a18cc46582ecbd6c65057aa0d36c76a8f2d9d23a738eba4a905f27a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 22:06:13 GMT
x-content-type-options: nosniff
age: 490509
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1855
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 22:06:13 GMT

GET
H3 200 d4759bcbd6e2fc771310419f7fc638e2.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 921 B
432 B 29ms
25ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/d4759bcbd6e2fc771310419f7fc638e2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf6723bc6fdabc360afa8360ff6fa68bbaf5678344c2ef5367019c1c68f9e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181652
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 394
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:50 GMT

GET
H3 200 2b6305a7c8bdb2e12dccb485473bf946.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 333 B
272 B 30ms
26ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/2b6305a7c8bdb2e12dccb485473bf946.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d99d5dc2e523d10581441a4c4de7cf29527063bd6c1198f601f863ceba76913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181652
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:50 GMT

GET
H3 200 563d35e070b536fe99ac6f90cc143021.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 262 B
228 B 31ms
26ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/563d35e070b536fe99ac6f90cc143021.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f824255471c27fa4d1711fb3dc95cd1abb01d4267cddb88a80da9de0ad9e568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181652
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:50 GMT

GET
H3 200 14e32be1039d7747a8b5345c4a4b813f.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 764 B
482 B 29ms
25ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/14e32be1039d7747a8b5345c4a4b813f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb609adfb919b1b06ba838c242ceeb6351bdfd1917ac381e841b3c68c107fd94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181652
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 444
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:50 GMT

GET
H3 200 0cde5efc0567bcab21474422961ea657.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 904 B
409 B 30ms
26ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/0cde5efc0567bcab21474422961ea657.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce4076cd760ba035ee9d326f3a1bf9157dfeac50fb058a9aedfe53b2fd10ad91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181652
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 371
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:50 GMT

GET
H3 200 e2b684e2986ea6141e36de2511a816c1.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 1 KB
636 B 30ms
26ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/e2b684e2986ea6141e36de2511a816c1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aca9d549981e9a27a786545ba75fed3bc70738752aa299e95af6669f199464a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181652
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 598
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:50 GMT

GET
H3 200 bg_img.jpg
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 12 KB
12 KB 20ms
17ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/bg_img.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

186b0a55e7275c84c35a6d1535e9f05a13fd6bdd959ddba21c3d73f159762122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:05 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12366
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:05 GMT

GET
H3 200 bg_img_01.jpg
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 20 KB
20 KB 22ms
20ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/bg_img_01.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ee1aafe7fc3760e4f8e7531e236a9ee0ca51ecaf7361cc63b3a115f8fcb1e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:05 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20007
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:05 GMT

GET
H3 200 bubblespritesheettiny.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 26 KB
26 KB 23ms
20ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/bubblespritesheettiny.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:32:59 GMT
x-content-type-options: nosniff
age: 344903
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27068
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:32:59 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 510 B
544 B 23ms
21ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4fb40605171ead73d378f3bf90d138679f7d4cbc215be7b4e1e6bd16cd05f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:05 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 510
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:05 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 2 KB
2 KB 24ms
21ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bae4a5df5ad2928d29b1664add68f4cc8070c283864945b9243cd09867270d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:05 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1554
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:05 GMT

GET
H3 200 logo_white.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 2 KB
2 KB 24ms
21ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/logo_white.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

632455e18650def1247aeacc25754ad0eb43e504ee0ae3da61c63182dc5081b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:05 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1601
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:05 GMT

GET
H3 200 siegel.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 5 KB
5 KB 24ms
21ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/siegel.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4870915b661e4b212581ce157e4d1507f127f6d71dc562af0f8bc7fba3829c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:05 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4794
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:05 GMT

GET
H3 200 stage_01_01.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 519 B
553 B 24ms
22ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/stage_01_01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f5b2a1d8445987e9bea4ea40115e763b53d81f6a7ff765f3d97850c540b806d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 519
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 stage_01_02.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 510 B
544 B 24ms
22ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/stage_01_02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

401fe5a4c1c7065544d860e5a3af5fa5f7707f221ea7b82e21fbc95562d9469e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:05 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 510
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:05 GMT

GET
H3 200 stage_01_03.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 519 B
552 B 24ms
22ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/stage_01_03.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115657adc9f6a18b895a254b86eba723f4a7b83fbdf51ad4aa8e173a8887387d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:05 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 519
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:05 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E8CE 0
26 B 53ms
52ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKRc_VGtWeNoGqozan8i5iWtulkdqfMGCoh-bAq0pZBVFQ-mNzOWFqKfckeZQRLIU0b8tWHd58SaCg9yixDgKB7I08e2Z155fugVAp7Dm2ensgRlAPBhhj7obSzfrSp_8HPzAADZ7yhxunckQQdzdeEcI-LASHC2_Gd8UiByiUL2_CNYuTjGj_mv6AjoTHvLzM7PD3FfoTOPdIQc_1mn4TOmilSy07XVhL0B73L-Or5egtm2INijf_Kke2gqfBYuaq5IbxRELsdgxJr1DVivQ0wX0Spw3VP4P0sjD1A0Baq05gIQDOE7MFCplILFb5_0IQtC79MFkxvRFihSiGW0o4xfYi5131EP2rHmphj3Ww2_m7YIMFu2TnpvcibPFLPO_hCirKKjjyh2TZmRUUlWvFkU56N8ChDaJSxzAokTtOI6TT5iG1XdAnJYMvOb5S3ppGZPzWm48XUvx9oF-NgVjbhK-xs-vc20lH28e6FUnapJ4thVvw_rpd9Rvl0q1cWImGBqX_Vf1D3znjrYMmDBlF6cFvke-GFZH0kEo37OD5Vi-ktPoATZXvwd13WcfDHVNCNHxFxW3DXc4Sc_Ua0PIWOQnWRZiPaC7u7nHZswPGXHJAlRfmoArQu26XAjKiaJubo9HEXx569iOAMNn4CAzDy2SIr8Keejm1DG-V__gDBcWUaSz-Rn_yWRBVK7hNvSmLZ3XH0hsmv1W7US8-qyi2NymCoQKMWje-BdIfzYBQq4wlyVJ7WK4ICLWLX9QNEXS43203CfQ3uLaXz9RFF70XE5lzPmMeNQAn_9V1d1Jv_90wrQ9tXs_WPRx1Dm-KXZBFbsRR1koxVauUCMn1HXFH48D22080b-FGC0uK6pbZjaIbLbzUvnqTU9piON3xd9Ra8mHyr3XMC4NOB2kizzkgg2pkLcUWJAiBKjkGY_tCRnJDWdZEAcjAmQnlNsUuM42txAyQ2aBLKk07R7nmGjHLsjLAlioF2pRZzJOAAWg4mKR2FkPsHq6iVY7KOKyaIa07ubkb7I8B-nZEPqlnkJ_qla3cvB0dPnANqDnZf4DS1yFrH0XhjuWlXeL9gHf2cUHERDl_RAIJFMwRIPgr6jFbm-I0YisyLplyWqY2QNsDyQitlW6I4T1MopgPF0F-2xuDT-rSElp72xt3nUAvmuYZ4U633LegJ9kjTV7MKNXR_b0eS6bKdlBSq5hpM0Xw0bVltXf8hXeEi2d2YZM1Lvb4zHD0dJBUjPtSFCbBgYdzsZGDQppALVP8Ux9iYS1lh_BWlgyxq-PapEBBzhBxnDnWkevbaNGA9Doj&sai=AMfl-YREoWOg1_5E4Hu9q39ba0Bv8AaMJbUszLmyjbBLo60QybZ0-f7jas0WHAIIECtzDav1HXrXHl4vCnv0qhYR-XuVs-IaeQjqIC4IQGc3L581FgWhefeLc9ara59h2UJbOXJ9PRIVoPbb0ESUouPyroQ3eNIZvSVKJN3TRl9b7NZK2gHjo1fgSw_-n42WRVlbPjZTv3BwxleDs7U3Dxqy4ZbIVaITGoI&sig=Cg0ArKJSzEBxUY1exWctEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2372&vt=11&dtpt=1586&dett=3&cstd=784&cisv=r20220831.10407&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 28D4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1478a0e944ec232c5ef748062f121fca6c3635ab77ca53d76b2f5f0a498f458

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 42B2 0
747 B 13ms
12ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2951b4e2-9231-4fbc-bae3-5a1ee61772f1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2A39 52 KB
17 KB 8ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xfsjbwvy&e=1534108800930
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34365
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:22 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321843
X-Served-By: cache-lga21953-LGA, cache-fra19136-FRA
X-Timer: S1662301283.795207,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 2249 0
819 B 15ms
15ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QKdDfBMnQYAAAMA1gAFAQjf6NKYBhCtr6SJ8Mq5xy8YjYHql4-bxtEoKjYJDKZh-IiYYj8RP1l0VPW3Wz8ZAAAAoJmZyT8hP1l0VPW3Wz8pDaYJJPCaMQAAAEDhepQ_MNev7Qw4mFBA6j9IAlCWg6yDAVi18qABYABonNzEAXi-8QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNTI0ODk5MywgMTY2MjMwMTI3OSk7dWYoJ2knLCA1NDgyMTY5LCAxNjYyMzAxMjc5KTsBHTRnJywgMTQwOTAzMzAsID47ABxyJywgMjc1NAE-ADQ2HwDwi5ICpQQhV21lNWhRak93SndYRUphRHJJTUJHQUFndGZLZ0FUQUFPQUJBQUVqcVAxRFhyLTBNV0FCZ2JXZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBYWdCQWJBQkFMa0JGOEtRS09HaVlqX0JBUmZDa0NqaG9tSV95UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0Fibk56Z0wxQVFyWEl6eVlBZ0NnQWdHMUFnASMEQzkJCPBbREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0dBQXdHWUF3RzZBd2xCVFZNek9qVTVPVFBnQTVrdmdBU1QyOHNGaUFTazI4c0ZrQVFCbUFRQnVnUWFDSVVFRVEBaBxBQUFOQV9HUQEJCQEgSUlMR2l3N0JCCQ8FIAR5UR0hGE5nRUFQRUURH1xBQUNJQmVrdXFRV0xHa3pEOEJId1A3RUYZIGxEQkJYc1Vya2ZoZW9RX3lRVUFBQURnZmg3TlA5MigABFpCEWfwQ1BBXzRBWGpBZkFGMm9EY0J2Z0Y0YV9BQW9JR0ExVlRSSWdHQUpBR0FaZ0dBS0VHZXhTdVItRjZoRC1vQmdTeUJpUUpBGYEAUhkLBEFaHQwAaBkMQEM0QmdvLpoCmQEhTGhVcTd3OikCLExYeW9BRWdBQ2dBTR3NCE9nbD15FE5BbVM5ShFVCDhEOR15AEIdeQBCFXkMMEQ5cBEwDEFBQngdDAg0QUkuMQK4OC7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIv8gIRCgZBRFZfSUQSBzVpYRzyAhIKBkNQRwEUAAhxOxjyAgoKBUNQARQ4ATDyAg0KCEFEVl9GUkVRERAcUkVNX1VTRVIFEAARCSA8Q09ERRIFNTkwMjPyAiMKCAFWBRQYFzAwazNwMAEBTHV5NnV3QUFBX2RlXzDyAgsKB0NQCSUcAPICEAoFSU8BdQQHNWGjIDY58gIdCgdJTwkhDBIwMDYNRmB4YmJDbUFBSfICEwoPQ1VTVE9NX01PREVMAT0UAPICGgoWMhYAIExFQUZfTkFNRQEdCB4KGjYdAAhBU1QBPhBJRklFRAEhHA0KCFNQTElUAU3wiwEwgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOODE3MCNBTVMzOjU5OTPaBAIIAeAEAfAEpWUgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAF1ahC-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG6CnaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAOLoGQADIB77xBdIHDRV2ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=c54d4db34ae2199086c23ff9555a4588904e8ba1&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dxfsjbwvy%26e%3D1534108800930,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dxfsjbwvy%26e%3D1534108800930&

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=xfsjbwvy&e=1534108800930

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6a745ca3-2ab8-4dd5-b0fa-7fa1552914cc
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame BE5B 52 KB
17 KB 7ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lqajnjktk&e=1834762243861
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34365
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:22 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321516
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301283.798976,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame C7BD 0
819 B 14ms
14ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QKbDfBMmwYAAAMA1gAFAQjf6NKYBhDItd-32NzTrjsYjYHql4-bxtEoKjYJVdl3RfC_hT8RgLIdm7o1gD8ZAAAAgOtRyD8hgLIdm7o1gD8pVdkJJPCwMQAAAEDhepQ_MNuv7Qw4mFBA6j9IAlDY4_1-WLXyoAFgAGi4n8MBeNnxBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJ3dWYoJ2EnLCAyOTQwNzkwLCAxNjYyMzAxMjc5KTt1ZignaScsIDQ4MjM5MzEsIDE2NjIzMDEyNzkpO3VmKCdnJywgMTI3MjgyOTAsIDE2NjIzHTswcicsIDI2NjMwMTkxMjY9APQXAZICpQQhRFd2WXF3amFoTlFWRU5qal9YNFlBQ0MxOHFBQk1BQTRBRUFBU09vX1VOdXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRRVM2VkZNYWIyRlA4RUJFdWxSVEdtOWhUX0pBUUFBQUFBQUFQQV8yUUVBQUFBQUFBRHdQLUFCLTdhbUF2VUJ6Y3pNUFpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBeE51QURtUy1BQk96ZnhRU0lCS20yeXdTUUJBR1lCQUc2QkJvSWhRUVJBQUEBmhBBMEQ4WgUJCQEcZ2dzYUxEc0URrRRBMERfSkIJHAUBFDJBUUE4URHZYEFBQUlnRmdDLXBCWXNhVE1Qd0VmQV9zUVUBGgkBGE1FRm1wbVoBAhB1VF9KQgE7HE1EQ0xMc18wLigACE5rRgkxyEFBOERfZ0JhWUk4QVhpNzRnRy1BWDJ2ck1CZ2dZRFZWTkVpQVlBa0FZQm1BWUFvUWFhbQVeMG01UDZnR0JMSUdKQWsRSwhBQUIVywxBQUJrGRgAQx0YRExnR0NnLi6aApkBIUFSY3lsZzYpAix0ZktnQVNBQUtBQXgZzRg4NkNVRk5VMXkQa0NaTDARYQxEd1AxHWEARhEYDEFBQUcRGAxEUVAyHRgASBEYBEFBQXUEaVEREPBARHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2Vhcm5tZS5jbHViL_ICEQoGQURWX0lEEgcyOTQwNzkw8gISCgZDUEcBFAwIMTI3ZTsY8gIKCgVDUAEUOAEw8gINCghBRFZfRlJFUREQHFJFTV9VU0VSBRAAEQkgSENPREUSBTMzNjg18gIjCghDUEcJFBgXMDBrMzkwAQFMcWZYMzBBQUVfZGVfNfICCwoHQ1AJJRwA8gIQCgVJTwF1CAc0OGXhGPICHQoHSU8JIQwSMDA2DUZgdG5ZYjRBQUXyAhMKD0NVU1RPTV9NT0RFTAE9FADyAhoKFjIWACBMRUFGX05BTUUBHQgeCho2HQAIQVNUAT4QSUZJRUQBIRwNCghTUExJVAFN8NcBMIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7bAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTQwqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjgxNzAjQU1TMzo2MDE22gQCCAHgBAHwBNjj_X6IBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX3qxn6BQQIABAAkAYAmAYAuAYAwQYBIQExINAG6CnaBhYKEAkRGQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgH2fEF0gcNCRE6ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=adfde2db3e2de1071cba9245020228f9a8babb0c&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dlqajnjktk%26e%3D1834762243861,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dlqajnjktk%26e%3D1834762243861&

Requested by

Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=lqajnjktk&e=1834762243861

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 23a552c9-c781-4992-afa0-13ac7b532711
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 0149 0
150 B 35ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=65059300066552001467939012072010&a=df5fc930&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dzqobcegrs%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUPy5L793l_0MwjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAQiXozgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521JRfSkAjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjEyMUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTIx%2Fbn%3D97002%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame F74F 0
150 B 35ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=38291500066552101467939012072010&a=3ed3c104&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dtcsdeolg%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP5X7-VffJzUojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAVyYs5AAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LBe7kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjExOUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTE5%2Fbn%3D96994%2Fclickenc%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 7C09 0
840 B 23ms
23ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK3CvBMNwUAAAMA1gAFAQjf6NKYBhDLnqP70b67xnMYjYHql4-bxtEoKjYJ_Knx0k1iUD8RV7ZqMj4nSD8ZAAAA4KNwzT8hV7ZqMj4nSD8p_KkJJPCaMQAAAEDhepQ_MO-83ww4mFBApgZIAlDSifWvAVi18qABYABoif3DAXiQ9gWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNjA4MDUyMywgMTY2MjMwMTI3OSk7dWYoJ2knLCA3MzkwNzkzLCAxNjYyMzAxMjc5KTsBHTRnJywgMTgzNjU3NjUsID47ADByJywgMzY4OTE5NzYyNh8A8IuSAvUDIWxGWVRCQWpvNDdRWkVOS0o5YThCR0FBZ3RmS2dBVEFBT0FCQUFFaW1CbER2dk44TVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkNyQUJBTGtCUVZtaVdVNWlVRF9CQVVGWm9sbE9ZbEFfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBY21Nd3dQMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall4TXpEZ0E1a3ZnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBWHlMNmtGaXhwTXdfQVI4RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGWlBBRnhmcmdDUGdGaTVEekFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRzhXamppTFg0NUQ2b0JnR3lCaVFKAV4NAQBSDQgBAQBaAQUNAQBoDQhMQUFBQzRCZ28umgKZASEzeFUtMlE6-QFkTFh5b0FFZ0FDZ0FNZkZvNDRpMS1PUS1PZ2w9SRRCQW1TOUoBTwEBCDhEOR15AEIdeQBCHXkEQnABLAkBBEJ4CQgBAUFFWQHw10FBQS7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQNODA2I0FNUzM6NjEzMNoEAggB4AQB8ATSifWvAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAEOcNgFAeAFAfAF6_RP-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG-AHaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOLoGQADIB5D2BdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=ea064b100681a2a31c72c60ee4efb478969fb24c&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=2383648171409735609&vd=ct~0|rr~6&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26730095&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3aad8d44-b2d4-4e56-9d46-54bfcd2eca48
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 1EED 0
840 B 13ms
13ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QKPBvBMDwMAAAMA1gAFAQjf6NKYBhD3m--W0dzl_WgYjYHql4-bxtEoKjYJDaZh-IiYgj8RPQUjo8F1fj8ZAAAA4KNwzT8hPQUjo8F1fj8pDaYJJPS7AjEAAABA4XqUPzDvvN8MOJhQQOUeSGVQoZ_pJFi18qABYABoif3DAXiI9wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi-AAwCIAwGQAwCYAxegAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLUNjR25MMFVmbUxKQTBEb0xZcWxEUlBkLUk4SnpjeDU2Q1I3b2RnOEFQX3RLM1ViME4xYm9IVkVqckUyYkZpZUYtaEFjQlJqZk1xSkgwcEg1NmotVkhaWkNEOURnJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzc1NjQ4MDU5MDk3MDY5NTIxODMiCDc3MjIxNzkzKgQzOTQxOgEwwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKGf6SSIBQGYBQCgBba3u7Cd04bzL8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaHHC_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxNDQ4OTE4ODg2NjS6Bw8IABAAGAAgADAAOLoGQADIB4j3BdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=eabab60c5ef0069b2062e85d13847d09c5b7ad7b&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=2383648171409735609&vd=ct~0|rr~5&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26730095&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8f57d1d0-3c1b-4a1e-a383-b0186f21c14b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame A184 0
840 B 15ms
14ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QKOBvBMDgMAAAMA1gAFAQjf6NKYBhDLxIqk04bK-QQYjYHql4-bxtEoKjYJw7tcxHdihj8R0xsoz0BVgj8ZAAAA4KNwzT8h0xsoz0BVgj8pw7sJJPS6AjEAAABA4XqUPzDvvN8MOJhQQOUeSGVQoZ_pJFi18qABYABoif3DAXiK9QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi-AAwCIAwGQAwCYAxegAwGqA-kBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLUF3SmplODJpdm45Ry1BeWtGcHlvM0paZHRLY0tqT2s4Z3NmVzRuYUtmajNkQm1EOFBNXzZZdE1ZNFdEUXVmY0pKNThPa3VUcVhQSURrSkVHUFVpaW1ZMFpZenNBJnByPTEwOiR7QVVDVElPTl9QUklDRX0aEjM1NjY3MzAwNDQ3MTc1NTMzOSIINzcyMjE3OTMqBDM5NDE6ATDAA6wCyAMA2AO2wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjE0MKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEoZ_pJIgFAZgFAKAF7b-o_97DlokvwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFoccL-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDE0NDg5MTg4ODY2NLoHDwgAEAAYACAAMAA4ugZAAMgHivUF0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=b47969674c8a3e7dd3639bc8575b948fd69ff17a&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=2383648171409735609&vd=ct~0|rr~5&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26730095&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4dcaffad-663f-4e8b-b719-db072a13f72c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 90E9 5 KB
2 KB 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 18:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330527
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1870
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 18:32:35 GMT

GET
H3 200 fonts.css
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 90E9 1002 B
265 B 20ms
18ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/fonts.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 18:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330527
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 18:32:35 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 90E9 5 KB
1 KB 19ms
17ms Stylesheet
text/css 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7041206683c7b5da4188ef7ed1523815102ac13af21f55c4b04b5fbbe4514ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 18:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330527
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1059
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 18:32:35 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 90E9 118 KB
40 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 07:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25714
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Sep 2022 07:12:48 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 90E9 57 KB
23 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Sep 2022 14:21:22 GMT

GET
H3 200 SplitText.min.js Show response
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 90E9 9 KB
4 KB 21ms
19ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 18:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330527
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3818
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 18:32:35 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 90E9 24 KB
10 KB 20ms
19ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfe8853b2397a43e20d55fd377aafeed785c7ae335ed07b4986997b9780f48a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:46:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344122
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10567
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:46:00 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 90E9 17 KB
3 KB 19ms
18ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f13bc08411a45add285949483ee8ab65001f6d7ebaddcfc83d5b2df50a4cde0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 18:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330527
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2678
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 18:32:35 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF8A 43 B
215 B 180ms
179ms Image
image/gif 2600:1f13:800:7782:2ffd:4913:b6c3:d37a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1127614&asId=ee64977a-7d66-d271-f929-fbee132e10df&tv=%7Bc:nfU9rZ,pingTime:-10,time:1559,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuNTIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1662301282875%7C%7C29266771f490ea4201d104cdfbc83478%7C%7Ca3eeeeb410530a2973f34b9badfd9b71%7C%7C183d93508927c15d3248bfda74709247%7C%7Cb242055959b8d11885dcf9981686a69c%7C%7Cbbeaf175bb4015a4d18f8285525c91d8%7C%7C3edf35a905a17df42aec84948f730be7%7C%7C3aea992cf55c47e17e96fb192b17ffc7%7C%7C1629390669%7D
Requested by: Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 575F 0
747 B 13ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: cd7c7d64-7ca2-428b-b57e-5b1d5339097c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame F6C9 0
150 B 39ms
15ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=10480400066552501467939012072010&a=22e2e00b&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkhwcukop%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP0P6bwgdGQsvjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAyiJtAQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd1kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjAzN0CZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDM3%2Fbn%3D96585%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 683C 0
747 B 26ms
26ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: eed7bc0f-e46c-44fa-83dd-4c7eef31048d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/ Frame 312C 0
145 B 32ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/postback?dt=2255451533761563475000&di=https%3A%2F%2Fearnme.club%2F&md=1&gt=DE&c1=ams3&c2=0&ti=3389830757012732483&pv=35ba5be0-24f5-4a06-81f4-628fd2410efb&ac=11493887&cr=215907859&ci=225545&ui=2928211502789460109&sr=10264&pp=2180927&to=3&pc=26730095&pd=avt&ap=&de=2&dm=300x250&cb=1186271738&sid=AX3pSZ8QEeV9kQZs&oz_sc=943bd6bae59cd1052b5f9918&oz_df=1662301282651&oz_l=221&cv=3
Requested by: Host: s.update.ib.adnxs.net
URL: https://s.update.ib.adnxs.net/2/2.67.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 04 Sep 2022 14:21:22 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BF8A 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjYfNZcvs1F74tO_xi4gSh_v7MQrCyUaYgRsYjWNpiKYioOyhz59da_tPWEZM4_XIbECyo9yRIvVlXSHbDzT3NgIr5eAYRLBWoppxwboZTZaRiuRx2FDeK3Uh7Q2zNMq-LkuwCaHE&sai=AMfl-YQjgzoHj59jo-1TSEfMwX35KibeIPcop4IDmITMAt4q0V1QkzF7ObPt-75PcrwOv8wgXRmCqf7cDzOGKJbHqod6LPBFi5pRrOYg3Cv6eSDj1cGU2I9DLHmZktLKEDM&sig=Cg0ArKJSzKAfVm_MMFQ4EAE&cid=CAASJ-RonjbfdHMOCDduLU6Ju4x90ZUyU5TqoCaTPWQIQlYEjuqdoW2Ukg&id=lidar2&mcvt=1228&p=154,436,244,1164&mtos=1228,1228,1228,1228,1228&tos=1228,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=763504407&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662301278817&rpt=2857&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 48ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LY1N2M6E7Y&gtm=2oe8v0&_p=1134922891&cid=937080875.1662301278&ul=en-us&sr=1600x1200&_z=ccd.v9B&sid=1662301277&sct=1&seg=1&dl=https%3A%2F%2Fearnme.club%2Fzero-8i-from-infinix%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=Zero%208i%20from%20Infinix%20%E2%80%93%20Tech%20One&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame B743
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEEzBv5TOLAMI1Cjrnp898ds&google_cver=1&google_push=AehlK4CuA3Kxa2UlPPwOdng6ba0bKLxPo0cd3YYz7xjdboO4vG6UN33HvQqr_4ayoGY7_9AbnmnJEyS3dY6rPPD3-blt38QySg0&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEzBv5TOLAMI1Cjrnp898ds&google_cver=1&google_push=AehlK4CuA3Kxa2UlPPwOdng6ba0bKLxPo0cd3YYz7xjdboO4vG6UN33HvQqr_4ayoGY7_9AbnmnJEyS3dY6rPPD3-blt38QySg0...

43 B
422 B

189ms
176ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEzBv5TOLAMI1Cjrnp898ds&google_cver=1&google_push=AehlK4CuA3Kxa2UlPPwOdng6ba0bKLxPo0cd3YYz7xjdboO4vG6UN33HvQqr_4ayoGY7_9AbnmnJEyS3dY6rPPD3-blt38QySg0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CuA3Kxa2UlPPwOdng6ba0bKLxPo0cd3YYz7xjdboO4vG6UN33HvQqr_4ayoGY7_9AbnmnJEyS3dY6rPPD3-blt38QySg0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
URL: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
cf-ray: 74575f0d4c099c12-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 671
cf-ray: 74575f0aaf739c12-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEzBv5TOLAMI1Cjrnp898ds&google_cver=1&google_push=AehlK4CuA3Kxa2UlPPwOdng6ba0bKLxPo0cd3YYz7xjdboO4vG6UN33HvQqr_4ayoGY7_9AbnmnJEyS3dY6rPPD3-blt38QySg0&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4CuA3Kxa2UlPPwOdng6ba0bKLxPo0cd3YYz7xjdboO4vG6UN33HvQqr_4ayoGY7_9AbnmnJEyS3dY6rPPD3-blt38QySg0%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B743
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOGKI3wv9qv9DvBo73ypjIQ&google_push=AehlK4BXsywwvXFbqChlFdI1rTpkdf2TA4K3AZS6iwqhS7-XhGk4FTPIh5...

170 B
188 B

27ms
27ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOGKI3wv9qv9DvBo73ypjIQ&google_push=AehlK4BXsywwvXFbqChlFdI1rTpkdf2TA4K3AZS6iwqhS7-XhGk4FTPIh5oFC0dJEqdvxVj6JRSgsNv6JxtXR-MKaM5pOhiQwv0

Requested by

Host: 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
URL: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1662301283.030337,VS0,VE190
x-served-by: cache-fra19169-FRA
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOGKI3wv9qv9DvBo73ypjIQ&google_push=AehlK4BXsywwvXFbqChlFdI1rTpkdf2TA4K3AZS6iwqhS7-XhGk4FTPIh5oFC0dJEqdvxVj6JRSgsNv6JxtXR-MKaM5pOhiQwv0
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B743
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEC93VUBEy3IIakFLNCQcIvM&google_cver=1&google_push=AehlK4Dm5RSW65pNo-AE5rT1NQ9CrXk2Lk7oM1cAb_jbBTrrO-_TH7wXtyncTdMTvIPdU5sr6RK20z9Aaqd...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4Dm5RSW65pNo-AE5rT1NQ9CrXk2Lk7oM1cAb_jbBTrrO-_TH7wXtyncTdMTvIPdU5sr6RK20z9AaqdTQ_EZAtA9udMFvGE&google_hm=gdLkJchNQ8SqX8lEb8ScOow

170 B
188 B

24ms
24ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4Dm5RSW65pNo-AE5rT1NQ9CrXk2Lk7oM1cAb_jbBTrrO-_TH7wXtyncTdMTvIPdU5sr6RK20z9AaqdTQ_EZAtA9udMFvGE&google_hm=gdLkJchNQ8SqX8lEb8ScOow

Requested by

Host: 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
URL: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AehlK4Dm5RSW65pNo-AE5rT1NQ9CrXk2Lk7oM1cAb_jbBTrrO-_TH7wXtyncTdMTvIPdU5sr6RK20z9AaqdTQ_EZAtA9udMFvGE&google_hm=gdLkJchNQ8SqX8lEb8ScOow
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B743
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEBNWMITZthi4pzcmscDzZqU&google_cver=1&google_push=AehlK4DbS2RBqMAbaf76mcGx8qmqWSl21JmQvNLZdBpVPSdje4ZhDXd6bb9QXL3ayssJQHVxBnwKW-EpS0aYcAGWLHW0O14...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBNWMITZthi4pzcmscDzZqU&google_cver=1&google_push=AehlK4DbS2RBqMAbaf76mcGx8qmqWSl21JmQvNLZdBpVPSdje4ZhDXd6bb9QXL3ayssJQHVxBnwKW-EpS0aYcAGWLHW0O...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4DbS2RBqMAbaf76mcGx8qmqWSl21JmQvNLZdBpVPSdje4ZhDXd6bb9QXL3ayssJQHVxBnwKW-EpS0aYcAGWLHW0O14WKhM

170 B
188 B

25ms
24ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4DbS2RBqMAbaf76mcGx8qmqWSl21JmQvNLZdBpVPSdje4ZhDXd6bb9QXL3ayssJQHVxBnwKW-EpS0aYcAGWLHW0O14WKhM

Requested by

Host: 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
URL: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4DbS2RBqMAbaf76mcGx8qmqWSl21JmQvNLZdBpVPSdje4ZhDXd6bb9QXL3ayssJQHVxBnwKW-EpS0aYcAGWLHW0O14WKhM
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B743
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMMYtiyxZ3f8NRdN-RpPpvs&google_cver=1&google_push=AehlK4ALxDhN-Ey9ckKdU3LrYaBnvepH5WBAmDouov5j6Wzj2Nf40N8Aqalx849Jq4fmOLx0NoRsqprh...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMMYtiyxZ3f8NRdN-RpPpvs&google_cver=1&google_push=AehlK4ALxDhN-Ey9ckKdU3LrYaBnvepH5WBAmDouov5j6Wzj2Nf40N8Aqalx849Jq4fmOLx0NoR...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQwMjAxOTg5NTIwMjgzMTc5NA&google_push=AehlK4ALxDhN-Ey9ckKdU3LrYaBnvepH5WBAmDouov5j6Wzj2Nf40N8Aqalx849Jq4fmOLx0NoRsqp...

170 B
188 B

25ms
25ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQwMjAxOTg5NTIwMjgzMTc5NA&google_push=AehlK4ALxDhN-Ey9ckKdU3LrYaBnvepH5WBAmDouov5j6Wzj2Nf40N8Aqalx849Jq4fmOLx0NoRsqprhj5G3p6Pxa_214leZ9Us

Requested by

Host: 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
URL: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQwMjAxOTg5NTIwMjgzMTc5NA&google_push=AehlK4ALxDhN-Ey9ckKdU3LrYaBnvepH5WBAmDouov5j6Wzj2Nf40N8Aqalx849Jq4fmOLx0NoRsqprhj5G3p6Pxa_214leZ9Us
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B743
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEH0zErgd1b8lSITL86RG-7Q&google_cver=1&google_push=AehlK4D1Rg9H7vMelgIGjquUsr3Zu9vla1IIVslTPDKFHvXh6ysgv86mCiICC9C7huyWmrytoXUCBrIeIJOIUIhQ...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4D1Rg9H7vMelgIGjquUsr3Zu9vla1IIVslTPDKFHvXh6ysgv86mCiICC9C7huyWmrytoXUCBrIeIJOIUIhQj_iYTKJErw

170 B
188 B

29ms
25ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4D1Rg9H7vMelgIGjquUsr3Zu9vla1IIVslTPDKFHvXh6ysgv86mCiICC9C7huyWmrytoXUCBrIeIJOIUIhQj_iYTKJErw

Requested by

Host: 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
URL: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 04 Sep 2022 14:21:22 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AehlK4D1Rg9H7vMelgIGjquUsr3Zu9vla1IIVslTPDKFHvXh6ysgv86mCiICC9C7huyWmrytoXUCBrIeIJOIUIhQj_iYTKJErw
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: O8CfbcG9CFuNmUuvUE7KTTd-xkpF5ObC8aaDguQ0dgzy7av5uneLrg==

GET
H3 200 dot.gif
s0.2mdn.net/ Frame B743 43 B
72 B 23ms
21ms Image
image/gif 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEBNhvC25iBqU-UUiRZ3s4nc&google_cver=1&google_push=AehlK4A7-BKhh3x9zReWlc6ySAdtMZpjL0kkagLWUhG3ZGDGWJSnNR_9nYtyT1SFuVV-ExNsU2prWPMejlzbNnQfMD8HL3ArVe8

Requested by

Host: 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
URL: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 05 Sep 2022 14:21:22 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B743 0
12 B 24ms
23ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Iw1FubROZ72N5HpefiPkY1-7FWMuoG052SpGSWUAAc_EyU_D6gvNblktMXQkKL-79fKnJrBQ

Requested by

Host: 5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
URL: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CD88 0
747 B 13ms
12ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8b93cf72-6720-46a5-a9ed-8fb5a3c9a2dd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 4F9D 0
150 B 36ms
14ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=37787700066552701467939012072010&a=35dd6e07&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dkqwlsycf%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP1Svmx6DSP86jYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIA6yIkUwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LRcGkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA4NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDg0%2Fbn%3D96847%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 759D 0
747 B 26ms
25ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5411c992-8ca2-430f-876e-ac4ddec3b600
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame D2CC 0
747 B 14ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 13c67949-c515-4aba-bde4-730dc375114f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6907 0
747 B 14ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:22 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0278aaf2-d46c-4c12-b096-5bb1f7924fc4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C059 0
747 B 56ms
56ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: fda4567d-21ac-43eb-af49-12391f807f93
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 62cb648c2b03099a9d7af6cb0f943ca4.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 4 KB
2 KB 15ms
14ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/62cb648c2b03099a9d7af6cb0f943ca4.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1a7e0734e57be7f5ca3f90c5e30ac070e93a1f2f55100884920da36aaf57705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181654
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1717
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:49 GMT

GET
H3 200 9b623992979c2c99451765094199c43a.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 1 KB
718 B 17ms
14ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/9b623992979c2c99451765094199c43a.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3ae1be851de91fea1d6c42b19df2f1a35df8fa626b30c879b090324eda44ce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181654
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 680
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:49 GMT

GET
H3 200 3212338bb0be0b574ad231e216e32f4c.jpg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 6 KB
6 KB 17ms
14ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/3212338bb0be0b574ad231e216e32f4c.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e01229bbb5b2f75d84278ab92afb8d3613223493bb7f58700b7f26b5bd7c71d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 02:30:30 GMT
x-content-type-options: nosniff
age: 474653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6140
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 02:30:30 GMT

GET
H3 200 0e882d2e9d695c89581c4d3d88957eec.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 3 KB
999 B 19ms
17ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/0e882d2e9d695c89581c4d3d88957eec.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cca43627e4d80bb78c2437c793b99da78310efaf2d7f6d041671c73d3a693f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181654
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 961
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:49 GMT

GET
H3 200 46a20774c1da411f51bca4b8ca9b3774.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 2 KB
760 B 20ms
17ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/46a20774c1da411f51bca4b8ca9b3774.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475316d3002b7bf04d39e01825b8443b2748411e616908cbc2a87e49faa1f1ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181654
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 722
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:49 GMT

GET
H3 200 41086e9e644dfd6edb1dee1a27276fbe.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 1 KB
527 B 20ms
18ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/41086e9e644dfd6edb1dee1a27276fbe.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06e0e91a01af508f9eb830feafe8dbf0b381e0333ce3667489e6cf48809c927b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181654
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 489
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:49 GMT

GET
H3 200 edab4929a40146fb821d586457d137e6.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 5 KB
2 KB 22ms
20ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/edab4929a40146fb821d586457d137e6.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c486bf7d530918b59fe569c9b232ff2356ec265bdd25c3977a4dbbd9da123e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181654
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1633
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:49 GMT

GET
H3 200 756d757e6528c3a0a9338cc41f9a61b1.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 299 B
265 B 22ms
20ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/756d757e6528c3a0a9338cc41f9a61b1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

572bc0584a0476c0e03db0b475dcf119873378e8e950ddd66ba027264432f2b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:50 GMT

GET
H3 200 9c31fe11844006970ffaccbcad1fd41f.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 4 KB
2 KB 23ms
20ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/9c31fe11844006970ffaccbcad1fd41f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43a9a2154c658cf0a3a1aebe3d5ce4ea817564fc27e85b90f2651cf46f37deda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1712
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:50 GMT

GET
H3 200 20cd3c9c87a3dcad42074ff89b4391e0.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 8 KB
2 KB 25ms
23ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/20cd3c9c87a3dcad42074ff89b4391e0.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2458
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:48 GMT

GET
H3 200 ccddd80afeb32369f13a2e1a87086966.png
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 2 KB
2 KB 26ms
24ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/ccddd80afeb32369f13a2e1a87086966.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b78344a18cc46582ecbd6c65057aa0d36c76a8f2d9d23a738eba4a905f27a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 22:06:13 GMT
x-content-type-options: nosniff
age: 490510
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1855
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 22:06:13 GMT

GET
H3 200 d4759bcbd6e2fc771310419f7fc638e2.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 921 B
432 B 26ms
24ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/d4759bcbd6e2fc771310419f7fc638e2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf6723bc6fdabc360afa8360ff6fa68bbaf5678344c2ef5367019c1c68f9e39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 394
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:50 GMT

GET
H3 200 2b6305a7c8bdb2e12dccb485473bf946.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 333 B
272 B 26ms
24ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/2b6305a7c8bdb2e12dccb485473bf946.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d99d5dc2e523d10581441a4c4de7cf29527063bd6c1198f601f863ceba76913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:50 GMT

GET
H3 200 563d35e070b536fe99ac6f90cc143021.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 262 B
228 B 26ms
25ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/563d35e070b536fe99ac6f90cc143021.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f824255471c27fa4d1711fb3dc95cd1abb01d4267cddb88a80da9de0ad9e568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:50 GMT

GET
H3 200 14e32be1039d7747a8b5345c4a4b813f.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 764 B
482 B 27ms
25ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/14e32be1039d7747a8b5345c4a4b813f.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb609adfb919b1b06ba838c242ceeb6351bdfd1917ac381e841b3c68c107fd94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 444
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:50 GMT

GET
H3 200 0cde5efc0567bcab21474422961ea657.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 904 B
409 B 27ms
25ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/0cde5efc0567bcab21474422961ea657.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce4076cd760ba035ee9d326f3a1bf9157dfeac50fb058a9aedfe53b2fd10ad91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 371
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:50 GMT

GET
H3 200 e2b684e2986ea6141e36de2511a816c1.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 1 KB
636 B 27ms
26ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/e2b684e2986ea6141e36de2511a816c1.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aca9d549981e9a27a786545ba75fed3bc70738752aa299e95af6669f199464a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 598
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:50 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2F8E 22 KB
8 KB 18ms
17ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0DBE 0
747 B 14ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f78fcbd1-e0f9-4a74-9ab7-cc0de819dffb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 312C 0
840 B 19ms
15ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhDD9L_D0KPGhS8YjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAA4KNwzT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w77zfDDiYUEDKTkgCUJP8-WZYtfKgAWAAaIn9wwF4yfIFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhdjJRNFlBakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VPLTgzd3hZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBek4tQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCWlV2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUt4ZDFrZzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEUMENaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MDM32gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEm8EzwP9AGuzPaBhYKEDW6W-Ak9UoGgfRij9JBDvsQAxgB4AYB8gYCCACABwGIBwCgBwG6Bw8IABAAGAAgADAAOLoGQADIB8nyBdIHDQkAAAFRBAAAAR4I2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=448ca316817112ca26e6c694d83d58b5541de7b6&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=2383648171409735609&vd=ct~0|rr~5&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26730095&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7d8fd486-8c90-41e0-adf7-daf3d0bbd17c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame D42A 0
840 B 19ms
15ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhCulr3v3fz_oTAYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAA4KNwzT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w77zfDDiYUEDKTkgCUJP8-WZYtfKgAWAAaIn9wwF46vUFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhRFdYMWl3akZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VPLTgzd3hZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpFeU1lQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCZWt2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUpSZlNrQTYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEUVUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MTIx2gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgH6vUF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=605efa0b3391b733d4bd7ab5d98ebb60cf481e48&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=2383648171409735609&vd=ct~0|rr~5&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26730095&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0c136085-e5a0-4d48-9859-eb9c3397abae
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame D12A 0
840 B 20ms
15ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhDOjqmzlpiklhUYjYHql4-bxtEoKjYJjXHQvsBmkj8R9vLvPuFviD8ZAAAA4KNwzT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w77zfDDiYUEDKTkgCUJP8-WZYtfKgAWAAaIn9wwF40vMFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhMm1UWGJ3akZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VPLTgzd3hZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBMk5PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCYkF2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUt4ZDRrZzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MDY02gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgH0vMF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=68c5586f11f8dedd205f184135fd8894177211ce&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=2383648171409735609&vd=ct~0|rr~5&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26730095&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 16362146-049f-477a-b1ad-6233af7dbfa5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame EEF9 0
840 B 20ms
15ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK3CvBMNwUAAAMA1gAFAQjf6NKYBhDWofeU7u2TmhoYjYHql4-bxtEoKjYJ_Knx0k1iUD8RV7ZqMj4nSD8ZAAAA4KNwzT8hV7ZqMj4nSD8p_KkJJPCaMQAAAEDhepQ_MO-83ww4mFBApgZIAlDSifWvAVi18qABYABoif3DAXiq9gWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNjA4MDUyMywgMTY2MjMwMTI3OSk7dWYoJ2knLCA3MzkwNzkzLCAxNjYyMzAxMjc5KTsBHTRnJywgMTgzNjU3NjUsID47ADByJywgMzY4OTE5NzYyNh8A8IuSAvUDIW5sYlZDZ2pvNDdRWkVOS0o5YThCR0FBZ3RmS2dBVEFBT0FCQUFFaW1CbER2dk44TVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkNyQUJBTGtCUVZtaVdVNWlVRF9CQVVGWm9sbE9ZbEFfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBY21Nd3dQMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall4TXpYZ0E1a3ZnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBWDNMNmtGaXhwTXdfQVI4RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGWlBBRnhmcmdDUGdGaTVEekFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRzhXamppTFg0NUQ2b0JnR3lCaVFKAV4NAQBSDQgBAQBaAQUNAQBoDQhIQUFBQzRCZ28umgKZASE1QldjMj75AWRMWHlvQUVnQUNnQU1mRm80NGkxLU9RLU9nbD1JFFZBbVM5SgFPAQEIOEQ5HXkAQh15AEIdeQRCcAEsCQEEQngJCAEBQUVZAfDXQUFBLtgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO2wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjE0MKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA04MDYjQU1TMzo2MTM12gQCCAHgBAHwBNKJ9a8BiAUBmAUAoAX___________8BwAUAyQUAAAAAAADwP9IFCQkAAAAAAQ5w2AUB4AUB8AXr9E_6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0Ab4AdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ugZAAMgHqvYF0gcNCRE6ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=8e6919f4125a4d6c23ed42b4f70bc5861fabe01c&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=2383648171409735609&vd=ct~0|rr~6&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26730095&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1aa0fbe0-ea90-4d5c-8919-4ebc64c2431e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 537C 0
840 B 23ms
15ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhD3gKmtya7p32gYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAAoJmZyT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w16_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaJzcxAF47_MFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMheldSWFZ3akZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOZXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBMk9lQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCYlV2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBATxDNEJnby6aApkBIU1CZldrOgECLHRmS2dBU0FBS0FBeBltGDg2Q1VGTlUxURRVQ1pMMG05BQAxPSQERmsBZgkBAEcdGABHHRgASB0YEEhnQWlRERDw_UR3UHcuLtgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO2wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjE0MKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA8xMDA1OCNBTVMzOjYwNjnaBAIIAeAEAfAEk_z5ZogFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbCiAvoFBAgAEACQBgCYBgC4BgDBBgAAASYo8D_QBrsz2gYWChABDy4BAGAQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8IBRpEIAAwADi6BkAAyAfv8wXSBw0JETwBOAjaBwYJJ2jgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=2f4eb1ece21d33430a3f3cd8e43ceff4e219f6a2&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=2383648171409735609&vd=ct~0|rr~5&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957783&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8345e6f3-dce5-44bd-a706-dee02a21d0b8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 8F91 0
840 B 34ms
26ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhCV9-e_9fvJmigYjYHql4-bxtEoKjYJjXHQvsBmkj8R9vLvPuFviD8ZAAAAoJmZyT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w16_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaJzcxAF44vUFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhLTJRRWNRakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOZXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpFeE9lQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCZWN2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUxCZTdrZzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEUVUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MTE52gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgH4vUF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=7792d0fc3a7425dcee72fdeea091b8c839219adc&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=2383648171409735609&vd=ct~0|rr~5&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957783&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: fcffaf6d-dad9-40be-8c97-141992a6ecef
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F897 22 KB
8 KB 24ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 768C 0
840 B 39ms
25ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhCFopzOn5mzsiAYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAAoJmZyT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w16_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaJzcxAF4nPcFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhbTJUNk9RakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOZXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpFME9PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCWVF3cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUxoZEtrdzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MTQ42gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgHnPcF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=8cb5d75298677a733c35560bd24383a976c76226&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=2383648171409735609&vd=ct~0|rr~5&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957783&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 52b06350-48ec-48e5-a203-406dd7255de2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 5CF8 0
840 B 33ms
17ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhDU3u70sZDS_zoYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAAoJmZyT8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w16_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaJzcxAF4z_QFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMhMldTYlhRakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOZXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBNE5PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCY1F2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUxSY0drdzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MDg02gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgHz_QF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=aba58926cc013ece87286802d9a0883829504a3d&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=2383648171409735609&vd=ct~0|rr~5&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957783&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f90f49ad-4da1-4462-9137-953e578cef84
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 5635 0
840 B 34ms
19ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QKPBvBMDwMAAAMA1gAFAQjf6NKYBhD1h5iqw8HLtXsYjYHql4-bxtEoKjYJZoaNsn4zgT8RQMvmtuwsfD8ZAAAAgOtRyD8hQMvmtuwsfD8pZoYJJPS7AjEAAABA4XqUPzDbr-0MOJhQQOUeSGVQoZ_pJFi18qABYABouJ_DAXjb8wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi-AAwCIAwGQAwCYAxegAwGqA-oBCr8BaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1hd2JpZCZhd2JpZF9iPUFLQW1mLUMtRDdqOVpFTW9abE8tYlFPLVhMVVpldDk0aC1laFNaTFJkN3hjalg3NEloUi1kck9SNUk2TkhTVG9lcXFtdVpHLW5wcUVjeDhNeGFoc1N5bFY5MXlSd3JIUmZ3JnByPTEwOiR7QVVDVElPTl9QUklDRX0aEzg4OTMyNTI1MTkxNDE0NDI1NDkiCDc3MjIxNzkzKgQzOTQxOgEwwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBKGf6SSIBQGYBQCgBbzQj9jslKSCOMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaHHC_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbujwHaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCgBwGqBwwxNDQ4OTE4ODg2NjS6Bw8IABAAGAAgADAAOLoGQADIB9vzBdIHDQkAAAAAAAAAABAAGADaBwYIABAAGADgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=c3ef6bbb3105370f108c619dbd1fbcadeaf8b984&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=2383648171409735609&vd=ct~0|rr~5&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957787&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8de0f53d-f5c6-404a-b9d0-5ce3f817f408
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 68B8 0
840 B 33ms
18ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK_CvD9PwUAAAMA1gAFAQjf6NKYBhD0gJC8tZzE4gsYjYHql4-bxtEoKjYJAqB-YHxokT8RTveflDYehz8ZAAAAgOtRyD8hROqPkzYTiz8ppRR0e0ljlD8xAAAAQOF6lD8w26_tDDiYUEDKTkgCUJP8-WZYtfKgAWAAaLifwwF40_MFgAEBigEDVVNEkgEDRVVSmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCKAnd1ZignYScsIDQ1MjUzNjIsIDE2NjIzMDEyNzkpO3VmKCdpJywgNDEyNjE2OSwgMTY2MjMwMTI3OSk7dWYoJ2cnLCAxMTQ5Mzg4NyxCOwAwcicsIDIxNTkwNzg1OTY9APQOAZIC_QMheDJUaFZRakZpSTBURUpQOC1XWVlBQ0MxOHFBQk1BQTRBRUFBU01wT1VOdXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRR1I3d3J3NFhxVVA4RUJyMXE3MVFSa2xEX0pBUUFBQUFBQUFQQV8yUUdMR2t6RDhCSHdQLUFCMmV2N0FmVUJDdGVqUEpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBMk5PQURtUy1BQkp1OTJRT0lCSnk5MlFPUUJBQ1lCQUhCQkEBkQkBBHlREaEkQUFBTmdFQVBFRQELCQEwQ0lCYkF2cVFXTEdregm4CDdFRgkcAQFAREJCWHNVcmtmaGVwUV95UVUBFRhBQUFEd1A5MigABFpCEWfwQ1BBXzRBWEhEX0FGXzhPOUJmZ0ZzcHFVQW9JR0EwVlZVb2dHQUpBR0FaZ0dBS0VHZXhTdVItRjZsRC1vQmdTeUJpUUpBAWMJAQBSCQcFAQBaBQYJAQBoCQcBAUBDNEJnby6aApkBIUt4ZDRrZzYBAix0ZktnQVNBQUtBQXgZbRg4NkNVRk5VMVEURUNaTDBtOQUAMT0kBEZrAWYJAQBHHRgARx0YAEgdGBBIZ0FpUREQ8P1Ed1B3Li7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQPMTAwNTgjQU1TMzo2MDY02gQCCAHgBAHwBJP8-WaIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWwogL6BQQIABAAkAYAmAYAuAYAwQYAAAEmKPA_0Aa7M9oGFgoQAQ8uAQBgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4ugZAAMgH0_MF0gcNCRE8ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=bdde42b3ddbb1c76b515da0811789e700d7037a2&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=2383648171409735609&vd=ct~0|rr~5&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957787&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 40559826-25c8-4cdc-a048-ef5cc94da8e1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame B230 0
150 B 46ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=61469100066553001467939012072010&a=925dd11f&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Daabgaam%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUPwURx_nJzGQgjYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAGiOtYQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521LhdKkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjE0OECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MTQ4%2Fbn%3D97180%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:23 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 3FF0 0
150 B 46ms
13ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=59642400066553101467939012072010&a=2c6c8f4b&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dxfnkvhpoaq%26e%3D1957767944024&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FjXHQvsBmkj_28u8-4W-IPwAAAOCjcM0_ROqPkzYTiz-lFHR7SWOUP05HambBkCwVjYD68tgYoyhftBRjAAAAAG_elwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gCJ_gAAAAABAQUCAAAAAOAAhibppQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96722%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:23 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C7BF 22 KB
8 KB 18ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 60E3 106 KB
37 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Origin: https://flashnetic.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 16:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Sep 2022 16:55:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/ Frame 60E3 8 KB
3 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220831/r20110914/elements/html/omrhp.js

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 18 Sep 2022 14:07:31 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 60E3 41 KB
15 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196226
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Sep 2023 07:50:57 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 60E3 27 KB
10 KB 105ms
105ms Script
text/javascript 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?sz=300x250&c=1922545901&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

bf80e080c635437a40cb0ddbd26a59bf1568342bb97958b6df7e25e8f7647ca3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: ZGccaPJ-KxRtPhj8BXeKOSvVGIjAXwkczRt-Xr6QzqivWDBW5nwXDA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 e1a24a9ed80d734d624d11adc2b40ea0.js Show response
s0.2mdn.net/sadbundle/4116114141538100331/ Frame 62AA 76 KB
19 KB 18ms
15ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4116114141538100331/e1a24a9ed80d734d624d11adc2b40ea0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4116114141538100331/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2628cecef6fbcc5bd2bd059e469c3405114850b917f67ff26d50adb632a36984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4116114141538100331/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 07:34:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456439
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19818
x-xss-protection: 0
last-modified: Tue, 24 May 2022 05:37:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 07:34:04 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5E6D 43 B
215 B 180ms
179ms Image
image/gif 2600:1f13:800:7782:2ffd:4913:b6c3:d37a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=5cce56d9-e083-dead-168c-7a649c183f0b&tv=%7Bc:nfU9v6,pingTime:-10,time:1198,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNS4wLjUxOTUuNTIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1662301283067%7C%7C1b1bdb879d68b8fa6bbc415aa8d9238d%7C%7Ca3eeeeb410530a2973f34b9badfd9b71%7C%7C293cafd570151403c75f310bacd0dda8%7C%7C2bacd7b5a515ee59bbb231842658d199%7C%7Cbd978d1819e01f095704e9b9f8bc03b9%7C%7Ccb03162362fe1462d9b57f07f8ae8dce%7C%7C075daac48ac7a40313d9ad02878500ed%7C%7C1629390669,im:%7BpWait:248%7D%7D
Requested by: Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
x-server-name: dt22.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 1709 0
150 B 36ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=50892600066553201467939012072010&a=31e235d0&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Ddyafdikm%26e%3D1834762243861&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAIDrUcg_ROqPkzYTiz-lFHR7SWOUP3QAhFfjEMULjYD68tgYoyhftBRjAAAAANtXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gC4zwAAAAABAQUCAAAAAOAAZSM8LgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521Kxd4kgjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2NECZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY0%2Fbn%3D96723%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:23 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 0f8e3698ba24ee14634af14275093191.js Show response
s0.2mdn.net/sadbundle/6882349452927450974/ Frame CE7C 74 KB
19 KB 16ms
15ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6882349452927450974/0f8e3698ba24ee14634af14275093191.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6882349452927450974/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93e933cda2759567f9067d8cd22f3dc10aca9aa5d69781ec9e3c12cc613f0657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6882349452927450974/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 04:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293437
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19328
x-xss-protection: 0
last-modified: Fri, 08 Jan 2021 20:57:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Sep 2023 04:50:46 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4703 17 KB
6 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:23 GMT

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 31C9 0
150 B 36ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=64787900066553401467939012072010&a=4ffcedcf&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=dr8ahzd60a5l&renderingType=html&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&documentReferer=https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dyfqcmrenshr%26e%3D1534108800930&ancestorOrigins=https%3A%2F%2Fflashnetic.com%2Chttps%3A%2F%2Fearnme.club&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&extVar[]=XR_SSP:10264&extVar[]=XR_DOM_RTB:earnme.club&redirectClick=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FAqB-YHxokT9O95-UNh6HPwAAAKCZmck_ROqPkzYTiz-lFHR7SWOUP3dAqpV0pb9ojYD68tgYoyhftBRjAAAAANdXmwEYKAAASicAAAIAAAATft4MNTkoAAAAAABVU0QARVVSACwB-gAcLgAAAAABAQUCAAAAAOIAYSNJeQAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521MBfWkwjFiI0TEJP8-WYYtfKgASAAKAAxexSuR-F6lD86CUFNUzM6NjA2OUCZL0mLGkzD8BHwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DMTAwNTgjQU1TMzo2MDY5%2Fbn%3D96751%2Fclickenc%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:23 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 8AE4 0
840 B 14ms
14ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK3CvBMNwUAAAMA1gAFAQjf6NKYBhD9sfLYwcmy1gsYjYHql4-bxtEoKjYJ_Knx0k1iUD8RV7ZqMj4nSD8ZAAAAgOtRyD8hV7ZqMj4nSD8p_KkJJPCaMQAAAEDhepQ_MNuv7Qw4mFBApgZIAlDSifWvAVi18qABYABouJ_DAXjn8gWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNjA4MDUyMywgMTY2MjMwMTI3OSk7dWYoJ2knLCA3MzkwNzkzLCAxNjYyMzAxMjc5KTsBHTRnJywgMTgzNjU3NjUsID47ADByJywgMzY4OTE5NzYyNh8A8IuSAvUDIUtWYnVzd2pvNDdRWkVOS0o5YThCR0FBZ3RmS2dBVEFBT0FCQUFFaW1CbERici0wTVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFyQUJBTGtCUVZtaVdVNWlVRF9CQVVGWm9sbE9ZbEFfeVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBY21Nd3dQMUFhekZKemVZQWdDZ0FnQzFBZwEjBEM5CQjwTERBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall3TkRYZ0E1a3ZnQVFBaUFRQWtBUUFtQVFCd1FRAVkJAQhNa0UJCQEBGERZQkFEeEIBCw0BVGlBV2RMNmtGaXhwTXdfQVI4RC14QlENHRRBQUF3UVUBBwkBCE1rRgkJAQEERFIuKAAAMi4oAPA-T0FGWlBBRnhmcmdDUGdGaTVEekFvSUdBMVZUUklnR0FKQUdBWmdHQUtFRzhXamppTFg0NUQ2b0JnR3lCaVFKAV4NAQBSDQgBAQBaAQUNAQBoDQhMQUFBQzRCZ28umgKZASE1QldiMmc6-QFkTFh5b0FFZ0FDZ0FNZkZvNDRpMS1PUS1PZ2w9SRRWQW1TOUoBTwEBCDhEOR15AEIdeQBCHXkEQnABLAkBBEJ4CQgBAUFFWQHw10FBQS7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQNODA2I0FNUzM6NjA0NdoEAggB4AQB8ATSifWvAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAAAEOcNgFAeAFAfAF6_RP-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG-AHaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOLoGQADIB-fyBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=1b59c8cabcf6f5fd1a5f472bdf14ab9b9f61284e&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=2383648171409735609&vd=ct~0|rr~6&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957787&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3d941575-3448-4289-9ae6-0f2caf7cc0d1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 48EF 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H3 200 Bg_728x90.jpg
s0.2mdn.net/sadbundle/7157624420957819130/LR_QMO-759_64698_AWA_L461_Motiv1_CM360_SuperBanner_728x90/images/ Frame 72FB 76 KB
76 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7157624420957819130/LR_QMO-759_64698_AWA_L461_Motiv1_CM360_SuperBanner_728x90/images/Bg_728x90.jpg?1653565212524

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

107f9f42af6971e337620553b79628ed5eddd183ec47de302b8554ed3223b513

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7157624420957819130/LR_QMO-759_64698_AWA_L461_Motiv1_CM360_SuperBanner_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 14:18:04 GMT
x-content-type-options: nosniff
age: 172999
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77947
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 09:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 14:18:04 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame BF8A 0
26 B 55ms
55ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsugSxnxOVl89ngnFL__7YyGeu2aZy60Acqyj-s-De28bVDdxd2Oa4l6f53j1KSuxigvmT9A5rZMX2tWkvApnR8ZZyOfJ6k9flQVl6ItujHqIwNvmPrPoilyjE8EkQiAF7_xLu9SDKi7Lxulf6bhuUvoWNHTIU2K3Iupp6vMkdnpIGVYpsvKXB0olBi2SlidBcPXQTVtqA7vlc-raheskno2D6lJoCOe_jgoihadVVbuPUgB8UyTXTmmlBYlCfSanFy0cBd2X5WaKVGxL3rFgGkIdgKJ3Plq4ALjfvn93hmBf7_WayWle5aBCXALPOwFNy7J9qj1GMjSjjQrZUIVUczpyrn8uwtdyQDrtlLvbss_7kzSA4NceM19e2yZM09SoGeze55DgkvurjOwolESan6YXk4wM-4Uhx1GHRYeGAbE73ey9T4Mt_JVIWx6FTEajB2HtYl8zOZSeSVtjYuxmxIe6s5WSXmksd_qg-k2VU1guTQuehtip2GWP8PPujkhl3rqZF3dgcaCNXmEPhNRCFmdTKWAUCVsWtqZGTTmmuvGt6fFZ-4ffZ3E9ZsWJx6RuGI_hdegkuwFZWZK29mOpoMV9QQfv4gEavLe0OWGtWiFc3oRawoGS8-fiU4w5Dc9ojo2axsyutekLCIT6QtknZz3jJ1CK54a3V9QqQlcbtRT613Wj778VeYbrG_cj-xdKX02js3W5l15Cx6MeRnsR8dyLEKRnkL-tTibzgwsw5nDzOX0c5AlRo5OJPEWOzPbijdabi1TiiboW8omsjBsf_lf9WACqaU0fMsEuJ_ygM0_VGCPgWud37N0YOh4nw61uh6PrHfsuJlnk4iy5kaMauuEj3IZN1uWqKDKvsv-ZkNeVJL-S220tPV1c9z8CzxUoPtyZztfKpojxfiHzoK5ZIhObVwv7hJMV-scVOz4ky7yY7rKXRSzGiqn4N-ej_jV3V3ygunAOC-Go769Z-WKdZQWzPH963p2glxJjVRxNCYL_DuT5VKG6n9dfG8gK56okyXVEhGURvibQ95ZkudDd53z-KTEry9OFrv87RAWW7Q-hv937UpK6L2Gsi49l4R_AP-3bpW0rSxDf42ShDKSkWlOSwZs9qkpUh5xnajs8FAu63jdXw8qvJxDXto9tNHPAEmaOSAg5lUmj5MgKsVbvXAISbxHDFCuP7kJ8Rdk9kW-X5dPIHv7pJ7rmQbuD4juqSyrYnxQ8Y5Z8DJBYzX3gVrKN6GQ6RKCgP-RbhcTnNbQs-WeklvUNmxPimBn5bZ5WKB9ATKsd4rH9A&sai=AMfl-YQfQH3FW77tanfsu5A77yl7tE2ohWXUuc6MmQX5UuEM2BG8Q26ToE2m_NGDcIsibHCkXkaZrOlnDhq2QRwhOaqvbQtjqhij88xu4-eA_86vXCU9hjhVxFYv8CMUobh5iR4BQwhJs2MKZLZuxz0ptR2NqiXLcAyDOWIi3fz3mHk_lGYwPdnRZ3Z5lAYk8LupGys2NXDalymTO5uY2yTohwP2KZGu18s&sig=Cg0ArKJSzEmX27aH_KUwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2760&vt=11&dtpt=1440&dett=3&cstd=1318&cisv=r20220831.26427&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 stage_02_01.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 520 B
558 B 14ms
14ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/stage_02_01.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6006a0a6d560858e75740afdf9aa3d67cf85f357e5b28179be6c00e953a674c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 520
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 stage_02_02.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 518 B
556 B 16ms
15ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/stage_02_02.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273826eb9314fd3865e9c7adffa3cbf1525bc1e70282cacb76d6efd67250c5e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 518
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 stage_02_03.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 518 B
556 B 16ms
16ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/stage_02_03.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec1dd200d55d30ec8ad0f69b4a0f89f7f1edd5516a7dbe2231290ea0c12d1df8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 518
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 stage_02_04.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 516 B
554 B 17ms
16ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/stage_02_04.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c358ea8253e6ef25cd7884c4f41b2a4a90b0cc939aaf30e3ae3bd80a8653939c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 typo_01_1.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 600 B
638 B 17ms
17ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/typo_01_1.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

637fb5bc1e79a5cffc5c03503ee2a5d8a35732fdd77d9983a2dd85beb048e042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 typo_01_2.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 1 KB
1 KB 17ms
17ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/typo_01_2.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b9e8ba46101b855d0019e5462d942c5e209fc404be589d2c96e8057c12d7a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 17:47:49 GMT
x-content-type-options: nosniff
age: 160414
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1100
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 17:47:49 GMT

GET
H3 200 typo_01_3.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 1001 B
1 KB 17ms
17ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/typo_01_3.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f48e0d15e28efb234f8adf1e82e00af623bc31e111588ec5c9d6d6aad3b533b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1001
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 typo_02_1.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 921 B
959 B 17ms
17ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/typo_02_1.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e13b90799f22196ba6eb73bc0ae35fb1ac591db29c060a37babd4fcf1f34efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 921
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 typo_02_2.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 873 B
911 B 18ms
18ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/typo_02_2.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747fe85d8724d1a1118770887b2d61f71fa491b3ee0df7fa6cd228bc9d1b90a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 873
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 typo_02_3.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 851 B
886 B 17ms
17ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/typo_02_3.png

Requested by

Host: 712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
URL: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f3e58cabbf34b393496f42920e374d58c143892f24b19c2ea51c1751a34c52e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 05:04:16 GMT
x-content-type-options: nosniff
age: 206227
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 851
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 05:04:16 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame BEE5 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3EEB 0
747 B 14ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7808f853-41c2-4543-a70e-b6eaed74520e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 stage_02_01.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 520 B
558 B 14ms
14ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/stage_02_01.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6006a0a6d560858e75740afdf9aa3d67cf85f357e5b28179be6c00e953a674c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 520
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 stage_02_02.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 518 B
556 B 14ms
14ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/stage_02_02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273826eb9314fd3865e9c7adffa3cbf1525bc1e70282cacb76d6efd67250c5e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 518
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 stage_02_03.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 518 B
556 B 15ms
15ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/stage_02_03.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec1dd200d55d30ec8ad0f69b4a0f89f7f1edd5516a7dbe2231290ea0c12d1df8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 518
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 stage_02_04.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 516 B
554 B 15ms
15ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/stage_02_04.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c358ea8253e6ef25cd7884c4f41b2a4a90b0cc939aaf30e3ae3bd80a8653939c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 516
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 typo_01_1.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 600 B
638 B 15ms
15ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/typo_01_1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

637fb5bc1e79a5cffc5c03503ee2a5d8a35732fdd77d9983a2dd85beb048e042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 typo_01_2.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 1 KB
1 KB 16ms
15ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/typo_01_2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b9e8ba46101b855d0019e5462d942c5e209fc404be589d2c96e8057c12d7a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 17:47:49 GMT
x-content-type-options: nosniff
age: 160414
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1100
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 17:47:49 GMT

GET
H3 200 typo_01_3.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 1001 B
1 KB 16ms
16ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/typo_01_3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f48e0d15e28efb234f8adf1e82e00af623bc31e111588ec5c9d6d6aad3b533b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1001
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 typo_02_1.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 921 B
959 B 16ms
16ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/typo_02_1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e13b90799f22196ba6eb73bc0ae35fb1ac591db29c060a37babd4fcf1f34efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 921
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 typo_02_2.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 873 B
911 B 17ms
16ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/typo_02_2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747fe85d8724d1a1118770887b2d61f71fa491b3ee0df7fa6cd228bc9d1b90a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 873
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 typo_02_3.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 851 B
886 B 17ms
16ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/typo_02_3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f3e58cabbf34b393496f42920e374d58c143892f24b19c2ea51c1751a34c52e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 05:04:16 GMT
x-content-type-options: nosniff
age: 206227
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 851
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 05:04:16 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 8D4C 0
840 B 14ms
14ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QK0C_BMtAUAAAMA1gAFAQjf6NKYBhCjt9nMls_ypSkYjYHql4-bxtEoKjYJZb0Yyol2ZT8R4s4vSIYVYD8ZAAAA4KNwzT8h4s4vSIYVYD8pZr0JJPCaMQAAAEDhepQ_MO-83ww4mFBAmglIAlDJnvW0AVi18qABYABoif3DAXj-9QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoClgF1ZignYScsIDYwNzg0NzEsIDE2NjIzMDEyNzkpO3VmKCdpJywgNzQwNTIyNiwgMTY2MjMwMTI3OSkFHTBnJywgMTg0NjQ3MTMsQjsAMHMnLCAyNzYzNjczMTVGHwAwcicsIDM3OTQwODIwMTYfAPReAZIC0QQhQW5KUlBRaWN1YnNaRU1tZTliUUJHQUFndGZLZ0FUQUJPQUJBQUVpYUNWRHZ2TjhNV0FCZ2JXZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBcWdCQXJBQkFMa0JYckQ3RGVPS1pUX0JBVU15OFVuV2NtVV95UUVBQUFDZ0NYSHVQOWtCaXhwTXdfQVI4RF9nQWFyOXd3UDFBZGhzVnp5WUFnQ2dBZ0MxQWdBQUFBQzlBZ0FBQUFEQUFnRElBZ0RRQWdEWUFnRGdBZ0RvQWdENEFnR0FBd0dZQXdHaUF3NElfcE8zSkJBRUdBRXRaS2NITzZJREV3am52cWNrRUFvWUFTMU5pSE1fTWdOMWJtdWlBdzRJbU5UNkloQUxHQUl0QUFBQUFMb0RDVUZOVXpNNk5qRXlNdUFEbVMtQUJLdjI1QWlJQktLMjZ3aVFCQUNZQkFUQkJBQUFBQQGoEEFBeVFRCQkBARhOZ0VBUEVFAQsJAVBDSUJlb3ZtQVhUai1TREFha0ZpeHAtDAgteEIdOwh3UVUJMwEBCE1rRgEHHFFGT2QwVF9SLigAADIVKMBEd1AtQUZoZ0x3QmNuXzVnajRCWWVBOHdLQ0JnTkZWVktJQmdTUUJnR1lCZ0NoQmdBAVM0QUFCQkFxQVlFc2dZa0MdgABFHQwARx0MAEkdDDR1QVlLmgKZASFJeFRIbj5VAixMWHlvQUVnQUNnQU0RNVhCQkFPZ2xCVFZNek9qWXhNakpBbVM5SjkFBDlSCZYBAQRCWgEGCQEEQmgJCAEBBEJwAQYJAQRCeAkIAQFBoQRrQgEKAQHw1zhEOC7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOMTE3OCNBTVMzOjYxMjLaBAIIAeAEAfAEyZ71tAGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAUOcNgFAeAFAfAFq_dG-gUECAAQAJAGAJgGALgGAMEGBSIsAPA_0AbgA9oGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEwYACAAMAA4ugZAAMgH_vUF0gcNCRE6ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=f4044244f8036fc0937dfa16964013edda8bbf3e&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=2383648171409735609&vd=ct~0|rr~6&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26730095&cid=3&cr=pv&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 53ef603d-e75f-485f-9fbc-017d18005185
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 46a20774c1da411f51bca4b8ca9b3774.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 2 KB
760 B 14ms
14ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/46a20774c1da411f51bca4b8ca9b3774.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475316d3002b7bf04d39e01825b8443b2748411e616908cbc2a87e49faa1f1ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181654
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 722
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:49 GMT

GET
H3 200 20cd3c9c87a3dcad42074ff89b4391e0.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 8 KB
2 KB 15ms
15ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/20cd3c9c87a3dcad42074ff89b4391e0.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2458
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:48 GMT

GET
H3 200 3212338bb0be0b574ad231e216e32f4c.jpg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 6 KB
6 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/3212338bb0be0b574ad231e216e32f4c.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e01229bbb5b2f75d84278ab92afb8d3613223493bb7f58700b7f26b5bd7c71d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 02:30:30 GMT
x-content-type-options: nosniff
age: 474653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6140
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 02:30:30 GMT

GET
H3 200 ccddd80afeb32369f13a2e1a87086966.png
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 2 KB
2 KB 15ms
14ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/ccddd80afeb32369f13a2e1a87086966.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b78344a18cc46582ecbd6c65057aa0d36c76a8f2d9d23a738eba4a905f27a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 22:06:13 GMT
x-content-type-options: nosniff
age: 490510
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1855
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 22:06:13 GMT

GET
H3 200 1f919b0412977966595ef751686a6826.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 4 KB
1 KB 18ms
14ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/1f919b0412977966595ef751686a6826.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a4ad3d4e23f8037feb38744e17fabeb0c2d3b5714c049d091dfc5f6811280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1396
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:50 GMT

GET
H3 200 16e2073035968668e0268512ee5031a5.jpg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 17 KB
17 KB 19ms
15ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/16e2073035968668e0268512ee5031a5.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfd1106b87f96ff783e71e722d5ea8cd707006bca6b293d2860c20e03cf864e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:30:24 GMT
x-content-type-options: nosniff
age: 337859
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17252
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 16:30:24 GMT

GET
H3 200 i.match
a.tribalfusion.com/ Frame 9CB3 43 B
614 B 209ms
196ms Image
image/gif 2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESENsM9-LxVV1fTiADqRfJzjk&google_cver=1&google_push=AehlK4ANzvsmn0cnUcfTGZUsWZC_Jve42fMxdlLjtE55YAbE-guXoynHxQcsfmfhTIr4eKNhDszeYQWxIMhK7s98r52c0n9AOFxs3A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4ANzvsmn0cnUcfTGZUsWZC_Jve42fMxdlLjtE55YAbE-guXoynHxQcsfmfhTIr4eKNhDszeYQWxIMhK7s98r52c0n9AOFxs3A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
cf-ray: 74575f0c4f669124-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 9CB3 0
191 B 112ms
46ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEIYNkxPDhrMYSb7FH2No980&google_cver=1&google_push=AehlK4CSsQAx7U1qLBUezC1FnsG72HoN1zSA3r5ZCBAiFwtAFNlX2Bkybt4-q0IE2kopUiKKdTOc9uYP7AcQ_aVgVP86qXo7khfxNA
Requested by: Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:22 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9CB3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOPQdTgdnk_0JCtDsVgHUDk&google_cver=1&google_push=AehlK4AVYWyVZ0e6mUmAjiyH0urcEoz0PU9TFIh-1_eMFvNLJkA92YIkAL3YnSvl0d2M5e0mIOF3kLVrH7cRI0...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzOTUyOTY0NjU5Mjc1MTc3MQ%3D%3D&google_push=AehlK4AVYWyVZ0e6mUmAjiyH0urcEoz0PU9TFIh-1_eMFvNLJkA92YIkAL3YnSvl0d2M5e0mIOF3kLVrH7cRI0U6Ad...

170 B
188 B

24ms
23ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzOTUyOTY0NjU5Mjc1MTc3MQ%3D%3D&google_push=AehlK4AVYWyVZ0e6mUmAjiyH0urcEoz0PU9TFIh-1_eMFvNLJkA92YIkAL3YnSvl0d2M5e0mIOF3kLVrH7cRI0U6AdufaJinGiK69w

Requested by

Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEzOTUyOTY0NjU5Mjc1MTc3MQ%3D%3D&google_push=AehlK4AVYWyVZ0e6mUmAjiyH0urcEoz0PU9TFIh-1_eMFvNLJkA92YIkAL3YnSvl0d2M5e0mIOF3kLVrH7cRI0U6AdufaJinGiK69w
Date: Sun, 04 Sep 2022 14:21:23 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9CB3
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEFDxmRJwBUTPy-9Di9Ap-f4&google_cver=1&google_push=AehlK4DaCiF7aFtN7Yn2dDuXBAQnFt2_PJv8yr37_7e3Leka6nvbOFuD3apeponksxW4my_3_SX5YEdeWOQfaGuG963a__8...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4DaCiF7aFtN7Yn2dDuXBAQnFt2_PJv8yr37_7e3Leka6nvbOFuD3apeponksxW4my_3_SX5YEdeWOQfaGuG963a__8ipmpkwQ

170 B
188 B

26ms
25ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4DaCiF7aFtN7Yn2dDuXBAQnFt2_PJv8yr37_7e3Leka6nvbOFuD3apeponksxW4my_3_SX5YEdeWOQfaGuG963a__8ipmpkwQ

Requested by

Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AehlK4DaCiF7aFtN7Yn2dDuXBAQnFt2_PJv8yr37_7e3Leka6nvbOFuD3apeponksxW4my_3_SX5YEdeWOQfaGuG963a__8ipmpkwQ
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 9CB3 0
41 B 14ms
12ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMhRFbgARW8iVYfzOSRzEN8&google_cver=1&google_push=AehlK4BhP0trpFfccDiOBqW0N8Saz1GVYkDZY8CggASiU5hCJGJR_cajfK0VucqITs4wL6fadd-s5X0Q0Ea9KstW8gQcZxzegbbKOQ
Requested by: Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9CB3
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH3mIiRaoUP-GnABcxLg3E8&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH3mIiRaoUP-GnABcxLg3E8&google_hm=YxS0YGLUgret8-FuKMhcmwAABHkAAAAB&google_nid=index&google_push=AehlK4Ckj1Mv7z7IDOkd5jpcW-pGejV9zqC-r...

170 B
188 B

27ms
27ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH3mIiRaoUP-GnABcxLg3E8&google_hm=YxS0YGLUgret8-FuKMhcmwAABHkAAAAB&google_nid=index&google_push=AehlK4Ckj1Mv7z7IDOkd5jpcW-pGejV9zqC-r7KaLe02yB-J1gTZmxdGkM7UKfrT8oCJLaPPC8LM2HJ43ZD8Dav7XQctJz5x6mty3A

Requested by

Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9%2FqcFc%2B%2BhHtwzpOQN5UwiLKeALPqhWqB%2B2O6RevUiImdlEksfN%2BPvEirJ%2BZzFHtHR6BXi%2FISZuD%2BNCEyA6KLWlQJOohMUdu7sNL0G8uRP49bRE5DWp0RbwikPTwfYvRf7AT1jueBMQ%2BuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH3mIiRaoUP-GnABcxLg3E8&google_hm=YxS0YGLUgret8-FuKMhcmwAABHkAAAAB&google_nid=index&google_push=AehlK4Ckj1Mv7z7IDOkd5jpcW-pGejV9zqC-r7KaLe02yB-J1gTZmxdGkM7UKfrT8oCJLaPPC8LM2HJ43ZD8Dav7XQctJz5x6mty3A
cache-control: no-cache
cf-ray: 74575f0c6aab92b4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 9CB3
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEOKG-C1XE3NLek_MWxNH7T8&google_cver=1&google_push=AehlK4DKSgzeUIoxA3nVHwLSQAeUjyzCJ2P-x576VLFH1Ij5o2mfjIAvybPTY6Mgxgnby8dfD1hIY2GdfPe...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AehlK4DKSgzeUIoxA3nVHwLSQAeUjyzCJ2P-x576VLFH1Ij5o2mfjIAvybPTY6Mgxgnby8dfD1hIY2GdfPebTT05cscdeC9aUIONoA
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

15ms
15ms

Image
text/plain

51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 9CB3 0
12 B 22ms
21ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lv2LDMCz7vBsNCibzq5czXQV2y4SYCXTQQsh20qpL9RqIdcVeEYTNiEjtAyIXZvmdBYm_V6A

Requested by

Host: d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
URL: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 03D2 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 54BD 0
35 B 20ms
20ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A3BD 52 KB
17 KB 7ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34365
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321525
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301283.265913,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 633C 281 B
554 B 9ms
7ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame DD58 281 B
554 B 15ms
7ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B623 52 KB
17 KB 7ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34365
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321846
X-Served-By: cache-lga21953-LGA, cache-fra19136-FRA
X-Timer: S1662301283.269112,VS0,VE0

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 7EF3 0
35 B 21ms
21ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 29FC 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufBIKsmhjDMcP0nPJOloR7TtkWI9gfwUSJz9WcEvyFjXe3SfQmdcgAvD2WUNfZOI3MWu99XK7KMR7x5UEUQIbIaOJXfCXpqZY&sig=Cg0ArKJSzEJXRqcdL0c5EAE&id=lidar2&mcvt=1236&p=0,0,250,300&mtos=0,0,1236,1236,1236&tos=0,0,1236,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=0.65&if=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662301278431&rpt=3535&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 068E 281 B
554 B 10ms
9ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 696F 0
35 B 19ms
18ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame EF94 52 KB
17 KB 10ms
9ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34365
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321847
X-Served-By: cache-lga21953-LGA, cache-fra19136-FRA
X-Timer: S1662301283.289206,VS0,VE0

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 2249 0
840 B 14ms
14ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLoCvBMaAUAAAMA1gAFAQjf6NKYBhCtr6SJ8Mq5xy8YjYHql4-bxtEoKjYJDKZh-IiYYj8RP1l0VPW3Wz8ZAAAAoJmZyT8hP1l0VPW3Wz8pDaYJJPCaMQAAAEDhepQ_MNev7Qw4mFBA6j9IAlCWg6yDAVi18qABYABonNzEAXi-8QWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNTI0ODk5MywgMTY2MjMwMTI3OSk7dWYoJ2knLCA1NDgyMTY5LCAxNjYyMzAxMjc5KTsBHTRnJywgMTQwOTAzMzAsID47ABxyJywgMjc1NAE-ADQ2HwDwi5ICpQQhV21lNWhRak93SndYRUphRHJJTUJHQUFndGZLZ0FUQUFPQUJBQUVqcVAxRFhyLTBNV0FCZ2JXZ0FjQUI0QUlBQkFJZ0JBSkFCQVpnQkFhQUJBYWdCQWJBQkFMa0JGOEtRS09HaVlqX0JBUmZDa0NqaG9tSV95UUVBQUFBQUFBRHdQOWtCQUFBBQ50OERfZ0Fibk56Z0wxQVFyWEl6eVlBZ0NnQWdHMUFnASMEQzkJCPBbREFBZ0RJQWdEUUFnRFlBZ0RnQWdEb0FnRDRBZ0dBQXdHWUF3RzZBd2xCVFZNek9qVTVPVFBnQTVrdmdBU1QyOHNGaUFTazI4c0ZrQVFCbUFRQnVnUWFDSVVFRVEBaBxBQUFOQV9HUQEJCQEgSUlMR2l3N0JCCQ8FIAR5UR0hGE5nRUFQRUURH1xBQUNJQmVrdXFRV0xHa3pEOEJId1A3RUYZIGxEQkJYc1Vya2ZoZW9RX3lRVUFBQURnZmg3TlA5MigABFpCEWfwQ1BBXzRBWGpBZkFGMm9EY0J2Z0Y0YV9BQW9JR0ExVlRSSWdHQUpBR0FaZ0dBS0VHZXhTdVItRjZoRC1vQmdTeUJpUUpBGYEAUhkLBEFaHQwAaBkMQEM0QmdvLpoCmQEhTGhVcTd3OikCLExYeW9BRWdBQ2dBTR3NCE9nbD15FE5BbVM5ShFVCDhEOR15AEIdeQBCFXkMMEQ5cBEwDEFBQngdDAg0QUkuMQLwqjgu2AIA4AKbhU7qAhRodHRwczovL2Vhcm5tZS5jbHViL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7bAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTQwqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjgxNzAjQU1TMzo1OTkz2gQCCAHgBAHwBIUwIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBdWoQvoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBugp2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADi6BkAAyAe-8QXSBw0VdgE4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=13102cab4c598f7d45a7a01d270a59eb29e89ca0&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957783&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: a6ebedaa-3b50-4c2e-99dd-de0f0aeb777d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame C7BD 0
840 B 19ms
18ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLmCvBMZgUAAAMA1gAFAQjf6NKYBhDItd-32NzTrjsYjYHql4-bxtEoKjYJVdl3RfC_hT8RgLIdm7o1gD8ZAAAAgOtRyD8hgLIdm7o1gD8pVdkJJPCwMQAAAEDhepQ_MNuv7Qw4mFBA6j9IAlDY4_1-WLXyoAFgAGi4n8MBeNnxBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJ3dWYoJ2EnLCAyOTQwNzkwLCAxNjYyMzAxMjc5KTt1ZignaScsIDQ4MjM5MzEsIDE2NjIzMDEyNzkpO3VmKCdnJywgMTI3MjgyOTAsIDE2NjIzHTswcicsIDI2NjMwMTkxMjY9APQXAZICpQQhRFd2WXF3amFoTlFWRU5qal9YNFlBQ0MxOHFBQk1BQTRBRUFBU09vX1VOdXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRRVM2VkZNYWIyRlA4RUJFdWxSVEdtOWhUX0pBUUFBQUFBQUFQQV8yUUVBQUFBQUFBRHdQLUFCLTdhbUF2VUJ6Y3pNUFpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBeE51QURtUy1BQk96ZnhRU0lCS20yeXdTUUJBR1lCQUc2QkJvSWhRUVJBQUEBmhBBMEQ4WgUJCQEcZ2dzYUxEc0URrRRBMERfSkIJHAUBFDJBUUE4URHZYEFBQUlnRmdDLXBCWXNhVE1Qd0VmQV9zUVUBGgkBGE1FRm1wbVoBAhB1VF9KQgE7HE1EQ0xMc18wLigACE5rRgkxyEFBOERfZ0JhWUk4QVhpNzRnRy1BWDJ2ck1CZ2dZRFZWTkVpQVlBa0FZQm1BWUFvUWFhbQVeMG01UDZnR0JMSUdKQWsRSwhBQUIVywxBQUJrGRgAQx0YRExnR0NnLi6aApkBIUFSY3lsZzYpAix0ZktnQVNBQUtBQXgZzRg4NkNVRk5VMXkQa0NaTDARYQxEd1AxHWEARhEYDEFBQUcRGAxEUVAyHRgASBEYBEFBQXUEaVEREPDXRHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2Vhcm5tZS5jbHViL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7bAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTQwqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjgxNzAjQU1TMzo2MDE22gQCCAHgBAHwBNjj_X6IBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAACQ5w2AUB4AUB8AX3qxn6BQQIABAAkAYAmAYAuAYAwQYJIyjwP9AG6CnaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOLoGQADIB9nxBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=885465d7a57072190e564979457620c9bd7bbf60&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957787&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0e69f291-9fb5-4812-99e7-2e0d6368a336
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 79CB 281 B
554 B 7ms
7ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3D67 52 KB
17 KB 31ms
31ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34365
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321848
X-Served-By: cache-lga21953-LGA, cache-fra19136-FRA
X-Timer: S1662301283.346211,VS0,VE0

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 7D90 0
35 B 20ms
20ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 93BA 88 KB
29 KB 1661ms
1056ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

e9969ec6163fc467674443a6cd06f78cf8d664794d386558db417565e57423d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:24 GMT
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 21:48:59 GMT
server: nginx
etag: W/"630fd74b-16068"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:24 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6D5C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

28ms
27ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:23 GMT
expires: Sun, 04 Sep 2022 14:21:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame F86C 36 KB
16 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 590A 281 B
554 B 7ms
7ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5AC5 52 KB
17 KB 7ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34365
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321849
X-Served-By: cache-lga21953-LGA, cache-fra19136-FRA
X-Timer: S1662301283.368374,VS0,VE0

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 15E4 0
35 B 19ms
18ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame DDAD 0
35 B 18ms
18ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7124 52 KB
17 KB 7ms
6ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321526
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301283.372649,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 8955 281 B
554 B 8ms
7ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 4DB9 0
35 B 19ms
19ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame B804 281 B
554 B 7ms
7ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9BF1 52 KB
17 KB 8ms
6ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321527
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301283.382572,VS0,VE0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5C2B 42 B
64 B 49ms
48ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8VDgItXn5zqGFgI-LdKjNTN3cUDPSyqDtEzw4Ql0pjvTJHiZpNbD61K0FlfVnppV0iD--KCc0XJq7p7VoHMD4i9S_j4SoYHQ&sig=Cg0ArKJSzJAegejUXwABEAE&id=lidar2&mcvt=1239&p=0,0,250,300&mtos=1239,1239,1239,1239,1239&tos=1239,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662301278685&rpt=3416&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3AD2 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3tdANBrGawr473ps2KJQ5LvYvlOidrEmdmjperjnheRbT_q4awD-W2XHXqvq-naKbIirR9Ap8fM9YI2boX3qV33IXsbW6nsg&sig=Cg0ArKJSzFusPkS6VrxGEAE&id=lidar2&mcvt=1242&p=0,0,250,300&mtos=1242,1242,1242,1242,1242&tos=1242,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662301278640&rpt=3415&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 872F 88 KB
29 KB 1426ms
856ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

e9969ec6163fc467674443a6cd06f78cf8d664794d386558db417565e57423d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:24 GMT
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 21:48:59 GMT
server: nginx
etag: W/"630fd74b-16068"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:24 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 789A 52 KB
17 KB 7ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321529
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301283.415919,VS0,VE0

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame A4E2 0
35 B 19ms
19ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F248 281 B
554 B 8ms
8ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 82B3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

34ms
33ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:23 GMT
expires: Sun, 04 Sep 2022 14:21:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame E8CA 36 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame BCF5 0
35 B 20ms
19ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 59D7 52 KB
17 KB 8ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321531
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301283.433223,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A411 281 B
554 B 8ms
8ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 2E9E 0
35 B 19ms
18ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 13AE 52 KB
17 KB 8ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34365
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321850
X-Served-By: cache-lga21953-LGA, cache-fra19136-FRA
X-Timer: S1662301283.437625,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame AA50 281 B
554 B 10ms
10ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame DE0B 52 KB
17 KB 11ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321532
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301283.444870,VS0,VE0

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 488B 0
35 B 25ms
22ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 6697 281 B
554 B 15ms
12ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 61F6 0
35 B 22ms
22ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8728 52 KB
17 KB 7ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34365
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321851
X-Served-By: cache-lga21953-LGA, cache-fra19136-FRA
X-Timer: S1662301283.448845,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 5C65 281 B
554 B 12ms
12ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 3F5A 0
35 B 22ms
22ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3D6C 52 KB
17 KB 9ms
9ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34365
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321853
X-Served-By: cache-lga21953-LGA, cache-fra19136-FRA
X-Timer: S1662301283.468441,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame A140 281 B
554 B 9ms
9ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 9473 281 B
554 B 8ms
8ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FA9D 52 KB
17 KB 8ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321533
X-Served-By: cache-lga21953-LGA, cache-fra19170-FRA
X-Timer: S1662301283.477441,VS0,VE0

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame EBA2 0
35 B 21ms
19ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B7BA 52 KB
17 KB 9ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34365
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321680
X-Served-By: cache-lga21953-LGA, cache-fra19138-FRA
X-Timer: S1662301283.479668,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame FA9A 281 B
554 B 9ms
8ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame E84E 0
35 B 25ms
25ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1793 281 B
554 B 11ms
10ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 5724 0
35 B 19ms
18ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 1DC2 52 KB
17 KB 9ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34365
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321854
X-Served-By: cache-lga21953-LGA, cache-fra19136-FRA
X-Timer: S1662301283.485981,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame FEAF 281 B
554 B 19ms
14ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 311B 52 KB
17 KB 11ms
10ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34365
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321681
X-Served-By: cache-lga21953-LGA, cache-fra19138-FRA
X-Timer: S1662301283.491168,VS0,VE0

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 9F3F 0
35 B 22ms
21ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 1C88 52 KB
17 KB 8ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34365
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321682
X-Served-By: cache-lga21953-LGA, cache-fra19138-FRA
X-Timer: S1662301284.503267,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame B0EC 281 B
554 B 8ms
7ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame DD9B 0
35 B 19ms
19ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2BF9 52 KB
17 KB 10ms
9ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34365
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321855
X-Served-By: cache-lga21953-LGA, cache-fra19136-FRA
X-Timer: S1662301284.507779,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F9E0 281 B
554 B 7ms
7ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame C6F2 0
35 B 18ms
18ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 1f919b0412977966595ef751686a6826.svg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 4 KB
1 KB 16ms
14ms Image
image/svg+xml 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/1f919b0412977966595ef751686a6826.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c24a4ad3d4e23f8037feb38744e17fabeb0c2d3b5714c049d091dfc5f6811280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 11:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1396
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 11:53:50 GMT

GET
H3 200 16e2073035968668e0268512ee5031a5.jpg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 17 KB
17 KB 17ms
15ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/16e2073035968668e0268512ee5031a5.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfd1106b87f96ff783e71e722d5ea8cd707006bca6b293d2860c20e03cf864e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:30:24 GMT
x-content-type-options: nosniff
age: 337859
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17252
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 16:30:24 GMT

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 6BDB 0
35 B 19ms
19ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B51F 52 KB
17 KB 9ms
9ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34365
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321856
X-Served-By: cache-lga21953-LGA, cache-fra19136-FRA
X-Timer: S1662301284.522438,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F9F4 281 B
554 B 16ms
15ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2A39 0
747 B 14ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 05f7fb4c-8bed-4350-8e32-df7960d01412
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1C10 281 B
554 B 8ms
7ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 6980 0
35 B 25ms
24ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame DBDE 52 KB
17 KB 7ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34365
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321857
X-Served-By: cache-lga21953-LGA, cache-fra19136-FRA
X-Timer: S1662301284.536576,VS0,VE0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BE5B 0
747 B 33ms
33ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:23 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 738fc08f-d5a0-449f-8c1e-6a69465a64ad
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AC7A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

28ms
27ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:23 GMT
expires: Sun, 04 Sep 2022 14:21:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:23 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 9682 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5FF0 52 KB
17 KB 7ms
7ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321858
X-Served-By: cache-lga21953-LGA, cache-fra19136-FRA
X-Timer: S1662301284.578501,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame FCEF 281 B
554 B 8ms
8ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 9C8E 0
35 B 20ms
20ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8F06 52 KB
17 KB 7ms
6ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321860
X-Served-By: cache-lga21953-LGA, cache-fra19136-FRA
X-Timer: S1662301284.600250,VS0,VE0

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 8038 0
35 B 21ms
21ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 04 Sep 2022 14:21:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 34DE 281 B
554 B 7ms
7ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 04 Sep 2022 14:21:23 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 0143 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 22C9 36 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H3 200 LR_Logo.png
s0.2mdn.net/sadbundle/7157624420957819130/LR_QMO-759_64698_AWA_L461_Motiv1_CM360_SuperBanner_728x90/images/ Frame 72FB 17 KB
17 KB 15ms
15ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7157624420957819130/LR_QMO-759_64698_AWA_L461_Motiv1_CM360_SuperBanner_728x90/images/LR_Logo.png?1653565212524

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c129de4ca6a81fa546be49e4e916ac53a75016043574edf197af18b16daeb54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7157624420957819130/LR_QMO-759_64698_AWA_L461_Motiv1_CM360_SuperBanner_728x90/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Fri, 02 Sep 2022 14:18:04 GMT
x-content-type-options: nosniff
age: 172999
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17485
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 09:23:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Sep 2023 14:18:04 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 451F 88 KB
29 KB 857ms
617ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

e9969ec6163fc467674443a6cd06f78cf8d664794d386558db417565e57423d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:24 GMT
content-encoding: gzip
last-modified: Wed, 31 Aug 2022 21:48:59 GMT
server: nginx
etag: W/"630fd74b-16068"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:24 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame B0F1 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 07F6 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
BLOB 200
OK 5a601b4d-91ee-4284-84e6-91228a0a5e89
https://flashnetic.com/ Frame E2B2 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://flashnetic.com/5a601b4d-91ee-4284-84e6-91228a0a5e89
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=khwcukop&e=1957767944024
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

GET
H3 200 typo_02_4.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 954 B
992 B 15ms
15ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/typo_02_4.png

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c97965206d0fc1ee1766e554de0e6e5184fc91f0a20d706b91826f2ea7fd42af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 954
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 typo_03.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame D8E2 2 KB
2 KB 16ms
16ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/typo_03.png

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a86c94bc7276039ac50a7210a71e52c6bf8ae0894c7a255f84a3444c04da28b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2225
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

POST
H/1.1 200
OK postback Show response
s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/ Frame 312C 0
145 B 32ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/postback?dt=2255451533761563475000&di=https%3A%2F%2Fearnme.club%2F&md=1&gt=DE&c1=ams3&c2=0&ti=3389830757012732483&pv=35ba5be0-24f5-4a06-81f4-628fd2410efb&ac=11493887&cr=215907859&ci=225545&ui=2928211502789460109&sr=10264&pp=2180927&to=3&pc=26730095&pd=avt&ap=&de=2&dm=300x250&cb=1186271738&sid=AX3pSZ8QEeV9kQZs&oz_sc=943bd6bae59cd1052b5f9918&oz_df=1662301283423&oz_l=4218&cv=3
Requested by: Host: s.update.ib.adnxs.net
URL: https://s.update.ib.adnxs.net/2/2.67.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 04 Sep 2022 14:21:23 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 698A 0
150 B 36ms
13ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=14829200066555301649441012072010&a=0a2b8470&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=474e4a8f4447D6NEqpObTyZkVQZ1HYZ3pmA3HYA0zHIe4vGCyxGBiPel20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=65059300066552001467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp14nt9hfjdlipsp%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:23 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 64C6 0
150 B 36ms
13ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=81767300066555401649441012072010&a=4919e104&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=adf7c6b5ceceKORReRtnH2DwfjNQfjFQZ0HwA1DoFIg0mAiHGgbxYk20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=38291500066552101467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpl48wjso8pzrvht%3Ftprde%3D&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:23 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 typo_02_4.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 954 B
992 B 14ms
14ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/typo_02_4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c97965206d0fc1ee1766e554de0e6e5184fc91f0a20d706b91826f2ea7fd42af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 954
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

GET
H3 200 typo_03.png
s0.2mdn.net/sadbundle/8046125171027209125/ Frame 1130 2 KB
2 KB 14ms
14ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8046125171027209125/typo_03.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a86c94bc7276039ac50a7210a71e52c6bf8ae0894c7a255f84a3444c04da28b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8046125171027209125/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 14:41:06 GMT
x-content-type-options: nosniff
age: 344417
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2225
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 12:21:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 14:41:06 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 43D4 0
26 B 52ms
51ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssz-3WOtknsglXoH_QKy7RaVXtGTj8jp799vfjG0TN0cu6L70YlgiN-egdnXDuetIEiJuMY_kgAGSWaUUjSsZPYaFYz6dSR8Uc9gS_VkDWcLCXojpBK4QXCn-y7TnNJW8diIUqTYxRJ7Ep1_XTkMOOB6NIhB7OWwLBwBs7Mj2z5eXhXnUxwF9IYVZo_hQ2ecsOUhENHTmy3XrWDdRDKfn9TP7GZ7pKM5ssZ247ZMU_DbQCdPp17W9HnOZFZ_HRK6FgY5UM2XMHZZc2fsEWR_d7vXOMtHaRUjhxYlyCoJPZwqFLkMA-iYdcTWuCGpMPo27qI1KIUa59K0J7bmmZBnBUzwmg-VUD_aRppKmFFD4vQOm3npNBpraYN2xooauGkE0HWvYFaHgZHFSHjPPk_Lo3_11nSD80XsTbN0JKNiUIhIg-yPxpV8DVpGv5fOhLhS90V9wF83sgGeX8NcmblVpIXN8jQeRT9cB51kEYFkD_SqqPeue5B0Zz_TIJFtaxVfV8jMDR6ROYPlXnxi6ys_NAAGJGHpUV4QTEH3BINUya_sFb1d-BC3xA7mVYaa7IwhaVORt15BKkTJxBpP2Lp7I1PWGtGD7Y2dkYcHJi87UCfRRTaQIFEuvv6Z5Q443QRu1NpaUFwGxHhkyCQ8XcyEBXa_BP0xeMYdcFB6V2n084yfr6lWEluD_L2b46ChjfGEbkBQEA8MK5JzkDoC7B9UKKIi0-MOMhcNP0SjV5_25GT2dY8fkISpKvnSyGS4HEHuxsIiIjAwWFk5tVIvrRjWOHxwhafsIYI07ZbsR2rI181USQ7rQiMNAAlMqP0s0t_M8E5JfbHQivSVXIEzk5Xb6UiwtBz7hAhGeZWmXIGxhwcJnGG7SskMrj-w6f9ON9sjvy55LA-ViDNutZl7lHeFgsy1s8EpJ3My-jhA3wot4_cGy8xmnGgXEKJcbE8mp2sWCpipU2MhYh6ogQ17zGflI0mSJQ-60ZbVuosD5JwTzqdaCyqppfnYDzHAC0tuXEQPa4kNUZAB8x3wplZLRoV_NGmnPajnzArBWpHj9w6lOXMAXZIcF3ycCcj2jQ6AeWlq8fqN8X7bcBTu60Bqtr3097PyO959_Mjzo0hHUHWuRUhRv3xVv-P0lyHK8F9aXraIcY4V1kyWM6jH69EKep5_ysE6S0_EOQ8RMoUJileegdfpvBzNAWXiClVUf6CUw&sai=AMfl-YTgcujmmgW2FzbJaF-SSyZCEVvmCcUuZBjWXj5kq3NCszkobEppjeXaRJMtfsUJmagDVTtms_AXXkhgLHMqhI-u1vQaXTFsqPB0f-919shYKP2jkQAMJp3Jrue2Bx_TXlhGGTJoK758BXplxvO6d2XUVNB57yZb-Q7ymiA3X_EcmXuc1GjvikWRJQ-aZN-HYt6lTorzfjliqsCT3xgzwaqKl7MEoI4Rs-DAvLEaoQk4P_J2YsVzauq0OXZ71Y6b89ZLaeXnfL7r8oes-RRHPDDkxa9VN7Fh-YkbpTg&sig=Cg0ArKJSzIqyy_dA38IkEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3490&vt=11&dtpt=2715&dett=3&cstd=773&cisv=r20220831.46936&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame FEF5 0
150 B 37ms
14ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=18038400066555601649441012072010&a=e4056189&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=1115e44546182O02gRtnH2DwfjNQfjFQZ0HwA1DoFE90Ghvvmg8Pml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=37787700066552701467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpdhy0vsgeo2osnp%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:23 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame F0CA 0
150 B 37ms
13ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=48487700066555701649441012072010&a=a75c92f9&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=60d2a4a60c30SPH4gRtnHlRwZjHGgjpmA3pGg0DoFE9PmC7FGd8Zml20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=10480400066552501467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp0kz5cq9vyno49h%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:23 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 2808 0
150 B 35ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=39536800066556001649441012072010&a=26e29525&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=0c5a64f00551j7CRYrNdEMQAlPQZjPYAjDGA2HQgWI1mAkRFC5RGj20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=61469100066553001467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp0wpsq0atmt01rl%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 5B01 0
150 B 35ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=54264600066556101649441012072010&a=7cecb39a&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=616649953d598IDnroNdEWGZlNGA1PmA3pmA1FQgWI1YZu8XVmllXi0ej20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=59642400066553101467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fpra7js7vbzy6012%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame D39A 0
150 B 36ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=38808200066556201649441012072010&a=03ed6a51&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=8792da03ba34LORJdRtnIlNmgjVGZlLmZ3Rwg0DoFI9pmXwHGCuXGk20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=50892600066553201467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fp9qi2g7umd8uy8z%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 633C 31 KB
10 KB 7ms
7ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H/1.1 200
OK viewability Show response
ad10.ad-srv.net/ Frame 92E0 0
150 B 35ms
12ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad10.ad-srv.net/viewability?s=43127800066556401649441012072010&a=88a869f3&vb=v
Requested by: Host: ad.ad-srv.net
URL: https://ad.ad-srv.net/request.php?zone=zi2oae67mtw4&renderingType=html&extVar[]=DOUBLEBORDER:1&extVar[]=ANIM_AFTER_30S:0&envData=416001b9e73a0THg7UtnH2DwfjNQfjFQZ0HwA1DoFEgvmb48Fg4pGdj0ej20fCapXWQ9YDiLXhqVW4ynhyzp-cREbyNAazmYIqmYbRoAaRQPMTj1bRivmCm0lfV_YX_FYByxmYOy0IW9wA38FJ_xlfxHlCmvFV300CT9v1dvmXtfG1xFVxFXbbfIeTNr&subid=64787900066553401467939012072010&redirectClick=https%3A%2F%2Fad10.ad-srv.net%2Fc%2Fphz41rhwbol80qk%3Ftprde%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 Nagold, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ad.ad-srv.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DD58 31 KB
10 KB 8ms
7ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 068E 31 KB
10 KB 8ms
7ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H2 200 ca Show response
choices.truste.com/ Frame 60E3 28 KB
9 KB 102ms
102ms Script
text/javascript 143.204.215.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=25307397&js=st0

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-67.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

9a0ff2822ee7554f715e835db9a2a2d1de6d9dac316861f11d723a5a8f49d767

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA53-C1
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
content-length: 8032
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: Tub-QdOh8JAz3flQ4sAH3OnIFfcVni23F6dOSwoq5-q6LoNRrrl5dg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 60E3 142 KB
44 KB 120ms
119ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44792
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661945761880069"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:24 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2119161566907429117/ Frame 229F 17 KB
5 KB 74ms
73ms Document
text/html 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2119161566907429117/index.html

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd89e2e971b3f946c2e0c3f53d2dcce1b29bc4c1e65abd30b653ccff4afb5d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 506945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4626
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 29 Aug 2022 17:32:19 GMT
expires: Tue, 29 Aug 2023 17:32:19 GMT
last-modified: Sun, 22 May 2022 13:14:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 60E3 0
26 B 51ms
50ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHpC91DgVS8J64B_ojbS79VSZsLeUrauC074IpZkDhbmr9vXwYNTcFZmlO_ZGGtUgHRNIdinD2akHiHdJo1RWo0wl0T1u73Bcr9S5RZbbD0lm_MKQhrVaWYt9ajDQ1KLUMQPMr1Z_BP9VYVZOfetuWXnA&sig=Cg0ArKJSzFoO4fdOfzIuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1139&cbvp=1&cstd=1137&cisv=r20220831.95068&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 dcm
beacon.sojern.com/imp/ Frame 60E3 42 B
56 B 19ms
19ms Image
image/gif 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.sojern.com/imp/dcm?auc=8744289642907626095&io=${INSERTION_ORDER_ID}&li=${CAMPAIGN_ID}&cr=275446379&io=${INSERTION_ORDER_ID}&seg=${PIXEL_ID_COMMA}&src=${SOURCE_URL}&ord=%c
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hfbtdeatv&e=1534108800930
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:24 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
vary: Accept-Encoding
content-type: image/gif

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 79CB 31 KB
10 KB 8ms
7ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4040 13 KB
5 KB 17ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4543
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 13:05:41 GMT
expires: Mon, 04 Sep 2023 13:05:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B8B6 783 B
535 B 24ms
24ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c6f53a46d6b541a39ca63d7119e4a832a243c8d6967f4da1292e2ccc5682c2a7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m7xS7Vgyzh-uwKKTYTqKNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-m7xS7Vgyzh-uwKKTYTqKNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:24 GMT
expires: Sun, 04 Sep 2022 14:21:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 590A 31 KB
10 KB 8ms
7ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 8955 31 KB
10 KB 8ms
8ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B804 31 KB
10 KB 8ms
7ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame FC38 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F248 31 KB
10 KB 10ms
8ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5A1F 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszq_F8zEOiLOwzLIhbLy5w8y03M_oEmaMXaR21smznulJRDWC9lci7YqVeYrS-i6X2asw_8yVBVzpBURomAwBay5J5FIW6qXT8vK1G8EeJ2cj848_0JAm-VTZiyUMBp79U2_so6g&sig=Cg0ArKJSzMDF1rtmveMcEAE&cid=CAASF-RoLyZ5oWqESTbDR2SoVQdKGzkIQejQ&id=lidar2&mcvt=1502&p=0,0,250,300&mtos=1502,1502,1502,1502,1502&tos=1502,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2765304807&rs=5&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662301280042&rpt=2628&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D5FB 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrdbu19kUo_uhxmSizQmYFQReFd6tYJsN6f3oqx0BWZsnEWYrDNsavLdWTKJqTE3EJY6K9uEAlXDgnyZXz3VnSh8aPiBNotlpgrf6BjtLkEkEvhCEoHN2_7471gEP8xapGUo36Pg&sig=Cg0ArKJSzADnUaKkltFREAE&cid=CAASF-RoLu_T33OAR0tf_fBISO_eBIG4xW5r&id=lidar2&mcvt=1503&p=0,0,250,300&mtos=1503,1503,1503,1503,1503&tos=1503,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2765304807&rs=5&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662301280050&rpt=2657&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A411 31 KB
10 KB 9ms
8ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AA50 31 KB
10 KB 12ms
12ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 6697 31 KB
10 KB 9ms
9ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5C65 31 KB
10 KB 11ms
7ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 28D4 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulZKgrovmnngNjg1b9vGtbJR4r0Gb4yw31hDC9H9k90tNSTGqRZKRS6CpdZ7A41_ZIzYDR5Wu8MRJZfhyOMvQJ-BH6IN80ancVao5MMEzE-XAWT8GQFwjNF8GR8RvBavpuppb8nA&sig=Cg0ArKJSzMdLZS83ORwzEAE&cid=CAASF-RoS-5scEF4puBFAyuHSirlYGCFU2-I&id=lidar2&mcvt=1391&p=0,0,250,300&mtos=1391,1391,1391,1391,1391&tos=1391,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2765304807&rs=5&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662301280237&rpt=2538&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame A140 31 KB
10 KB 8ms
7ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9473 31 KB
10 KB 9ms
9ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FA9A 31 KB
10 KB 18ms
18ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1793 31 KB
10 KB 8ms
8ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FEAF 31 KB
10 KB 10ms
10ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B0EC 31 KB
10 KB 8ms
7ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F9E0 31 KB
10 KB 8ms
7ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 448F 52 KB
17 KB 8ms
8ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927
Requested by: Host: flashnetic.com
URL: https://flashnetic.com/r/p.html?f=hfbtdeatv&e=1534108800930
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34366
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Sun, 04 Sep 2022 14:21:24 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 321868
X-Served-By: cache-lga21953-LGA, cache-fra19136-FRA
X-Timer: S1662301284.336663,VS0,VE0

GET
H/1.1 200
OK rd_log Show response
ams3-ib.adnxs.com/ Frame 60E3 0
819 B 13ms
13ms Script
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QKdDfBMnQYAAAMA1gAFAQjf6NKYBhDv1IvVnaP9rHkYjYHql4-bxtEoKjYJBcB4Bg39Yz8RqYnZql_LXT8ZAAAAoJmZyT8hqYnZql_LXT8pBcAJJPCaMQAAAEDhepQ_MNev7Qw4mFBA6j9IAlDr9KuDAVi18qABYABonNzEAXjs8wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNTI0ODk2MCwgMTY2MjMwMTI3OSk7dWYoJ2knLCA1NDgyMTAyLCAxNjYyMzAxMjc5KTsBHTRnJywgMTQwOTAyODQsID47ADByJywgMjc1NDQ2Mzc5Nh8A8IuSAqUEIU8ycXA0QWlod0p3WEVPdjBxNE1CR0FBZ3RmS2dBVEFBT0FCQUFFanFQMURYci0wTVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCbzQ1djRlVHlZel9CQWFPT2ItSGs4bU1feVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBZmJNemdMMUFRclhJenlZQWdDZ0FnRzFBZwEjBEM5CQjwW0RBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall3TmpYZ0E1a3ZnQVRXMk1zRmlBU1Qyc3NGa0FRQm1BUUJ1Z1FhQ0lVRUVRAWgcQUFBTkFfR1EBCQkBIElJTEdpdzdCQgkPBSAEeVEdIRhOZ0VBUEVFER9cQUFDSUJiRXZxUVdMR2t6RDhCSHdQN0VGGSBAREJCWHNVcmtmaGVvUV95UVUBNBhnaEN2UFA5MigABFpCEWfwQ1BBXzRBWDBBZkFGcklEY0J2Z0Z3S19BQW9JR0ExVlRSSWdHQUpBR0FaZ0dBS0VHZXhTdVItRjZoRC1vQmdTeUJpUUpBGYEAUhkLBEFaHQwAaBkMPEM0QmdvLpoCmQEhdlJXSks-KQIsTFh5b0FFZ0FDZ0FNHc0IT2dsPXkUVkFtUzlKEVUIOEQ5HXkAQh15AEIVeQwwRDlwETAMQUFCeB0MCDRBSS4xArg4LtgCAOACm4VO6gIUaHR0cHM6Ly9lYXJubWUuY2x1Yi_yAhEKBkFEVl9JRBIHNWlhHPICEgoGQ1BHARQACHE7GPICCgoFQ1ABFDgBMPICDQoIQURWX0ZSRVEREBxSRU1fVVNFUgUQABEJIDxDT0RFEgU1ODQ0NPICIwoIAVYFFBgXMDBrM3AwAQEMdXk2dQHbLF9kZV8w8gILCgdDUAklHADyAhAKBUlPAXUEBzVp4RjyAh0KB0lPCSEMEjAwNg1GYHhiSVhnQUFN8gITCg9DVVNUT01fTU9ERUwBPRQA8gIaChYyFgAgTEVBRl9OQU1FAR0IHgoaNh0ACEFTVAE-EElGSUVEASEcDQoIU1BMSVQBTfCLATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AO2wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjE0MKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA44MTcwI0FNUzM6NjA2NdoEAggB4AQB8ASlZSCIBQGYBQCgBf8RARgBwAUAyQUABQEU8D_SBQkJBQt8AAAA2AUB4AUB8AWbpkL6BQQIABAAkAYAmAYAuAYAwQYBITAAAPA_0AboKdoGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEgYACAAMAA4ugZAAMgH7PMF0gcNFXYBOAjaBwYJJ2jgBwDqBwIIAPAHwvwDiggCEACVCAAAgD-YCAE.&s=e860a7825c10f8ce2d4e8032f9d198dfe9396bdb&bdref=https%3A%2F%2Fearnme.club%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fearnme.club%2F,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dhfbtdeatv%26e%3D1534108800930,https%3A%2F%2Fflashnetic.com%2Fr%2Fp.html%3Ff%3Dhfbtdeatv%26e%3D1534108800930&

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: fa3b8a48-696b-477c-b679-1496940c7aaa
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A3BD 0
747 B 16ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: b9a31fd0-40dc-4ae5-9c55-67c8de666948
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 526B 0
26 B 52ms
51ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvlIX_QMtlNXatkwvAcZSUxD-NB8N0ORligkUOw-WBwjWLj_uvSSOX6mBMtwhPGR9iiGbPksRT8eDeDriJv0tAMDbAU9t2LX_z0IWP8nm46th6wpy61Dsmx1X3kB7TSvc2z4yFbz4qEWVlALRmWNGgnOUDya90BKSDDj0s_XCNhcb1BdfzjjfQ0vhdNu4wRzpb1zu1YeuISnih-kv5w_6v0MZAXG-FVnTKJGZ7i1Wa3Br_jKnsknzErixrZ30vzH30350hPoTt34AQLU3sGGp6FLhqbBF0ntfE1NgHh9eYmn1R2QU_eeNIA6BTdpqJ1EBYfCTna_FEOrWpnb1ZSnZTDDboMXv1ss9jyB5_oTU-Xar6z8r5rA5j-0vnE6iv2tZY1fCeDmCfAJXldv1P4RD_TgKuEqAOHIKlpn60lGAikgT3WJ6zDDaHxlkPkDsGntr9Ano5N4LAu4m3Kvr-IkKjRDn_2TwFHWS3e8PZMYdBrYQqiD1I4Yc2hOCvh8XOII6xnP7oMgg9Hdp7jIIm7J4D2u4PshDS-LW01pKe5K2lLcKgoB3aHJIbTKt5ThUh6blTQeM7HVU-tgoVIDlLSJJ_ytH3QOlJfomSZgg4No6fguFJqD7N9diQO1QqpoCnL8SgQuTv8nhZ72lIjXXyDicURufka2FNXs7m3IfsVVhXHeE3P-mS9JcuFzZMETKRqIW2Ak0ArWCDvFKM0py9yWHiaVebFK3wZyqaVOZTzNKq_plOaFf4IqDbZs6yQVrnOmVxlA571cHc6i_oIXhfwdlVeLgBuHwrrM7KNBWYqAwEPRxpEoQGPl5TgGupq4uNu5vWssy718OLNrGhSCjoUQHn6KMBXGpGM7OE_sS0Ockm9pJEj0NdTkSLWsGC4S5f7f-EfylMUWk_4RaivwleR_z_CM4XRwsErOyuuhvM3wImv8Tv6mlIRpczwpVjwRUhlnpWRcOzpKs2kakrAasQagzeVwe6vgpQP05hAZRMT1sIzDbissYR0l0YHeb7A9kb0335WRqvkZjk-SSjLcSYnMSpASJtrPs5TDJ8H0oYfpokTej_iYGZtMJI1V8NZflflB7QWQS2ucUEUoLIUSdNC-XPf4iOiXhZAyWv5tEEdU9AgEs3MFl7UFM4dpIjK1XnCwuwu5luvuwwpWRJCKSi1ZJCVkX4MbbDZ7EeYdKG5257IJte-GnVgc97B3uqJNg&sai=AMfl-YS2jA1Suls5NnyIUW3i0lpMZDUIIe-qVwsd_6r94FVoN1WACS-Lag0awao1qrdrometE7q1-LUd1N9j66-H8bhwYwTm75zd-J9NbYR58hD9mKazPl2N66Neqr6TJYSs274pmwWwgY8u3JvDb3IWV7aY3FZRuKgRB5KYaMN2aKAmGNpQdzAbhtZB1EEeIQDt662BvPNXSOjXkZy5oEMY9MNEtaq5VVQWBpPnf44Y1wBCdLLGUQ6f6AoqQQatldsk071nVZkeICCRhMtSPdvst1q85qUJIsCZF9Sjz0A&sig=Cg0ArKJSzKiPoZ96cWHoEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3777&vt=11&dtpt=2831&dett=3&cstd=944&cisv=r20220831.62634&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F9F4 31 KB
10 KB 13ms
11ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1C10 31 KB
10 KB 14ms
14ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B623 0
747 B 15ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 909798a1-03b1-4011-8e88-5942e3e3af5f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame EF94 0
747 B 13ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: aa0b6a8d-3fe9-4344-a162-639a2ba21731
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FCEF 31 KB
10 KB 10ms
10ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

GET
H3 200 user_uploaded_playfair_display_400_normal.ttf
s0.2mdn.net/sadbundle/4116114141538100331/fonts/ Frame 62AA 231 KB
106 KB 16ms
15ms Font
font/ttf 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4116114141538100331/fonts/user_uploaded_playfair_display_400_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4116114141538100331/e1a24a9ed80d734d624d11adc2b40ea0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17e6c4698298ec2bc9fe8f5bf7bc120607ae6d0a357c96e4436d7e69c7747601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4116114141538100331/index.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108595
x-xss-protection: 0
last-modified: Tue, 24 May 2022 05:37:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Sep 2023 14:19:23 GMT

GET
H3 200 d971f674b488c628cb4e1aab4361c314.png
s0.2mdn.net/sadbundle/4116114141538100331/media/ Frame 62AA 7 KB
7 KB 19ms
17ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4116114141538100331/media/d971f674b488c628cb4e1aab4361c314.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4116114141538100331/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c391f607106472f6c850287a3db8908f71fb4b0908b3c4ff8febd90110d4a8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4116114141538100331/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 07:34:04 GMT
x-content-type-options: nosniff
age: 456440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6704
x-xss-protection: 0
last-modified: Tue, 24 May 2022 05:37:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 07:34:04 GMT

GET
H3 200 c3a7c1a94db388cf008b697b444a9339.jpg
s0.2mdn.net/sadbundle/4116114141538100331/media/ Frame 62AA 27 KB
27 KB 20ms
18ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4116114141538100331/media/c3a7c1a94db388cf008b697b444a9339.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4116114141538100331/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1fcba40ff3b73142e94c02f11139e7f7791f7f4d8a014f33c1eec8a83a23292

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4116114141538100331/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 23:35:32 GMT
x-content-type-options: nosniff
age: 485152
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28085
x-xss-protection: 0
last-modified: Tue, 24 May 2022 05:37:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 23:35:32 GMT

GET
H3 200 63b6c332bbec8ae8a1a8a4714454b0d3.jpg
s0.2mdn.net/sadbundle/4116114141538100331/media/ Frame 62AA 22 KB
22 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4116114141538100331/media/63b6c332bbec8ae8a1a8a4714454b0d3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4116114141538100331/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cd56a9561b65e00b4da7b4db9d108c1139a66f366d38403db75ebad6190bee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4116114141538100331/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 11:09:57 GMT
x-content-type-options: nosniff
age: 443487
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22816
x-xss-protection: 0
last-modified: Tue, 24 May 2022 05:37:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 11:09:57 GMT

GET
H3 200 ef6312edc97c16a818e160e2fa70dbac.jpg
s0.2mdn.net/sadbundle/4116114141538100331/media/ Frame 62AA 14 KB
14 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4116114141538100331/media/ef6312edc97c16a818e160e2fa70dbac.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4116114141538100331/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f0be0504789765af0a9f8cf06583f487d612a99a773a7c67a0a157fad99812e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4116114141538100331/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 02:24:34 GMT
x-content-type-options: nosniff
age: 302210
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14709
x-xss-protection: 0
last-modified: Tue, 24 May 2022 05:37:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Sep 2023 02:24:34 GMT

GET
H3 200 3e57f6ce04e635e46efa42503e10d39f.png
s0.2mdn.net/sadbundle/4116114141538100331/media/ Frame 62AA 3 KB
3 KB 20ms
20ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4116114141538100331/media/3e57f6ce04e635e46efa42503e10d39f.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4116114141538100331/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00e2a551104177e260c6fd92c837ced982a7817bc7e7d574f163342e503fd53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4116114141538100331/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 04:39:24 GMT
x-content-type-options: nosniff
age: 294120
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3415
x-xss-protection: 0
last-modified: Tue, 24 May 2022 05:37:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Sep 2023 04:39:24 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 34DE 31 KB
10 KB 13ms
12ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Sun, 04 Sep 2022 14:21:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12536
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9378
Expires: Sun, 04 Sep 2022 17:50:20 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5E6D 0
26 B 53ms
53ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvD-ta1B3XhnpELr34zc8U93RipzKQTbLeG2-5czCVfy6q-l6HgCDRcx9jcLNyu0zbUNmvxbDtpeTq3NK7_bvBZ5tSZwkm1iSacPnVO25t9v0cyczVj5EUI12II6gQLR4_mt3pVKZOUo3yI_aokE7Q-7OgixxW7kxUIHkU0OYYr_CUWivSSsDNpd_DFgDwdYHTjsMAW8vD4iBQ7ZBdPohQSSh3T5nihqtu2aArhxUrKqNwQ75ORT5FTaDwJJjq2ichOpFX76uKlEI3cwxF4pq8yYVTUDi2Aiwje_8yjNqjpKbZBplvPBWRGkkfCjFiGh2a8pafE1SNSIEM_hBCNKlkGedziSoz1Dkxdt4M8hhzKJ4_-Qv4DNe2PvN8Ep0Mgn1QpwUm-a4aj-DgkUH7roJROQVF-ESQCfxmd6CyVOqa-We2P1VS_iJII7-1TDSJjKkqbxYfW6D7TlzcQfvBD-Yhd3JMtRlGeFytE49xlH-K0-By8Cz_TZvogU3DqJEEtknHFSZZQ7-YZNL2vkD_SZY1uXJdgS27ycHCJu7iHQ3xBxl-pI1LuAvgJK91mrxQhKuvClI-4dZRMpoZJDZbsoOvCn-J0DJIr2p1ilxMvACOY-lyrZvDgl9l_pH0EQlv7AhtkijpgUpKrglS0yPIe5FY7GFHzIVj5MI5WGx9rw6zO1yMEt-aiNZ-FD1pPA9rRCaF0IGmNUScdr1bi5UGnor9K1SsxhdRepd4IxGZfppeqDZrisrDDRE6hu9VnNRLQuffjAvFzt4QUU81bgcogZYIx5KGCsGpN0QNKaFXa481r5pjWe-l0-vSQl3aJRqp3vcuHW-KahiO6r5ka3AcGi7Y-P3ilqZT20dN7xW9TFJHWtVaTRrIr4E-uJ_Mqn2OUbSKrW1H7mfHCzO4WH-PdJRaRGARQ7QkW9OVNzGEMYhsETJazHBD73-dTAh5YQSwqGi9DqPgTtPg2yoIxFjhI9WkoggYtSO66JRQTEwKwXBLE-Qm9EiEbPscEJCnU70-5hwfFXLL3aZ2rmD0FadfqbDEMU0ewlemALrExm-CsD0jXDhT8c7Qsp9_UmqrY0PaVyW63CGvFzsBIMcl-TS8kuq2F3m4Ogo0wGFVy_ktgWpzFfLSwUwFUdsWAmI01cJxwhTHdj31g4Anfhr48eCPIVvDhxnneFLpNhC2PFTbNfW5v2RLiAnLwDuzozRWxfIVMKtk9hftWd3hiCobwSwNSL6ZYEspZEEun9PkF2yo&sai=AMfl-YTwkHGH-5fapaYtTga9tkmlOPpSCwcYz32fz1M94sRrsTR_OfYytP-reD13DnCdZVMhKyoRcYq14XAg_Y4Xzky3lc7cX8-__PuWRSNRVIwPZ083A0rWEpZEtveHswTUEptmYQT3LLo3kCQ0Jlw_kGlCzUoXHtCr5BNoBmDL4EGS5AFuFdTrKc4RVsBUANWbg014AIcW-HV-Y0_zqBh3pA&sig=Cg0ArKJSzMKTuQ6GmsXCEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3411&vt=11&dtpt=2036&dett=3&cstd=1370&cisv=r20220831.85866&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3D67 0
747 B 16ms
16ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7b3f5724-09a7-49c4-b611-420e5ce27d00
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CE7C 4 KB
651 B 24ms
23ms Stylesheet
text/css 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:700|Source+Sans+Pro:400

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6882349452927450974/0f8e3698ba24ee14634af14275093191.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 14:21:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 14:21:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 14:21:24 GMT

GET
H3 200 e0c5fb72c8b3a7c15be2d94c3cfb8ca3.jpg
s0.2mdn.net/sadbundle/6882349452927450974/media/ Frame CE7C 16 KB
16 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6882349452927450974/media/e0c5fb72c8b3a7c15be2d94c3cfb8ca3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6882349452927450974/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3c55bd4ed6177b4da7320f4b8d86b2f8b653971be7057221ffd1275f224a04d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6882349452927450974/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 08:01:11 GMT
x-content-type-options: nosniff
age: 282013
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16729
x-xss-protection: 0
last-modified: Fri, 08 Jan 2021 20:57:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Sep 2023 08:01:11 GMT

GET
H3 200 a760199520a607d6dc8afcca5768e1d6.jpg
s0.2mdn.net/sadbundle/6882349452927450974/media/ Frame CE7C 20 KB
20 KB 16ms
16ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6882349452927450974/media/a760199520a607d6dc8afcca5768e1d6.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6882349452927450974/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e9bea5c4b3bc0e1835864819ca5013b7b30457b5fc70f6e25d38d7ae2bc91f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6882349452927450974/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 08:41:46 GMT
x-content-type-options: nosniff
age: 452378
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20278
x-xss-protection: 0
last-modified: Fri, 08 Jan 2021 20:57:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 08:41:46 GMT

GET
H3 200 f2e4ec9404aef069eb1b1d02bb86fb1c.jpg
s0.2mdn.net/sadbundle/6882349452927450974/media/ Frame CE7C 8 KB
8 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6882349452927450974/media/f2e4ec9404aef069eb1b1d02bb86fb1c.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6882349452927450974/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd48ba910f937c3a25fff2e8c4f919638004c12649dbc9a3f01338e2e43ddc9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6882349452927450974/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 15:29:10 GMT
x-content-type-options: nosniff
age: 341534
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8242
x-xss-protection: 0
last-modified: Fri, 08 Jan 2021 20:57:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 15:29:10 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5AC5 0
747 B 16ms
16ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7600834b-e43a-4bee-9162-240685b1ee6f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7124 0
747 B 65ms
65ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 57e91979-ef35-4026-a72f-610e86651119
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9BF1 0
747 B 13ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: be84d0de-9f44-44a2-8c11-7b723bb96258
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 789A 0
747 B 14ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 12789520-0498-4092-ad10-b3acf6df23d9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 59D7 0
747 B 14ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 12b2f01d-0ad9-4bd8-8307-96b18445f0bd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 13AE 0
747 B 14ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4fd7cdda-c07b-4422-8fe0-4889096f05ed
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DE0B 0
747 B 13ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5f26846c-ad97-4f1a-9bc8-7d19a4069494
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8728 0
747 B 13ms
12ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 535f5578-e5cf-4320-a43f-b6ea5c404fd2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3D6C 0
747 B 16ms
16ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e3315f38-f03b-4603-bf78-c16a9088c742
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FA9D 0
747 B 14ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: ec401b56-8e9b-4dae-9545-bab2608729f8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B7BA 0
747 B 14ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 26da2b57-f8b5-403f-9caa-305ca2aad161
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1DC2 0
747 B 15ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1fb82e57-14f9-4649-bdb2-833a40dbc3a9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 311B 0
747 B 16ms
16ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0b2b2b01-044b-47a2-9188-b7c0d3ff9e6c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1C88 0
747 B 15ms
15ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: fb2607a9-7077-4265-8ed6-e0cdccf5bdc9
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2BF9 0
747 B 13ms
12ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c3480207-649c-4382-8ef0-b5bb23189ae4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F8E 36 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2606 22 KB
8 KB 15ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 196227
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 07:50:57 GMT
expires: Sat, 02 Sep 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame F897 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B51F 0
747 B 15ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 73d4e413-9854-4ba0-a9c0-e0f7b67046fc
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame C7BF 36 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DBDE 0
747 B 15ms
15ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c92d3555-d7a2-40ba-83e0-f99f34c72023
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5FF0 0
747 B 13ms
12ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6b6ad19e-566e-4362-945a-40e8b4a23937
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8F06 0
747 B 22ms
22ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e864107e-9816-465b-bd30-24d834da15a2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 90E9 7 KB
6 KB 56ms
56ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e4fe7d22bcc670c10b30e762a6719c9734fda5cef60ba4d021354c31c03a380

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5647
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF8A 43 B
215 B 186ms
185ms Image
image/gif 2600:1f13:800:7782:2ffd:4913:b6c3:d37a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1127614&asId=ee64977a-7d66-d271-f929-fbee132e10df&tv=%7Bc:nfU9Yf,pingTime:1,time:3559,type:p,im:%7Bpci:%7Btdr:1791%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:28%7D,%7Br:r,w:728,h:90,t:627%7D,%7Bpiv:100,vs:i,r:,t:2141%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1419,o:2141,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2137~0,0~100%5D,as:%5B622~0.0,1515~728.90%5D%7D%7D,%7Bsl:i,t:2141,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1418~100%5D,as:%5B1418~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:724,fm:tgtwLOY+11%7C121.886862-62195780%7C1211%7C122%7C123%7C1311%7C1411%7C1412%7C1511%7C1512%7C1611%7C1612%7C1711%7C1712%7C1811%7C1911%7C1912%7C1a11%7C1b11%7C1b12%7C1b2%7C1b3%7C1c11%7C1c12%7C1d11%7C1d12%7C1e11%7C1e12%7C1f11%7C1f12%7C1g11%7C1g12%7C1h1%7C1i1%7C1j11%7C1j2%7C1j3%7C1k1%7C1l11%7C1m11%7C1m12%7C1n11%7C1n12%7C1o11%7C1p11%7C1p12%7C1q11%7C1q12%7C1r11%7C1s%7C1t*.1127614-65017073%7C1t1%7C1u1%7C1u2%7C1v1%7C1v2%7C1w%7C1x1%7C1y1%7C1y2%7C1z%7C1101%7C11111%7C112%7C113%7C114%7C115%7C116,idMap:1t*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:24 GMT
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF8A 43 B
215 B 180ms
180ms Image
image/gif 2600:1f13:800:7782:2ffd:4913:b6c3:d37a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1127614&asId=ee64977a-7d66-d271-f929-fbee132e10df&tv=%7Bc:nfU9Yg,pingTime:1,time:3560,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:28%7D,%7Br:r,w:728,h:90,t:627%7D,%7Bpiv:100,vs:i,r:,t:2141%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1419,o:2141,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2137~0,0~100%5D,as:%5B622~0.0,1515~728.90%5D%7D%7D,%7Bsl:i,t:2141,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1418~100%5D,as:%5B1418~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:724,fm:tgtwLOY+11%7C121.886862-62195780%7C1211%7C122%7C123%7C1311%7C1411%7C1412%7C1511%7C1512%7C1611%7C1612%7C1711%7C1712%7C1811%7C1911%7C1912%7C1a11%7C1b11%7C1b12%7C1b2%7C1b3%7C1c11%7C1c12%7C1d11%7C1d12%7C1e11%7C1e12%7C1f11%7C1f12%7C1g11%7C1g12%7C1h1%7C1i1%7C1j11%7C1j2%7C1j3%7C1k1%7C1l11%7C1m11%7C1m12%7C1n11%7C1n12%7C1o11%7C1p11%7C1p12%7C1q11%7C1q12%7C1r11%7C1s%7C1t*.1127614-65017073%7C1t1%7C1u1%7C1u2%7C1v1%7C1v2%7C1w%7C1x1%7C1y1%7C1y2%7C1z%7C1101%7C11111%7C112%7C113%7C114%7C115%7C116,idMap:1t*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:24 GMT
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 95f64f401d73cea85f42c769d9515121.js Show response
s0.2mdn.net/sadbundle/2119161566907429117/ Frame 229F 75 KB
19 KB 15ms
15ms Script
application/x-javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2119161566907429117/95f64f401d73cea85f42c769d9515121.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2119161566907429117/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c064be50f74674d0e56f5b57f606503143ab3f679e9094e2d6718ae5947e1f64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2119161566907429117/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 08:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540653
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19472
x-xss-protection: 0
last-modified: Sun, 22 May 2022 13:14:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 08:10:31 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2A39 0
747 B 13ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8a6bae46-d73d-4c5d-9e94-8a8f234b377d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame BE5B 0
747 B 16ms
15ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: a39c91a6-04eb-4fc6-9b3b-69043d2faa76
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame C7BD 0
840 B 17ms
16ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLmCvBMZgUAAAMA1gAFAQjf6NKYBhDItd-32NzTrjsYjYHql4-bxtEoKjYJVdl3RfC_hT8RgLIdm7o1gD8ZAAAAgOtRyD8hgLIdm7o1gD8pVdkJJPCwMQAAAEDhepQ_MNuv7Qw4mFBA6j9IAlDY4_1-WLXyoAFgAGi4n8MBeNnxBYABAYoBA1VTRJIBA0VVUpgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJ3dWYoJ2EnLCAyOTQwNzkwLCAxNjYyMzAxMjc5KTt1ZignaScsIDQ4MjM5MzEsIDE2NjIzMDEyNzkpO3VmKCdnJywgMTI3MjgyOTAsIDE2NjIzHTswcicsIDI2NjMwMTkxMjY9APQXAZICpQQhRFd2WXF3amFoTlFWRU5qal9YNFlBQ0MxOHFBQk1BQTRBRUFBU09vX1VOdXY3UXhZQUdCdGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRRVM2VkZNYWIyRlA4RUJFdWxSVEdtOWhUX0pBUUFBQUFBQUFQQV8yUUVBQUFBQUFBRHdQLUFCLTdhbUF2VUJ6Y3pNUFpnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FZQURBWmdEQWJvRENVRk5Vek02TmpBeE51QURtUy1BQk96ZnhRU0lCS20yeXdTUUJBR1lCQUc2QkJvSWhRUVJBQUEBmhBBMEQ4WgUJCQEcZ2dzYUxEc0URrRRBMERfSkIJHAUBFDJBUUE4URHZYEFBQUlnRmdDLXBCWXNhVE1Qd0VmQV9zUVUBGgkBGE1FRm1wbVoBAhB1VF9KQgE7HE1EQ0xMc18wLigACE5rRgkxyEFBOERfZ0JhWUk4QVhpNzRnRy1BWDJ2ck1CZ2dZRFZWTkVpQVlBa0FZQm1BWUFvUWFhbQVeMG01UDZnR0JMSUdKQWsRSwhBQUIVywxBQUJrGRgAQx0YRExnR0NnLi6aApkBIUFSY3lsZzYpAix0ZktnQVNBQUtBQXgZzRg4NkNVRk5VMXkQa0NaTDARYQxEd1AxHWEARhEYDEFBQUcRGAxEUVAyHRgASBEYBEFBQXUEaVEREPDXRHdQdy4u2AIA4AKbhU7qAhRodHRwczovL2Vhcm5tZS5jbHViL4ADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYA7bAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTQwqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAEAMgEANIEDjgxNzAjQU1TMzo2MDE22gQCCAHgBAHwBNjj_X6IBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAACQ5w2AUB4AUB8AX3qxn6BQQIABAAkAYAmAYAuAYAwQYJIyjwP9AG6CnaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhMGAAgADAAOLoGQADIB9nxBdIHDQkROgE4CNoHBgknaOAHAOoHAggA8AfC_AOKCAIQAJUIAACAP5gIAQ..&s=885465d7a57072190e564979457620c9bd7bbf60&type=pv&jm=1003&px=0&py=0&bw=300&bh=250&sf=1&sid=2383648171409735609&vd=ct~0|rr~5&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957787&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:24 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c838e8b5-0d2d-4048-8770-9bee4ce84e8a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/ Frame 312C 0
145 B 32ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/postback?dt=2255451533761563475000&di=https%3A%2F%2Fearnme.club%2F&md=1&gt=DE&c1=ams3&c2=0&ti=3389830757012732483&pv=35ba5be0-24f5-4a06-81f4-628fd2410efb&ac=11493887&cr=215907859&ci=225545&ui=2928211502789460109&sr=10264&pp=2180927&to=3&pc=26730095&pd=avt&ap=&de=2&dm=300x250&cb=1186271738&sid=AX3pSZ8QEeV9kQZs&oz_sc=943bd6bae59cd1052b5f9918&oz_df=1662301284647&oz_l=215&cv=3
Requested by: Host: s.update.ib.adnxs.net
URL: https://s.update.ib.adnxs.net/2/2.67.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 04 Sep 2022 14:21:24 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame CE7C 13 KB
13 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:700|Source+Sans+Pro:400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 327303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 19:26:22 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame CE7C 13 KB
13 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:700|Source+Sans+Pro:400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 327303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Aug 2023 19:26:22 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 90E9 17 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:25 GMT

GET
H3 200 skyblue.png_1650378740125_skyblue.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d4acf923678c6222aa94/original/ Frame 90E9 2 KB
2 KB 15ms
14ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d4acf923678c6222aa94/original/skyblue.png_1650378740125_skyblue.png

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

802a0ac9c835c0add64067c222d71b52bff0f5cfaafe4b673b1875a68ffaabb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 08:00:07 GMT
x-content-type-options: nosniff
age: 109278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2050
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 08:00:07 GMT

GET
H3 200 Pool-Boy_NoSmile_Ret_72dpi_290_37_0.78.jpeg_1652778014080_Pool-Boy_NoSmile_Ret_72dpi_290_37_0.78.jpeg
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/627516dad8cd7ef2f7d5875e/original/ Frame 90E9 25 KB
25 KB 20ms
18ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/627516dad8cd7ef2f7d5875e/original/Pool-Boy_NoSmile_Ret_72dpi_290_37_0.78.jpeg_1652778014080_Pool-Boy_NoSmile_Ret_72dpi_290_37_0.78.jpeg

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8295848601a45fc6ff78a90ac4d35396851ea4411b76a06feeb357ec99a37bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 08:00:11 GMT
x-content-type-options: nosniff
age: 109274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25127
x-xss-protection: 0
last-modified: Tue, 17 May 2022 09:00:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 08:00:11 GMT

GET
H3 200 gradient.png_1650378740125_gradient.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d3c7f923674455229a97/original/ Frame 90E9 2 KB
2 KB 19ms
17ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d3c7f923674455229a97/original/gradient.png_1650378740125_gradient.png

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64ab062a2a4d62d22170dd14c4a3a566632d1ebf476ab80d27c7c81901209e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 08:00:07 GMT
x-content-type-options: nosniff
age: 109278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2035
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 08:00:07 GMT

GET
H3 200 baseGradient.png_1650378740125_baseGradient.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d498f923672aa622aa07/original/ Frame 90E9 3 KB
3 KB 21ms
19ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d498f923672aa622aa07/original/baseGradient.png_1650378740125_baseGradient.png

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e16d841b1486b5bd9c69a543084e0f558463ad9bd7ffd8791301367f8a849a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 08:45:25 GMT
x-content-type-options: nosniff
age: 452160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3232
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 08:45:25 GMT

GET
H3 200 blank.png_1650378740125_blank.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/ Frame 90E9 91 B
124 B 21ms
20ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/blank.png_1650378740125_blank.png

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 08:00:03 GMT
x-content-type-options: nosniff
age: 109282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 08:00:03 GMT

GET
H3 200 icon1.png_1650378740125_icon1.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 90E9 7 KB
7 KB 20ms
18ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/icon1.png_1650378740125_icon1.png

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 08:00:07 GMT
x-content-type-options: nosniff
age: 109278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7071
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 08:00:07 GMT

GET
H3 200 icon2.png_1650378740125_icon2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 90E9 6 KB
6 KB 24ms
22ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 08:00:07 GMT
x-content-type-options: nosniff
age: 109278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5901
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 08:00:07 GMT

GET
H3 200 icon3.png_1650378740125_icon3.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 90E9 6 KB
6 KB 24ms
23ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 05:00:09 GMT
x-content-type-options: nosniff
age: 465676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6126
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 05:00:09 GMT

GET
H3 200 logo.png_1650378740125_logo.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 90E9 3 KB
3 KB 22ms
21ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 08:00:07 GMT
x-content-type-options: nosniff
age: 109278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3423
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 08:00:07 GMT

GET
H3 200 logo2.png_1650378740125_logo2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/6169b2fafb3919768fcc6857/content/ Frame 90E9 2 KB
2 KB 22ms
21ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 08:00:07 GMT
x-content-type-options: nosniff
age: 109278
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1701
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Sep 2023 08:00:07 GMT

GET
H3 200 blank_-149_-124_1.00.png_1650378740125_blank_-149_-124_1.00.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61813780cac5bddaebde1d40/original/ Frame 90E9 2 KB
2 KB 21ms
20ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/61813780cac5bddaebde1d40/original/blank_-149_-124_1.00.png_1650378740125_blank_-149_-124_1.00.png

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d38edfdaff5a3e6cfcccd26f9eed468207f91adf8833e2dd28e8660035492ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=Egi2vSH9Br&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 08:48:02 GMT
x-content-type-options: nosniff
age: 452003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1923
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Aug 2023 08:48:02 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E416 0
12 B 14ms
13ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?tGWMfQ
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 448F 0
747 B 14ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 81d6fc45-827a-4909-a107-bdedbc5f7042
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams3-ib.adnxs.com/ Frame 60E3 0
840 B 13ms
13ms Ping
text/html 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fearnme.club%2F&e=wqT_3QLoCvBMaAUAAAMA1gAFAQjf6NKYBhDv1IvVnaP9rHkYjYHql4-bxtEoKjYJBcB4Bg39Yz8RqYnZql_LXT8ZAAAAoJmZyT8hqYnZql_LXT8pBcAJJPCaMQAAAEDhepQ_MNev7Qw4mFBA6j9IAlDr9KuDAVi18qABYABonNzEAXjs8wWAAQGKAQNVU0SSAQNFVVKYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNTI0ODk2MCwgMTY2MjMwMTI3OSk7dWYoJ2knLCA1NDgyMTAyLCAxNjYyMzAxMjc5KTsBHTRnJywgMTQwOTAyODQsID47ADByJywgMjc1NDQ2Mzc5Nh8A8IuSAqUEIU8ycXA0QWlod0p3WEVPdjBxNE1CR0FBZ3RmS2dBVEFBT0FCQUFFanFQMURYci0wTVdBQmdiV2dBY0FCNEFJQUJBSWdCQUpBQkFaZ0JBYUFCQWFnQkFiQUJBTGtCbzQ1djRlVHlZel9CQWFPT2ItSGs4bU1feVFFQUFBQUFBQUR3UDlrQkFBQQUOdDhEX2dBZmJNemdMMUFRclhJenlZQWdDZ0FnRzFBZwEjBEM5CQjwW0RBQWdESUFnRFFBZ0RZQWdEZ0FnRG9BZ0Q0QWdHQUF3R1lBd0c2QXdsQlRWTXpPall3TmpYZ0E1a3ZnQVRXMk1zRmlBU1Qyc3NGa0FRQm1BUUJ1Z1FhQ0lVRUVRAWgcQUFBTkFfR1EBCQkBIElJTEdpdzdCQgkPBSAEeVEdIRhOZ0VBUEVFER9cQUFDSUJiRXZxUVdMR2t6RDhCSHdQN0VGGSBAREJCWHNVcmtmaGVvUV95UVUBNBhnaEN2UFA5MigABFpCEWfwQ1BBXzRBWDBBZkFGcklEY0J2Z0Z3S19BQW9JR0ExVlRSSWdHQUpBR0FaZ0dBS0VHZXhTdVItRjZoRC1vQmdTeUJpUUpBGYEAUhkLBEFaHQwAaBkMPEM0QmdvLpoCmQEhdlJXSks-KQIsTFh5b0FFZ0FDZ0FNHc0IT2dsPXkUVkFtUzlKEVUIOEQ5HXkAQh15AEIVeQwwRDlwETAMQUFCeB0MCDRBSS4xAvCqOC7YAgDgApuFTuoCFGh0dHBzOi8vZWFybm1lLmNsdWIvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDtsDEAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xNDCoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwAQAyAQA0gQOODE3MCNBTVMzOjYwNjXaBAIIAeAEAfAEhTAgiAUBmAUAoAX_EQEYAcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFm6ZC-gUECAAQAJAGAJgGALgGAMEGASEwAADwP9AG6CnaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAOLoGQADIB-zzBdIHDRV2ATgI2gcGCSdo4AcA6gcCCADwB8L8A4oIAhAAlQgAAIA_mAgB&s=cb61d9dbad0ca2de8d25da3807c710e9a5fa29c2&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=2383648171409735609&vd=ct~0|rr~0&sv=227&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=26957783&sw=1600&sh=1200&pw=300&ph=250&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/227/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8e1b13e2-0432-430b-8a09-fb5830b8ebbd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://flashnetic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2249 0
26 B 49ms
49ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvRY_kl_N7BimXtJSxh6MJPQ_yYp6_8G4OLxYHXqCZaYFaQ_RLrQMwxg7Xk5-nkDUEQ3baQIiQtgz3GM7MWRDGtpsheCeIP3yzE3Kbl4P9PFdyt7XtPMZADvpWndsVogDJyUvU9PMo4CX_b-QCQMmPy4BY&sig=Cg0ArKJSzH4zQcheh98hEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3370&vt=11&dtpt=2686&dett=3&cstd=683&cisv=r20220831.92662&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 285ms
95ms XHR
text/plain 52.204.142.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?r=earnme.club&sn=&ic=0&tgt=0&app=&wi=640&he=361&test=&d36=6.2.52&apppkg=&fv=3&proto=https&clsid=8a35840e-149f-4355-b3b3-c7de62379153&rando=71
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.142.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-142-233.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnme.club/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 04 Sep 2022 14:21:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C7BD 0
26 B 51ms
50ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssccTRCCBncj38vpqC5OSbKTCTN_mq6OCsgDJNwP4rMK9oYhjH3KhfmgjkplNPslzyc5L0bCqzbz3jnggHbHyYXBTpTattcadkTUXiL2YOn2TVoQW7BwgR3VBm0U_vZ2gTnH_gQI-dThafKip-3TEfjAs4&sig=Cg0ArKJSzI3NQkpY9q5qEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3369&vt=11&dtpt=2687&dett=3&cstd=680&cisv=r20220831.89304&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4A2B 0
12 B 14ms
14ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Z9v6aw
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5B4B 0
12 B 14ms
14ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?YgTzVQ
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C7BD 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQXXyQ9Pbn1hU6wXz90KcTqrFb7K1qWTCIHnDk0_DI7rqklNL4Ps9NvhWi_gvwlsvKqVi14aVPkgnus6LdMpET8bXG7HVB&sig=Cg0ArKJSzOZ67BEugac2EAE&id=lidar2&mcvt=1129&p=0,0,250,300&mtos=1129,1129,1129,1129,1129&tos=1129,0,0,0,0&v=20220831&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=3062143102&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1662301278671&rpt=5470&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B8B6 0
0 47ms
47ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220831&jk=68508337944220&rc=
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A3BD 0
747 B 14ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: cf2691fb-35a4-4ea8-9445-140dcfeae248
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B623 0
747 B 21ms
21ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: fe8ab4ba-b655-47d8-a519-4f20a6ff5fe7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame EF94 0
747 B 13ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1f5e600e-2e91-41b8-9e95-840fb174b99b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3D67 0
747 B 25ms
25ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 12f54521-b447-4a5b-8700-310ec558e54f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5AC5 0
747 B 13ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: bc6c0aa0-9f4b-4db5-9262-89d95bd5c2ef
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7124 0
747 B 14ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f9d2953e-ec81-4c60-972f-a113e1da6595
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ctrack
track1.avplayer.com/ 0
70 B 92ms
91ms Image
text/plain 52.21.172.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=7&e=cply&cb=1662301285679
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.172.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-172-125.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A9B 36 KB
16 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 9BF1 0
747 B 14ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f3d98490-4264-4601-8e34-688f6e048fae
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 789A 0
747 B 13ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 12ce44da-118c-44e0-b640-3f8fbcc01e73
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 229F 3 KB
509 B 21ms
20ms Stylesheet
text/css 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display:700|Playfair+Display:400

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2119161566907429117/95f64f401d73cea85f42c769d9515121.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

73d2d9664745fbb23bc1ec6e64d7c74a173c9a08f4f7be614b3a9f5c434b14a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Sep 2022 14:21:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 04 Sep 2022 14:21:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Sep 2022 14:21:25 GMT

GET
H3 200 793b03dfc67a0efab56403b9c41c44d9.jpg
s0.2mdn.net/sadbundle/2119161566907429117/media/ Frame 229F 45 KB
45 KB 17ms
17ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2119161566907429117/media/793b03dfc67a0efab56403b9c41c44d9.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2119161566907429117/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ae2ac5caf41e12b2dd1ddf575dc4baccf3e0db1a374a65ae847ede23659e65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2119161566907429117/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 22:07:11 GMT
x-content-type-options: nosniff
age: 490454
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45609
x-xss-protection: 0
last-modified: Sun, 22 May 2022 13:14:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 29 Aug 2023 22:07:11 GMT

GET
H3 200 1c9c3e5e0dccd0d549854df4e9e7f6ad.jpg
s0.2mdn.net/sadbundle/2119161566907429117/media/ Frame 229F 45 KB
45 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2119161566907429117/media/1c9c3e5e0dccd0d549854df4e9e7f6ad.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2119161566907429117/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

823c562de715fb23643c27016827043b39394e6dd6332fb701bd2bac513ddb06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2119161566907429117/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 08:02:47 GMT
x-content-type-options: nosniff
age: 454718
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45969
x-xss-protection: 0
last-modified: Sun, 22 May 2022 13:14:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 08:02:47 GMT

GET
H3 200 e7846a1ed03c66e66fa916e4ac509d81.jpg
s0.2mdn.net/sadbundle/2119161566907429117/media/ Frame 229F 33 KB
33 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2119161566907429117/media/e7846a1ed03c66e66fa916e4ac509d81.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2119161566907429117/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1de2906dcfd9c90adb74051bc57e09912767ee818ff2a3e603a3f5c36daf31d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2119161566907429117/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 05:00:35 GMT
x-content-type-options: nosniff
age: 292850
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33929
x-xss-protection: 0
last-modified: Sun, 22 May 2022 13:14:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 01 Sep 2023 05:00:35 GMT

GET
H3 200 1295a6b2bca0cbc37eedab03294356a3.png
s0.2mdn.net/sadbundle/2119161566907429117/media/ Frame 229F 3 KB
4 KB 16ms
16ms Image
image/png 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2119161566907429117/media/1295a6b2bca0cbc37eedab03294356a3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2119161566907429117/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd7b1d65cca997ddd5f2d1fd32e01a3b3627c0215695159d6c918d91906a91ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2119161566907429117/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Tue, 30 Aug 2022 03:59:10 GMT
x-content-type-options: nosniff
age: 469335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3546
x-xss-protection: 0
last-modified: Sun, 22 May 2022 13:14:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 30 Aug 2023 03:59:10 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 59D7 0
747 B 14ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: d3a627c3-4b4a-4676-a688-605061ce4ba0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2606 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 13AE 0
747 B 15ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: a353ae7f-8f33-44f1-98ae-1bfb69c58175
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DE0B 0
747 B 13ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9b3f387e-ab95-49af-bd69-78d741ba9ea0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8728 0
747 B 14ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: fe35090c-921b-45e3-91ee-8d17d0cdc75a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3D6C 0
747 B 14ms
13ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 39682e39-bdfc-4083-94c4-d219cf23ed7e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FA9D 0
747 B 14ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 541334b2-90a6-4164-b07a-f8cbced385a3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B7BA 0
747 B 25ms
24ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: fdd9e07a-eb35-41e3-95b8-f9687d7ea35b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1DC2 0
747 B 15ms
15ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: dc637057-5f7e-4e94-a307-809dcd6fa8bb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 311B 0
747 B 18ms
18ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: fce896a3-7d1a-44ad-94e3-924e18f331fa
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 4040 36 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1C88 0
747 B 24ms
24ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3aeec134-c5fe-44e6-8b3f-51e3a43c1076
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2BF9 0
747 B 23ms
22ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0df47891-621a-4d59-88a7-5e159cf17196
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B51F 0
747 B 13ms
12ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c6adcbe9-0b7e-4c9b-8f85-410bf58bdd06
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ctrack
track1.avplayer.com/ 0
70 B 91ms
91ms Image
text/plain 52.21.172.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=7&e=cres&cb=1662301285822
Requested by: Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.172.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-172-125.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:25 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame DBDE 0
747 B 13ms
12ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 69d337cd-08e0-48b3-acb0-952e9c3ad398
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5FF0 0
747 B 28ms
28ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0fb254f8-7e9e-4247-b544-d7a57aaeab6e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8F06 0
747 B 23ms
23ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:25 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3d2924f1-27e3-4e42-b52e-e202e862a10b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ Frame 229F 35 KB
35 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:700|Playfair+Display:400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 21:06:55 GMT
x-content-type-options: nosniff
age: 494070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35764
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 21:06:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 764B 0
28 B 50ms
50ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXKJjXbQUY9i7OOHH3gPq-oTABAAAAAA4AeAEAg&bg=!qKulq-_NAAZTikH4c4o7ACkAdvg8Wq9km_W3ByOjEoGthQNflaVgjzHO3-4ZzUU84gnNLiVkMMPrIwIAAAo2UgAAAAJoAQcKAFkpj-zD3NH29otdb0iRo4qf7d0k1GniE_mQEB_OeYjVC2YhLhtBs8K-i9bvU9MgihfYotl0ot1vZEJt_RadFrqQrkMDQOWZmNdeCLDWbLh6G35lT9VOfy2Bq5kC98OA-ZpN7jip2JbLqmbbmagPmz9ahiJOtN6WRBUGUL75rnf-jvx0UWcGtwYK579iSoJk9WppTY9SIZDcw3-BurI2HUnAZS7jCpXcrTJcNP2a4u5miqrY1N8BiUMD1MMgFHE7RaYG4buw7nkOITQ_zzigoNwjqpCCJceSDxOlbZcFlxNZ44L-JDxiH1uav_ShlJKbc-JRq5qsup017h7FI9uzgdsJgyjKNvRAh2tBYr0AkxscJhqMsEXnKs438Nkm9kQjjvODoAkf-crys0bXdtpJWLX9IXI_gOXr1r7QBzvomU8CfewqWdUFGn7ND6G50N2pA5KhwihBkFAkAYLmCVnNrsiY4XUjGVx2hFEDu-pNTGEFi7SqC3adTdmbQIszgwT9PM7nmF_rjmV55P2KGgjR0_c6_CHkax13VnaY6Z5Skqck55G_MjupNqyOtbwAYWh4JwUnlYrrkYVe6TvPcyS6aGPveBQDtaH7ijqUnfN76U1ti8Kt9UqQ5YeuwCOD1CMwEzRtiSUs6sa9N7p_odAF_iHYAVQY8LQC2dQ7d54I8L0iydOQJu5HYu1mBzzzOcisuTGvWZ_AbCPACy0E1PgeJpZTXSVQilodHl33ZS2qAd_mPQdzLZPKRDxlUmoRli_-G8VRovdv5cYnqmD74lbvMm2_AaoMBoAZsp2zR0eXK1jh9z96TrucoGjo-znGnG8hhm1jNjagDzhMXxvUyS_qUL3oiWFU8mUfxEzDZVkke2hZJSf73w5fnL0ucqZURXeZB8kuHXVb7sT6QRfIRX4bZ5s3K4mlsTqnczbS_KSqtxhrEedMUMFisHoZwCG1PjCn8HFlA7QfCLHKt6Rt7IHPFgEeINmn40LDQ7V6jNjK7EbLBfkwyGnuohgRwsIAcb_Hn2OW6SDuWz4qsFPFJhWmm0K_AjIuY8EPOndEwQCdeRuZz9XUFiixlGGxcB3fmRN0pdxiBXJ0Qkl5oQdQ_HkNiTp2L8RaQzVAyrlIBjfhOe0xc_B3Bg

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/ Frame 312C 0
145 B 32ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/postback?dt=2255451533761563475000&di=https%3A%2F%2Fearnme.club%2F&md=1&gt=DE&c1=ams3&c2=0&ti=3389830757012732483&pv=35ba5be0-24f5-4a06-81f4-628fd2410efb&ac=11493887&cr=215907859&ci=225545&ui=2928211502789460109&sr=10264&pp=2180927&to=3&pc=26730095&pd=avt&ap=&de=2&dm=300x250&cb=1186271738&sid=AX3pSZ8QEeV9kQZs&oz_sc=943bd6bae59cd1052b5f9918&oz_df=1662301285862&oz_l=256&cv=3
Requested by: Host: s.update.ib.adnxs.net
URL: https://s.update.ib.adnxs.net/2/2.67.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 04 Sep 2022 14:21:25 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 60E3 0
26 B 52ms
51ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHpC91DgVS8J64B_ojbS79VSZsLeUrauC074IpZkDhbmr9vXwYNTcFZmlO_ZGGtUgHRNIdinD2akHiHdJo1RWo0wl0T1u73Bcr9S5RZbbD0lm_MKQhrVaWYt9ajDQ1KLUMQPMr1Z_BP9VYVZOfetuWXnA&sig=Cg0ArKJSzFoO4fdOfzIuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=3036&vt=11&dtpt=1897&dett=3&cstd=1137&cisv=r20220831.95068&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 2249 6 KB
3 KB 109ms
108ms Script
text/javascript 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=87880815&js=pmw1&base=te-clr1-a084f320-3b1c-4bb6-ada8-937f10c07638

Requested by

Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=300x250&c=87880815&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

efd518eab6cae1a929207adb01ee5c6ba9b2f0fc8ec1ead930bc0264a27fc09e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
content-length: 2330
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: o6tJhu6pkoBGQ5TjbJKZ1cqAevlLF0rldf9nCPrZ-1ki9_ZSJ0J7VA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 2249 38 KB
12 KB 107ms
107ms Script
text/javascript 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=87880815&js=pmw2

Requested by

Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=300x250&c=87880815&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: K141rNlpLL9T8z48UbSUhceGgC-8zX_QrFT3W1Cluq7PqluvkqW69w==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 2249 43 B
1 KB 105ms
105ms Image
image/gif 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=060a

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: 0EO3_ebcjGgI_FKDSnunm_JDwN-89T3X5QPm3PWwgN_LuNIp-0I1kg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 2249 6 KB
3 KB 107ms
106ms Script
text/javascript 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=25209229&js=st_1&sz=300x250&c=te-5d2e

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=25209229&js=st0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

865a889eda275ec804dad8f75d031b383ee95da2b58fa276095296257cd63555

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
content-length: 2242
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: Ii0vv-IVBxv_xUhDVNwPHMCK3IQbbSHiloT8eXG3RKYXfv1jzjnpVg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 2249 38 KB
12 KB 13ms
12ms Script
text/javascript 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=25209229&js=st_2

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=25209229&js=st0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 19:33:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67699
cross-origin-embedder-policy: unsafe-none
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: oKEp3kMy5uoieaWnXjNPDulD40ECm8YO7j8jtq-5_RIbQQgnBrdXYQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 2249 43 B
1 KB 108ms
107ms Image
image/gif 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=sojern02&pid=sojern01&cid=25209229&w=300&h=250&c=d06c

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: zYP2a-kcA-lW6zT39T7Wc6dFdnWRM3R71oVtt77H1J-C05neB4x9qw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame C7BD 6 KB
3 KB 105ms
104ms Script
text/javascript 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=788328540&js=pmw1&base=te-clr1-88aad618-33a5-4631-bef6-6209ca2d6706

Requested by

Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=300x250&c=788328540&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

34ad53c94ea7daad6cad0a833a6235cf1cb4eac7d3c11390fd2aec23ed7acb73

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
content-length: 2331
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: nIv0ZrlMoz_FXYyK6Y8_Uyh-4bt3ZxUjE4qCLrmuQpOg7nN3c1FFMA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame C7BD 38 KB
12 KB 103ms
103ms Script
text/javascript 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=788328540&js=pmw2

Requested by

Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?sz=300x250&c=788328540&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: G1bUD80Wz2oytrfa1aPUPvjV8HGpfRfqfuk1nVKNB2tSzg4Ij4c28w==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame C7BD 43 B
1 KB 102ms
102ms Image
image/gif 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=471d

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: UZF5WP-a_U1B-BaDpLW4xCu1DFCsIrEHQWY30YMnFfQZmImnImKVeQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame C7BD 6 KB
3 KB 104ms
103ms Script
text/javascript 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=25247223&js=st_1&sz=300x250&c=te-5056

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=25247223&js=st0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

f10c2c2c80bce60304a99a9dd4eda8dfe05817e7d7312cc82f4063845c124975

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
content-length: 2244
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: 9dY7jGyrQiFN_McDEJiaR0IPU03kYlYumlaA3-NxWVK0w1KW11lggw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame C7BD 38 KB
12 KB 9ms
8ms Script
text/javascript 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=25247223&js=st_2

Requested by

Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02&cid=25247223&js=st0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 19:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68355
cross-origin-embedder-policy: unsafe-none
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: KCr9CiCGLhfxtw3Yv7efUxtmYAffagsYubGndC_JD-CKzqwumUUY6w==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame C7BD 43 B
1 KB 104ms
104ms Image
image/gif 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=sojern02&pid=sojern01&cid=25247223&w=300&h=250&c=29ec

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: Nm62a4STs5mcZeYpUDxJMry7EVbH1V6IT5XJk0w4st1XLWjL5pxLWA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 48EF 0
28 B 51ms
51ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqncWYLQUY8b8AvXCx_APutiBoAsAAAAAOAHgBAI&bg=!qqmlqe3NAAZTikH4c4o7ACkAdvg8WhNGh943ez3O_l00Xc_6QrugDzt-jSBLPbK1aJM6DLFe6292UwIAAAaVUgAAAANoAQeZAtZjYHK4JUdQnHyApGBoaZbXfg4mnx75_qfCgusMps9It3QTPS8xxvBp30r_OWZTGPGtL21-_HV9ZM2YpXRytsnRFXAsIPQSqBn0EAEV2orK4f78AmpZ51yQcF1z4kgcjDjD828faO2Ju359wsgovUyjqfthQzaf5aq-mXFYiiKX5_MnxMgrk7YSf4eZYr3E_ozPvK5sf87FB87fxeiQiDkg1_uyb3qf7WupW39Qjz3cRN71QP_cAX9loFCaxpd1dmloiBPShtUb0idPrTotQ0GTSe96fyrjYpLFsy_BzIC7q4AP9m-XAv6asuhhKd5JRGRukzmcKaH-KAk_8bRtKYv4Vy5KO5Z7cpERENXdVdyBcAUGob719QN4fqHCnha1BysSz1R6fjrD-KJI90BlZqadoIo8f_394qyJIYj28ZGYsPbMCbagjBF9HcRXq5UVi3Lp6HJOzh91v2uwHupK0JGISJK4CODC9pntnRHpQJhQJ8iaf2W0g7D60PNW6hZ4893lgvyPNriEk7IEFzEBh8gxOm6LYcQIhGyYc-wNDju24-9FRWrk4ahI_75uLmYTcSaQIzHFmVuynZp1JQ7BrjjIQCk4o7zkKeS4zXRqh53sFlgP58xw_D0N1QeOoDgGMrwRPQyDyG_kw4vZUuwgBNLcXIMbOQBK1-J_vuh7SQWhh3aynpqdiPt_lVDJwVvrN8ZdbqLghSSsfsmKY3JGrGSuyigXpGbI1FGdnSRrGwsoV3HwWQ2Zi9CeOIzKHo7H5YOSZP_FNGfW6R0I5p6wpDjmoj1ILNGPtEEoIjNRNTFa7nApojY60dRkeKFtCfVaSckf9SsIuVbxd-s7jF20XXUEY6f-ggSEFOaJvroIjYg1u_GUdQ7cjr1msUD-dqcfurw_f682lc8_AxbQwNwM2CLj3GmchOuwixswtnWVxkNFPab8abKAy6OHYUCIZ4dr157G-nsnlBU

Requested by

Host: earnme.club
URL: https://earnme.club/zero-8i-from-infinix/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 62ms
62ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022083001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa96f7d5578e0ab3afc49290611f683008ec3d5bd5cf7b11e0a2405055353163

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 04 Sep 2022 14:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10997
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 32D0 15 KB
6 KB 15ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:25 GMT
server: Kestrel
server-processing-duration-in-ticks: 846615
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 5E6D 43 B
215 B 179ms
179ms Image
image/gif 2600:1f13:800:7782:2ffd:4913:b6c3:d37a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=5cce56d9-e083-dead-168c-7a649c183f0b&tv=%7Bc:nfUajK,time:4338,type:e,im:%7Bpci:%7Btdr:2491%7D,pLoad:2524%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:4338,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:38,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B4333~0%5D,as:%5B633~0.0,3700~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:973,fm:tgtwLOY+11%7C121*.886862-62195780%7C1211%7C122%7C123%7C1311%7C1411%7C1412%7C15111%7C1512%7C16111%7C1612%7C1711%7C1712%7C1811%7C19111%7C1912%7C1a11%7C1b11%7C1b12%7C1b13%7C1b2%7C1b3%7C1c111%7C1c12%7C1d111%7C1d12%7C1e111%7C1e12%7C1f111%7C1f12%7C1g11%7C1g12%7C1h1%7C1i1%7C1j11%7C1j12%7C1j2%7C1j3%7C1k1%7C1l11%7C1l12%7C1m11%7C1m12%7C1n111%7C1n12%7C1o11%7C1p11%7C1p12%7C1q111%7C1q12%7C1r11%7C1s%7C1t.1127614-65017073%7C1t1%7C1t2%7C1t3%7C1u1%7C1u2%7C1v1%7C1v2%7C1w%7C1x11%7C1y1%7C1y2%7C1z%7C1101%7C11111%7C112%7C113%7C114%7C115%7C116,idMap:121*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:26 GMT
x-server-name: dt19.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BEE5 0
28 B 51ms
51ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_pj_YLQUY4SODq249u8Pg5SH6A8AAAAAOAHgBAI&bg=!Y2ClYCTNAAZTikH4c4o7ACkAdvg8WmjWzlsVplakN1Uo26cn1CkKxZ0XtYMICq1-3u01cfdnm5GwzwIAAAaWUgAAAAFoAQeZAswAkWe9paxFtP5T1u54MfRyvEaAHIC1Oceo9Hr-G3Uaf8eP1os6CsxVvWGq6jfUlA4LcIyU5-HFPlpV5sMBlvggaq9FaEotkR99T6BeohW1NYnCZ8SdVoDpgGhxlDOJ78qzi9grqEw3TpUEaDdKFMgqUUa3brcT3LfIeQMPbTZqMjOUCsRScC_nM3ARWrp9cFTx3-10HnnNjpqjxoGzF_z-IpnV1R9XRpX6kvLI8GIam5gdMcYiGsAeWhkITrkJ536hwUMZl9RSPsaISda5kqTYDiLWOBfBj3mhHCOHBCtqjLgU7aOY_bn2KcI-gSlCSfUiIVPwdiv89OFcl2vnSZ_CXwgSRDM3CHlaELJGDC-zCwgoB6lKTmi1myl-g9kk9LlW1WjctIc2KGhOYy7LAOJEjwNCTBCAr7vKrtosQwwAv-_hTuSUTcedMXC0vb4NJDLFJewkiv1_r0o9y0uEPkodahV1OGN7yuTtXpoSuZ1J1aeDQehQzTUn5k-Vq6zkmTdpIgIZ6lGx7j_YMACrtQojnKts59qlSV-tRnucJKo4xIYyu3wKaGhtWvLu87HhVyh3AjynNpWqyqHDYcW5yKjih3_fEoww94qCyRLN2mER_AQXf_ke7PE_is92485ZI5wcmrEYeD-PxnQMAWREpTAaddErHfCBNMu1VNOCV9OR7PnnEhR5BCyLjWXgTxENezt6t20E5S7t28E8AeT9l9iOuaAiW6dlb2ht91CVTg_x4h935I77U5eMhUSY3hl0zo0YxEPTn6oOvgFKwzSiiFnlKypTob6RuhT_R-Avfsav_Gydd9ZBz3iK9AcHC7lUvNNLGEyJDph33Oz-WjOO46ajYy9yo7hAx2gCYi0Xr5x8SIEEvncK0-voGiWb3K889Vnpn8c7PN2SguvGFJoozUGZDY3XWQHP8wVPd_XQOA06kMwxuR2NqI639H1mUQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index_0_250_00001.ts Show response
streaming.playstream.media/storage/videos/489cf6ec-67fb-41aa-ab10-6385d5071f8a/ 507 KB
507 KB 12ms
12ms XHR
video/mp2t 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://streaming.playstream.media/storage/videos/489cf6ec-67fb-41aa-ab10-6385d5071f8a/index_0_250_00001.ts
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: 694eeab7f4bb722f4f0386adb8b3d3e7d220f732b6075a5b620f3b4bcc3cfb0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
last-modified: Tue, 29 Mar 2022 11:34:44 GMT
server: nginx/1.17.10
etag: "6242eed4-7eae0"
access-control-allow-methods: GET, POST, OPTIONS, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
content-length: 518880
x-hw: 1662301286.cds139.fr8.hn,1662301286.cds106.fr8.c

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 03D2 0
28 B 54ms
54ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5YGrYLQUY_7zD9Pd7_UP-JOCqAoAAAAAOAHgBAI&bg=!YGOlYyfNAAZTikH4c4o7ACkAdvg8WpkvRCxuupiBNIlIOdLczKYXkN0n8sLXl2sD8OlP5iex8nG9wwIAAAZ6UgAAAAJoAQcKALsjgA_mzyN4NyIpMtrRVe5s3gHx7sYX0eSVc88dmEa3fY1RIy6e6CslWZ-1qy9eNdJVw1XYUfgyy8zfwtRlwpLvEZojnRBLkSUjJ5N0Sdib9NQvQiXU4wvvXKF57sSstzDdzc22EEJ-amvwDlwZszQgXxoSi7T0sevQNdbhJesATFwqeCLYFdDmFGnoprswGGDjTrLuZr7pjdmL-K3IHSpLNWjH1Jm_qsXA9zBLqKcu3TIDchugiIBYNFkwmQLPIRGK0wRSaRI6VXjOld-4qhJx1-kggSXevG7JoTEUACPMI1UEP3yp44cYagkMrtSMjpExto_f5Ym4dKkF138zDZi8ku9sy1xWjdV_CeDPv4zennvrmlsoTnqRRoVwtw_JxIXzHvlvB0O3gqGBRpNWVjAFb03OeVTCXlXFd8xvPCubZm3TsqOI2hpRdc2NUkC8goyiTKe-KEqtOuZbNQxbx6IuGFaRGDf_kZ9GwQmYyvjr6Y72tQrmkvK6m8MPc5_c4VlU81qzPFS1g-YHuI_b_x4AepXSe_7y5cesJpNgFi8ULc-V3w-0FkLIzaIqwirK9RarerG45L4Hi4tMI5Ldp2h8HjV4-uH3Z7DDqnmD0gNfIhKRkkMSO0gd2gQEH8SnTGzU_6_6XbxlBBUV1FWvL98jnMtGFOgxGWSqTw20eOKzYp5FCsGso1HnwGIBIJwP7yUl1OdX_3b45LDAoyoSo69ZcDRrBZ5q5RiwokQ0DTzqkRucsCfCjtMu2o_vg8OgBQI-WS_XWiiJKGN8omH7CLc13vp1Uk_lEi-87LqSzjXryWso3y-Sz5JflPPEwDTGPXLZAtKYuNYrHL1meQ193NRgNvuNa7Nm2ogh0do02olOI4e9OkvBikNPVEONHiIgzTN68YR2moV2k7wcHsjZwTVAc61lH_e6-6xWJCCWE_N7C58TwyNKEcPObOkPVqqbeNZ3t1m57epPUaRpf0XL5CTw_qYfR0xamr5VYjMCKHlphliTuputgT9ArbJDMNFLrTNeeX_044KaXy5N-ZBKWdJjdAVHDvdhHHPJA8pLlnHNFNap73ngWT3zWb7_CkdX_EhJyfmb-HSAuqbcaHkHS5ErSEgRR9uO-B-n7j_e_agyHdxHBg0WMOgGeLnUUC9TDGVfZFylpPdTeF9pbdi9kOoYFnEDfcSRGwcXEoCOmr4AS5Rhr5TspedpGulbWI4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 448F 0
747 B 15ms
14ms Script
text/html 185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10264&pub_id=2180927&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10264&pub_id=2180927

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Sep 2022 14:21:26 GMT
X-Proxy-Origin: 178.162.209.140; 178.162.209.140; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: d225c382-21f9-4970-968e-caba05507d4e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022083001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Sep 2022 14:21:26 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0143 0
28 B 52ms
52ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bi6PAX7QUY43eNfyxx_APg_KUwAkAAAAAOAHgBAI&bg=!ZGelZyPNAAZTikH4c4o7ACkAdvg8WlpdylUVOD_E2whoDNFe9f3J6D7lt6gmv8f3e4sTIjgVNC-bbwIAAAUeUgAAAAJoAQeZAvFC9iODqAST_fo1rUjJbsfqczgHRcxDjX9UYZ9bSI5OJBfXkHG4Anjzz-1EmpZb3ISOUiShBfYv7a0s2HzDiG5OsnhpPpV9B11mZ3IGdl67c3Rfy1QzVlJaLdtd-NVZtTvsNONjJTwCNDRO6__OCajCJEAXRjo3MgPuroZRPJAjcWbtSHvU_67CnHU7t5_T-JCKDK7BICtk5NNBehjjtOcuOfzj_6sSA8EZmESPIvaGd74zeNtgvJefUfuQc0tTROnUb7wgrfGxmzdgoNtDrtivePPmXct9c4Z3YDSKEhYbsV7y7S2PiykyS-7BvjOE2vdjT5RuRfrCazJdAB_BwlxNWrlbflw_Jm1RQbVu862L8DfxSu8DfNElWKD0_g3w0TYo7IAN1dVcKQjrTV7yxX2uzimrXX9GU2Bjlmg14P6rojWO-x1Q9hOy1U4g8_Z6cXbyqxZ5cHDSQZgCImLutTqNKwX0suWVRyeNa5uDWpvx_nMruNAgO5RFDnOKpLMXL0sGTIzT6y0llGN3_89s-gvk2ntQT9hey6zahWqP6cCi9fEz3TOHh0XemFIMrGaM8SrpEFPdv2FXAOLtZYXdFfl6utVdKGPXS7muEFGndZg2gvkAFjFuAokeGgl1Qg84VchJnMJ3Y83haLLrpPDXrH5EKumQMJo2_M-OvGyruiqOX86RV5I5kRgxb-vv3Ui_T6JTv91I_vNo4emN2ro7RRqXLsDvMnNQr1T02iQLJUIyuNtLbg6w_hV3cWIGcCm5yYTwYL9Ew-27pgmxUImWVFE-w0dnld-RK7C-I-ULp7PV0xlcE6Konu1AQ7AbYAJSIz99KlmjN4Udfd7vh_A2KS-cAG0tZ43p4cvn-uwOAzSY5Mx9mDcqbXcSuh0QW3ZljASl7C4olt9t_JAjdIQQOdwLX03u7GNwAE9pNNKhQRIG_zm8Lo4zAjuvvNZfCdJh33Zz02hPrVWKI2fkRGq5wtRBYxZOQJS9qfQYxY0bCGiQpZ8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B0F1 0
28 B 58ms
57ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPMEPX7QUY5rMNsi6x_APkvKR4AIAAAAAOAHgBAI&bg=!kJOlk9fNAAZTikH4c4o7ACkAdvg8WtbIz3IxzJ27OMBYGLO6-N4vCeNLQXweVhxn_67UH-OR8jBRZwIAAAUIUgAAAAFoAQcKADRs_WsrDzif51uAkSd8qW2pnOe8qeck4aT9AwB9I5IlSSC-mb3eA0uXoEKbF8RRUi-gpCmmmQLrC5g2JXJ4i0JEoJpbzVGykVLsdkitzbT8qmHdjNoV_6qbMjH_m4L3US8f3wfLQ7sL2UVV923ymefMcYv5j0qMy9zyi5AY_q-4UidgzzP8zx8YYahoAAzPjv7GWB7dxOfNdvkV-0cN5FjwxHATjUzY-WL7o2xSo1DLiE5DMGLwdGy1UfBjoCLzaC1LQIYBOEbGt12fG0lO5IlRdBouo9ik2EFZDL8gNjcL9SgDCaPtmv7QSelixWKJsmIz3Jzj2iA1Yp6OcgLh7o3LDMa9mD9x0Co38pAozh0jsPfmfXszuNC2_-2iQ7z8DSCZ3Qo3kRtixKJJ2OkjnARpCFvEV9_lSk-fZxVRPYGaDBRm_Cdg04A-4i8dEWOge_w18Hg0TF_-vU9vd53rdHG1-59-3ajlFXKRRXLhSDaXY7EH3borRkTtCykEZGkusaH_1HztOuMYm3Zbsw5oWXSmNa0SE04Vcc7Pym95HVNUMnd_j0enmldONDvSySl09Fjweq0HDr_QMoxbK_1Cc__RsxbYh7YV3WGXgH_mlqHKEqMpwoDKl17S-TxVbGmBK_8V95bErcrSH2baYOsFOXs3dALcx74s42ADaoMeeQqzHHnEPaDs5P1u8pZVFWyAZhQENPg-kv8Wv1M0lJo6ngg0T2UrZuVJwXhcZSEn7XYLPi90EjM_hiuwiV3YSjTgNKmmU6LOqbNXljA6valkW3BvENQulzwy-wiB7QmbvxlkE78DY_pzanl-8nxnPsSfecImy3LJUltepJQaW8ng-uKxpZdpAKCeplX9XxYsMWhr548Iu5NzZUaZP29Ka0xsPpnkdTE4xhdOheHVwQNw-bn33Is8uEbDUe6lMvVYEI9fngFk61DLNsheQd3--SLKhwaUQqq6vvK_PlZJHQYqCHLTlhmoHVf0Wh1gILTiuEL4cH9hxJNJj2UpEtuffhSCIMj7tCT1SbW5Xj_HotBOCUlUpO92bpieJZ2jIp3MdFuF_iAO

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 07F6 0
28 B 55ms
54ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bz-rIX7QUY9GDBoqp3wPwgZn4DgAAAAA4AeAEAg&bg=!z8ylzIjNAAZTikH4c4o7ACkAdvg8WjnXI3Npx1KzMtJiCtz6kesJqj7m4NUCQsY1Spagi-tI3OD5BQIAAAT7UgAAAAFoAQeZAv6gjKVZNl3xiXSLWNRQWdkUZz_SIvyTaCnTyz3ipqdbD1_7KohezR6uv7ZTzgSKmEM-8jE0pfPjduGDqP7C26Av0UK5tBsqHlu6axidD8DOYtVwXrJrs8Lkq7cI9c3ySmQKtyGmPLgJIMUWgLcWKlzgUc1yahj-0rpkrguZ9DeVizBQ8cR74WBhzPhUbZ6496LmaiICr6eaz38VtcQwuDjNagTGH4S3DNdVUTwiJZ-pxpT-RojzDVQc6TFmjs4OmPrrf5WyEbizfaB9uD-H8e5B-Q5b2_xOoZj-T8y80ck8rW3Q0MQ2mc5pKaFJzyjPeGvrSwsY1kJMGFC-E48O5PYA5MAr73Es2KF6kTq8guP-XvA1FNDo4kJQBYzetYP1hJS-XvQ9QvM9GzkVtixqmORdAZRWqTK0uFhZ6zebjc3hjDpICc1MhHiEJnmhz8vV6C2eFNTIdEK14dncEIeW21edBq9742MR2HoZAZ9UUe8Wo2OuKh3TGd1rAXlzCOEGqMD_L6X7WGDRN7PTkLrAtXvqVeqaIqfgMa9TCbcuA2BkZ_3KFpLGi-8iHDEyN3OZXgZNEn_cby9X6BS7HZKiA1tWgxE_JooPtfw7a8Yych0muptfif2KHfPf3i3I-yz1Kf-lEOXnXusbWi2ZLqVGI-YK2nNac7MPJhT0S7x-GvQ7nHFSGxVWYHco5zfUr1g_5OCjQAWBb7CkAGR0ggMTimnFz47bPiKjn-wv3wMnb0qvr_RibWilowoV78BDM8zvxWTqx9SCryVA7mJMFpoYMzJx5IVnTNYH8y_Utu05GpHw3u50mAAfCGkM8sPwwuulO4t0wjVcBwdN8qw-XTAX4lBrCq8SONcXDleOBASt0LdpXta3KJbJzLbjjl2X8eLknDwQt3gd9rDj0Uy05DqEcV61EgE7PE20Bsg38ytrZhfKSAvmHrtCmbVhpDikB3ZLt1FUTP-YQl3pTyeicgM2JGKdZNCHTQyFx_4d6tDI3492smkP-HO9mJGQP5Lw3Y51

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/ Frame 312C 0
145 B 33ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/postback?dt=2255451533761563475000&di=https%3A%2F%2Fearnme.club%2F&md=1&gt=DE&c1=ams3&c2=0&ti=3389830757012732483&pv=35ba5be0-24f5-4a06-81f4-628fd2410efb&ac=11493887&cr=215907859&ci=225545&ui=2928211502789460109&sr=10264&pp=2180927&to=3&pc=26730095&pd=avt&ap=&de=2&dm=300x250&cb=1186271738&sid=AX3pSZ8QEeV9kQZs&oz_sc=943bd6bae59cd1052b5f9918&oz_df=1662301286355&oz_l=2852&cv=3
Requested by: Host: s.update.ib.adnxs.net
URL: https://s.update.ib.adnxs.net/2/2.67.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 04 Sep 2022 14:21:25 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2

200

sid Show response
mug.criteo.com/ Frame 32D0
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=ChromeSyncframe&so=3&topUrl=earnme.club&bundle=YyS8-F9vM2hQV01FcGk2YTB0WnRtTlNjUkxDNGtCbHlUQ2pDMXdiaHNhejNrOVJNaHI1RVYlMkJl...
https://mug.criteo.com/sid?cpp=myMcLnxtMUZLZlU5VXpQOW0ra0YvN0dQN1dRcTJKRTI1dUNyYWk1UmJEWFQ1NDZKYjdNSFB6bWFjQmhDajI3REszTURaYzdEb1NvQmR0ei9NVVZIeHlyZlN6cnNUTzJwbXFlRDhxeWYwd1F5V0duc0k3MVEva29DTzloRz...

420 B
652 B

18ms
18ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=myMcLnxtMUZLZlU5VXpQOW0ra0YvN0dQN1dRcTJKRTI1dUNyYWk1UmJEWFQ1NDZKYjdNSFB6bWFjQmhDajI3REszTURaYzdEb1NvQmR0ei9NVVZIeHlyZlN6cnNUTzJwbXFlRDhxeWYwd1F5V0duc0k3MVEva29DTzloRzBBOHl1YmdtSVBEWXZocnV4eEhVWElBTzVyNURnVFQxc0h2aEFMT3ZtYWk1QjM5YW1KQURPZUJvUS9UdzF6VlREUFlJd05NOHNjeE53cGNtZ1pDb3hSNUkyZlB1Rmh4aVNiNzgxbkZkcGV3MGJRK2Z3WnJFM2F1bis4cnNFVEVLSSs2Vk5ZNnpSelhhK2M5M0liWFR6T0k4OHBnTnBaYStOWFJvVzgxVDVUQW0ySU15TnYxWT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ea7347c1870b87d019e8e54959e07f0d4e1a881b1033a88742146e23490548d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:25 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1929980
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:26 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=myMcLnxtMUZLZlU5VXpQOW0ra0YvN0dQN1dRcTJKRTI1dUNyYWk1UmJEWFQ1NDZKYjdNSFB6bWFjQmhDajI3REszTURaYzdEb1NvQmR0ei9NVVZIeHlyZlN6cnNUTzJwbXFlRDhxeWYwd1F5V0duc0k3MVEva29DTzloRzBBOHl1YmdtSVBEWXZocnV4eEhVWElBTzVyNURnVFQxc0h2aEFMT3ZtYWk1QjM5YW1KQURPZUJvUS9UdzF6VlREUFlJd05NOHNjeE53cGNtZ1pDb3hSNUkyZlB1Rmh4aVNiNzgxbkZkcGV3MGJRK2Z3WnJFM2F1bis4cnNFVEVLSSs2Vk5ZNnpSelhhK2M5M0liWFR6T0k4OHBnTnBaYStOWFJvVzgxVDVUQW0ySU15TnYxWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 693652
content-length: 0
expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 22C9 0
28 B 51ms
51ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeCt8X7QUY670NYvf-gbS4ruAAgAAAAA4AeAEAg&bg=!0tGl0ZXNAAZTikH4c4o7ACkAdvg8WlZRAZij6YX2pD1MnKO3m96f4r0Il3sb4vRi2YhDdwvkkRxizAIAAAWUUgAAAAJoAQcKAAtdo0SgopeD6EhGx5kC7nnAHKAC5-nU9ZmPLMIt1SZMVLaB5BHpLJ5BscbKREZceRV17fIpY5128UemPukSDwJ-Rj5VIexsmZVvZXc9_6KJpKQbjYTbG4570cXwU614R_1nhcEJuuOg77M10tz3mFh8AQv9qg46Nf6Wmtr6s43dRzZp_a0cFaIdh6zn0MKAPu3wKeFf5yYO03sYxZ96ctDeQE5KzxY41KD0NC7GUEdckeeMWFQx0W9-X2CTL8e5HTlO7hPhwqkzqiX9MGZgK38-4nc2KdY-AHQchucm2byfVw5JoAo0NSjhl8fDrV8UwPbKODHTIF85MkRSiurn5b_Y43MYL2_43Wufp8Vs52R9ytju5J1keCyiCp-o-fTaTvucRb674Hv7LL_NdwIODH_SF-KVpWI2S2pIAl_iYwITgKK2A7ijpZQYOfPJjw90aJKclSUBnxkYYlorPVmuf4pujIQSdYQZeQidu5U25adKUn4h20Xwu49xc1oG6DzxS_ChbitobUrNFQWEvLZ_x64d4kEQPKO5o6kNAgMMgJhJ7qQ65Ji_ZASEFGqhniBoETrbGNB8Kk3xoPfZiWfKlKM4A1xbjv9R_FAqQx3DbAIlBbaA3IQMZf3tZfvIV82QuXcPWNyaFCUostrT1dvfSMr7rJfSCXapBCfvyCEt67faB_twoAg-da7Oa12ceO9us5jZeEV7KsMXF3NvXXCl0ZfinfHw1e35Jm3HToQDKp2saytPUgw44KTNUA6T3ZJpfPQdavu1F6H4kJGrQ2ncWEHVNOWX3qmL0ebf2cupEet3X9197LYThVbvfh5d5FTTVcJlCO_Ttsf4ipif-TeWa9ijskR1aycutTEuKKP3YEpy1WjqPYQPjztRSG8yUgH_oN0bO-xtiSUK5Tg-Gq_jSwqSA6JzF5Qrr-LRZWbITy8x7H4xF6K4RlkfjG7SOzq_hrLt5fihDQLbOwAeoEq8Crs-YIaOmQNPN5hL4tCqVfzwlmLpFJ_071mwyPRDxg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FC38 0
28 B 51ms
51ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=ByJtGX7QUY4PkBs2s3gOe5YG4CgAAAAA4AeAEAg&bg=!6-il6KzNAAZTikH4c4o7ACkAdvg8WsQ2K1GmAAnqYwYXkLPuWzEat4ND7Btbuc-H66J2CrN4YEusQwIAAASoUgAAAAFoAQeZAvfN7_vrhbaIpKYKyHpCM9_EtBv5MZNlDMLURbuzsTxU7o05ftKrsHScIejeDXsV-LOadM1RQ_8WEsypBchc58l-rlv2N9ZN14Od6aY7lX1VpcBo8HJjv2Uz0POKLQT4jcJLV6x4mnUBJUOdJWIDiy_JFK13zYDqdVfjqa5wB3uAcszysR99MLdzWLWSKuk_9y039edA-RcdHdosfCpknENX1uvuAHyKV74_qTnfxhiTfKUxmQwOkQmOjSNjCp9mnT3aY5YAsWsmKH-RcN9BvXhMiDAzRVL9EswoyzFMTPeAXjpCWnXjp7gmgR1pb2OFlP9iAkQJLT1GzYZnKVHYl998GAisxY7dRKpMdhygxp7IhtMra23qoRm8FwcR1Alf4L6X8WUi7x0CPd_88loeSlZqtMAn9cjK8i2USEtWrCASym27Ar0Ho02tiqH9EL08yjY8p6QFcZhXtkto5gSzTNhX1VJYptVtdIP9o_I2eOa59UdMcIyTkj4R7cxgbywvbbhvuCY56vKyk-i4Qq-d78UefTJNJ_jAj5vgRlyEQ8oZLIXvB_zovn6A49kFhWmdWATWGADwvLZrEneMQUtz58xSwGykV_PsbIHu1KWKc_QeCjU2qMAlaZSufw9jRudtsJAOgfkofpRbCYrPDE7rplswY5GnWAioWU8Nq3lQQWjZIlNFdNGfJCFckhggHYMjSn7UgWAyM3QQfs1AR9ZIEE8yqu_I2Cwqe4H73A68slw_K_VHGoVDCjK6r3y_H9IiTqzn2LScSg9ORuR_p2LEq_FidkN1jJm_tE0hENx_ZPNi9PtV_e8IL-T2WhyU7qdDNxaY06PJ3lBI0JN9d1liuMRvUX0i_5mvdbQeWW4LppfVyNNcHX3V1Iot8xyB4qsEBtsFUqvUjFvEP5Pyqdc9vs-miAVxu48-kH80qXMGKGrVN8xK_RyPA_KcnKVpl8opeFp1gF13D85-Ha1fg1q2DDpFrnAT5XE3E0__RnGfXV8SoC0BKlwHc_I

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 451F 0
0 51ms
50ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022083001&jk=1629497221745310&bg=!AgGlAUXNAAZTikH4c4o7ACkAdvg8Wqdfsq0dmKVyKOsdMdSKTVO8aBACJ0IskNMHcG7iCln_pYdXpgIAAAlhUgAAAAJoAQeZArj8SOHKxF_DzyeSMJEHyY3howseSnnEhTo4pomxbCHZzEyWgie_LONkrGfjdKDnhh0J06JF8ALZmcbRpgrmarbFmzBXlNkBZP4H34DjWRxM3eUo4GnsHDaVQfHinIRaG0ql28U4og8wrppB-VOcnSTA7prtudTGQ90wN0xOZ4VWAJuqQB0deDOT2uBo3fTBCZhmthE_S7xpRnQuuoNhe5QFpcn8p0huq4KnvIAXtuxQI7doT9dOLm_y5-gbxNVMnvQpZ2eTqwe9_0klzWiVmIVszF4D2Sp-C0up9w_8EJDtAs19Etqojil4I8IfdV4olx8iiOVn-o4ZxHE7dV_Sxczwkt_q5T9xYNEFwWoiv9OlKxKKglNMXgu8nScEvFT4iUgszcYFA7NCMVSsBk9kNa9vmjL4pS4O5irkD2CpYrUGv-CJ-oQX-qa6OjfYKukUZeq-AVFk9GY5jUVv72iYqwZbZJ7wrW9lNe5cxhkWQeW0e3JZ9rSlHMriNno30642T7cRwyrQolfNygPYaZrnwcAJ1Oe1BRyVn-D8Al_w0Ok26ckQg02ANZjFkEy3PNXuZC32RfPe03g4AfNZrHMnIMQbraNYibSOwurOOjp5n90OsbVhon77BfI5ps5AURDYUpVy5fE6x7B0Q2ZQg8Y_2moMRG4qduqv4EjUVazM6vPzAzYgX3Ao0e6xxVgqXelA7o0AOX6WL3teVgNFhnD23ceyHFVoznjP12_MAsBEs62LfvL96eMWFTyig6Mop5n6xn38CVva76R6e2qARzO1pFhniJGmxlZBgtrOQ6sIh2PduOhIQJ-M6od_AG0eEWvOgrP86OzE4YtTlep5BAkV4EL6pezBJw-icoCfym58D2AxWvHdqfQ3uWy3lCoyeP6UVvIo6PfAP1vJUILLmeqISUFHLInWc_84_y8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 872F 0
0 51ms
51ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022083001&jk=1838023014114108&bg=!k5ClkNTNAAZTikH4c4o7ACkAdvg8WjtMOrKanVc0d3ECUzHBBbw4oRvRUPu8uHoMz1ZF6W4z374MkgIAAAo0UgAAAANoAQeZAqyxLaJfC_YGjuvudQlPv-hGYmnEratqNIqqx0eNMlDEdi1z4JOjRSOXY7XmVrqk8pAMmdmf-QP-EBZ7eYNw50tbKwaA88n6m4ROKteWAU3M_YvEq8I66gPk-mcdBoldWVNkExE8U1_jmqSGaROf-WsVwcFJRpKItvTf2Y2LNYOasUh1t5jJA3zd0btSxb2jcNJCYuLiTJwdHZ0K5jYjfZxYHd3M6bzqr1J5qLWLtvxnDfylX3cafDMYQoLgbZXIelOnGAlKdbPbi9Mj4qpsPu1WJkGZagNeuIAA6oNCFlCJuzEcrelsrX8IGN2rJorz07VDaxPAGsHAEqkCoLLSnmhpLO4ZwzADuBUG7IFo5nuWCbXrSRhPEEzb7VBs24d6KdVrIrUwKAx_hXbKNf3RaFX2-6fcjHM7wsa5kQAwBY1XoaWynxkyniX0on8zp9YjKfUlP_qL8KsXZOKsuA7yUHPheXDbjw9yeds-W0i2sEapJ6BglKkR_d_x7gvH9l2AJ-8mW1lHDjZNtngMzTyG8nnvOFWeUVhh4yvYIa1fAEkLaRGgOZ4Rmxr3tNQmcktIgSxdALV1OvmoBvEl5VEQacplWpp91Ul6JwVC64pjWcT7-Nr4Vrr5uDEKQsHg-cw5J4UaMqaW-ruZclITtlqIZhVmddk9UMIRvhntPV4y8JSMWYht5peVTOJjmWp_8KrO7eIraGiRjwf-WUSYLrM_US93OMp790GyjA0mWLsA0joWhmKRJlVaqZUwmdTzB4IkleU-7Nzm4uzbMF9m1A6b4N5aTDOx_hOe949zGZSjcxyGlBpxtyEB07oqzp6u_eXWIGDx5hFyrfezpzOiilzJxSq_wjjcv1yQF0AK4tGLhGZhXXvOK73yHKYO2gHimNmsg4Ase0a85npJUcB-EHk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F8E 0
28 B 53ms
52ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8YIrYLQUY7TjGZ-wx_APnt2MqAgAAAAAOAHgBAI&bg=!jI-lj8vNAAZTikH4c4o7ACkAdvg8WkdTuNrldziU4CY3HTW0NwcoGvP6xlje_RnkJd8Hv6Tm1jfqUwIAAAQpUgAAAANoAQcKAJsdbevgkBTz9TP-Mk8wnkSzJOYkaZe05Bo_CVaOFvor2aezaabgmbQDAdrLIq7pI3oG4gC0EH-W3fMJEknkSS1Na8PUBOSv9ha2YuH7Cz89NWF8OywiFH9ofnEQfCyStlJrsa4jBLzTX1NCzPA8rmjuvpQX99TN3iG5WsttQYy76UUfVfiivQX16Rax46ZUJq-HcV-KCPoWsEKg_ZkC95QSTQFZH5SMA_ALdoYuOCK4OCRUo1owz1iRKAucxUPJ71tDjg9oScnrsZsf1UDk2CTGe4guXbdqhP0fDHrP_MZFOdFN2fNxyAzmKeUedD3te8GbQ3Yw9QDcWusW89udMtDPBVPSr_TtjsV17FGawSZ8qJYwriAoDpVZGQZ6cECvaVia4cUqEiVnDhFFXxRKLcT0DsDehgmov0pq_DypGkOJtS5K8_qI4OuR1N2dp6V0BzybSmlfrelxXYUqxu5wDMgn9f2JBGHkJ2O7HDXL1k6MvqB29AQ0j3GXtWLMTnyW95lZpg1fb3s8EBHEu-Z35Rup8yB8mz_a0h1ES1UjYQ-h1tnssl_mwYw4EvMR5d8R6EF8hJzOBT_Q3fMEIaS_Z0rpukrNyAojPXtE6r14loEjR0lkJOyJuYBRN3q_osQV26j9WDJc1Jfe4-eEhTPI4kO9l4SKQfYiZzYoymwMxGBlKdfWa0iWX4qn1AT_UYczoKcqwE6souCsmKOwWTIEoCcMYY4ZxTpcAU9EGaFekW1x7AQme9xXsHC8h9FZ8L2AbUXYBUVdjOA7tPul1xtKdtDoHHjGnCJ8TUM_QGElzGDBDjedb7pCNJvb7crsG1y7Ca0rla7dYd_W2JOZX09TLRGGndFH0k_VclsCoXCI2hJPghhQQuRtKhrF_tQf3zbMMigsKpTNMdNURqLMn6-AnmQhUAKRv3ANzSrlcoQWqPd8oXhKILXcf9YBKjazX1r6FPYFOYMS2UVIb9ASo9onLDLmJ_laBncl3dLnE0PkWRBCEiHY5-tI3Q9CMXwMhlNOJbJWUqIwG1rwW-loKYH8fyHUA6zetX5GbbJpqC6C9ptkFnQ39jfn1LiDVsEJ14GVFEtuPjRFSEIKPt8XDYZbMJaztFBMmqwf8PbUFjVI1hue1d1r53HY4PMkp_uYYRX7ubyR21eHW6qMeOEKf9mPpNQw8OKoKT2afWMLT82dkpc1bvsOE0m320wTPmdbe_KrKVB382tI9Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 93BA 0
0 51ms
51ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022083001&jk=4208870347843066&bg=!trWltfHNAAZTikH4c4o7ACkAdvg8WqVNqClPODfeSgKrQI8TJf-cphxHcqFuIbV0VWYYxhcFfpbufgIAAAoZUgAAAANoAQeZAreS0XlWOf2WEDGWClFcf6uC7zo1131bsCO7q9lfeiEQsH4yPv1Kus9k4celd8pLLqIcAywK2cxHSkORwTE22U9dAdX-u5idgX0vKDxGHh5D2DgSr2dsOrISR5jZXcqqneVV7Vv590JbnvPttq9Uydt_TM3y22UK_1sRtBNDCtk2GvJzamclIeTHbBCqXdhVnVH3o3uWaC0HdMhdCaO-N1jShW7orU013ZMD4KEx12WQQBSeY2M1QOCPabbaiKtim6xZt-AAi-7lZ2tRCJdGk2hvark3L0gGVXuJcj1theNjy2cqx28E34p2TPJpsCuq2xdj5W5De5QIMtNqG9jmFl21HsLIsIgo9IPWWArEUvYSS6uuVFsP9VnNUVZZhIy0oG23PLmPQUacDCulbDoqnNZjHInpWzg1i9udWEH39bj12hrY9eGeUm0YcbahSmpKgOC3-BLNa-OuFVq0rR0o-hFrumFbHvspgjtAGqyBjBH0irjYwVHe_-TBsccQXwSi_9N3EC8Ofs2khiCmhEyjmVGfeHwyDHxd02H-UmypvUAz-FTTbTx6UVF0rI-IEJ8U9RwvBr0OmIMLE85l8-nE3meQvbhWeIEGSxbT70_ifb68-30SWhFSvo45_povV8zjrVPb0DuKT9nwPHpTDUQK0TeznUhBX6JSrBLk0zEo5DlcFAPSvwk1fEqSpCqyfGOQ1a4pDew3MnTQwABNTF7n2L3giMLFgDDBTKyD1fJt3Z9dWdZ19Xd4HUD6bBnNTDrJNSsmCoON7ARF--9hNYqVUiGuFqTMq3NS38Dw7ifc9vD4ib5NUHT4yPlW-hcOZPYuJiyH6IaypNErGO3u1FaBiZJ89PF6JA2y-8PM8dPMe4kcs3hKZ87mT_JIyB23uDn8XXqBttF4LpNpvWNBUsb6m2-XH-pKO0yMaw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7B15 13 KB
5 KB 16ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4545
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 13:05:41 GMT
expires: Mon, 04 Sep 2023 13:05:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 424A 783 B
535 B 24ms
23ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3e50ae2431cabfea1f2ec009649bdd2b6d20d58370880a09cabd02c5cd7e5a25

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HKz8a7HGIi19vCHdXekrdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-HKz8a7HGIi19vCHdXekrdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:26 GMT
expires: Sun, 04 Sep 2022 14:21:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 get
choices.trustarc.com/ Frame 2249 287 B
629 B 8ms
8ms Image
image/png 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-100.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: public
date: Wed, 17 Aug 2022 02:15:42 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
server: nginx
age: 1598744
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 287
x-amz-cf-id: D3rQ3Hs9gDqgBE0PVB2Lt9aBm-E6jLlGWW36qshNHjqIxPXGlTMdAQ==
expires: Fri, 16 Sep 2022 02:15:42 GMT

GET
H2 200 get
choices.trustarc.com/ Frame C7BD 287 B
628 B 8ms
7ms Image
image/png 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=788328540&js=pmw2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-100.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: public
date: Wed, 17 Aug 2022 02:15:42 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
server: nginx
age: 1598744
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 287
x-amz-cf-id: hT3K3vS_OZDSOV0Gda_Vdvgob9Vjwt9E75rYCTryuIiMaIfC_tb8VQ==
expires: Fri, 16 Sep 2022 02:15:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F897 0
28 B 52ms
52ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzpIPYbQUY_iVEs-yx_APguyCwAIAAAAAOAHgBAI&bg=!PzylPHjNAAZTikH4c4o7ACkAdvg8WrCMkej49s6giiKLZlkJUPXd1Ia74_vBGKggBhSdLgyAomvbjQIAAASEUgAAAAFoAQcKAKPl0SuJ7HXgqhvTHXfzvOm3aU3FuyyUGiY3PigdxLntZW2EZ5Vss4KbbuVCVibZNNQnI0eLELy8WrBxrAlerCEVKfu-RgvMYqTtGay-7lFxkDdKO3UtPikxzWgHZvI2zupWC3EhmKwzREsLlDnQfdackgTGEXE6NF1UOXJQcYMxjT1TZCtDu3u-_QUf7qLdBsFk9UaxQluPEHAaMnF_D1nbKuzhmQLOzWAerGP5wjogYSBj8OB7bng1dFILrFyMS6UzdBbyVB_c_xIA_KnfNg4PHbBf3QSgPCPITjH1cpycD2LLYPdZEOrVuCwhsTnmLq9ZRNPXa3zoECU27sHhzUF2j__gp7K8IxNhWsllAo1KWSzNJ7VcjBL0yqoW9Vc_5HE80q1OaClYr4aOec6cNyPKAUgyb9bKdId_7DpBpZYwb3tdcb0Cq4pF3m95zmtoiGwS0nTQgAZfBLxhmaM0CTdb_MafJ5jamlNPyTh6tDGdHDixbTP6iseBjqfaYJ7nHYo--DdPa12htwC3JPEteAW51LfLjpjAwstjAUfru2PW3yAZGD5cJgbG7TAaz59h9JvZbq3Wj7T2tXzUJH80C-QxmJpSbQsvmCnWlnEFxa9zXuWPBevMIbj7glY_zLPWwJaGAXZbtCgTcBxcNgt0zUI3XcBjnXe_0VtWduUtQ3t11UfsoIJD9M_nvIUF_e2fat12Jm2_nKs_7ThcJitna3ZsOuRR_DVKFDl7FFRRNIFPM-MIEyNtiRkPQR5GcDEA6KcFZYFrsnw30ybkgosFQMlkF502YHDoDTtn9JAIMqwZx_D1gcNtyUllr7U_oM4nKsP-zb7b2E0a-UUgZT5wRN7UiFA7fdUmhqIJ3GeLfgKZNcWg7gAG-0Zpbvu-sqB9pbCotLtXdWhXg72sl7G4MntRwMEcufrDkm760G_fggIwP8TmFe8QVuksNOx_RQB-ykwQ9-i_r1gIiwwgqKVCX9murv1hm44cLNugMmgTp93Xf4sAhlk5zmOGFaazCKjYKwrd1WxqcduQE_-zNRuj2HlBKl1DRc5678mOFvWB-YqxXhH4oa-On8LvEHeGelVTVLl455lyNQK7yYDZUPeV2Sh0UmefNrg_uCin4izAQaIzrFUDDo0dMbZRQAW0nRP_o5UpgYUaUOELmTa8p5gwI91zEjDGSw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C7BF 0
28 B 50ms
50ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJdEIYbQUY66lEoq-x_AP8bO7oAEAAAAAOAHgBAI&bg=!d3SldDDNAAZTikH4c4o7ACkAdvg8Wv0ms7tOpY7d5oTPh5dPbLO2GLZ1Z8sI8-YwL2oTiAGgR9Fj1AIAAAR2UgAAAAFoAQeZAtOWPfCJ-1d8tQATNS8l-rCq32BwlrAtxZ_eOH21qqmbB_WVTRgVSgQWKmya3Zc4G_Dn8su9tfXpBoVCDR3SKc5m7UrC6U8z84aOY3uj5oz3QfBjvq5Jtymvr09yErr-bD71YqzLeuuMS97RrEbIV9p8ajCr5m2E4pNmdgV0W4EwdhudzrOBnNUPClRnLvRq0mbYaixlLoFxIDDHfgGTKepHwC8E5KDxEa4lpI9FAeLYC-X2Zk7QS01s3NvQusqKmhPprsJsbMsca-vH5MwSFINjFUILhSdNBR56ksv_KklfBaVGT8NshS77-7vgEtNQbIJItE1uM_gKJM9buYou1XT7c7dEIJE3dMRmA_Jvp-ioOzU5Mk5pugWsVRhiAnUbV3mUw2QS7SxZ2yDNAArmc5Lins61-N8-uUPQiGlGvbr1EhzwzH0EuMEptEe0QG5ji_p-5sXhxk99w9Gz8-5j5ggt5r5RPXmJdHIRZNArwpcd5IPMKk_9e-ShLnDHgVSdIBIRg8RwCIX_j58gN6tqq9GRpxjrXexsOU1S3iaGSENrRtzCwdcrMWs3DVwRqOOgAN8QkG88RDOi88yRXbh-jtVBLvnJup_k_xM4cpbUzaTh_03dJRB-7UAUXZ_c5l8NOqB3LRbf1ZbK1trop8M-fAj8UvwgKOZV0n6-iDyKOYvfh7IPVVqMRaiuZdoVyMmsi4SQ1hXBU48xZyNg_Ri5Mm8-f0_IMWKM7oM0YGpKb4K7Jr9UncbPJsHDHBYe0u5nVldLJjxAY9UytyYc6wpw-SkEuSSkUL_WoHLfnqMl9nePHOYWf07QSGVxEg1NcDMtrbC-4scRuz3v0PV3mW4E2GaaObPe13NIjlinKStSAvp_ByuN-u0CQxAB1UBfuyTjpv-5dIO1XPjeLODBKTAnu5YGt1jzvHS5jKxdovvLZ5SVG_L1th82Sf8_d6oqyD6yCErwxzM

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4040 0
12 B 20ms
19ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?NWhGXg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H/1.1 200
OK postback Show response
s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/ Frame 312C 0
145 B 35ms
35ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/postback?dt=2255451533761563475000&di=https%3A%2F%2Fearnme.club%2F&md=1&gt=DE&c1=ams3&c2=0&ti=3389830757012732483&pv=35ba5be0-24f5-4a06-81f4-628fd2410efb&ac=11493887&cr=215907859&ci=225545&ui=2928211502789460109&sr=10264&pp=2180927&to=3&pc=26730095&pd=avt&ap=&de=2&dm=300x250&cb=1186271738&sid=AX3pSZ8QEeV9kQZs&oz_sc=943bd6bae59cd1052b5f9918&oz_df=1662301286622&oz_l=154&cv=3
Requested by: Host: s.update.ib.adnxs.net
URL: https://s.update.ib.adnxs.net/2/2.67.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 04 Sep 2022 14:21:25 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 get
choices.trustarc.com/ Frame 01F0 287 B
628 B 7ms
7ms Image
image/png 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=87880815&js=pmw2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-100.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: public
date: Wed, 17 Aug 2022 02:15:42 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
server: nginx
age: 1598744
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 287
x-amz-cf-id: j6N8_RHKO41fS23Cz2SmkFJLvrRozLePJcgQTYvQrdlPle0h-KYuKA==
expires: Fri, 16 Sep 2022 02:15:42 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 01F0 739 B
1 KB 8ms
8ms Image
image/png 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tr.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-100.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: public
date: Sun, 21 Aug 2022 04:20:45 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
server: nginx
age: 1245641
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 739
x-amz-cf-id: ejERpYWofh8MLWt-VpdD9qOyRh8YYrc6VpR_jlVFYS1pS1DMca_B5Q==
expires: Tue, 20 Sep 2022 04:20:45 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 62B4 287 B
629 B 9ms
9ms Image
image/png 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=788328540&js=pmw2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-100.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: public
date: Wed, 17 Aug 2022 02:15:42 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
server: nginx
age: 1598744
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 287
x-amz-cf-id: x8-FBje-sD469uANq_xazY8M1LsQPPWbWEwW_JgPH5jF8kUGH-CXIw==
expires: Fri, 16 Sep 2022 02:15:42 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 62B4 739 B
1 KB 9ms
9ms Image
image/png 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=788328540&js=pmw2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-100.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: public
date: Sun, 21 Aug 2022 04:20:45 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
server: nginx
age: 1245641
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 739
x-amz-cf-id: Lz2rGQWNFKH2JpmCOv5VD3My1Xp4PZYSh3mvUnbQ3KxjkyaJuu-i7g==
expires: Tue, 20 Sep 2022 04:20:45 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 424A 0
0 46ms
46ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022083001&jk=3900837087679291&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

GET
H3 200 JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js Show response
pagead2.googlesyndication.com/bg/ Frame 7B15 36 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JI0Pcydj_YJwFyiv8pAtPmsHnnPx6gDBxLt0n0XpIm8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 13:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15957
x-xss-protection: 0
last-modified: Mon, 29 Aug 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Sep 2023 13:02:46 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2606 0
28 B 50ms
50ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1t5QYrQUY4K1Hf6B7_UPl4myoAMAAAAAOAHgBAI&bg=!JSalJmLNAAZTikH4c4o7ACkAdvg8WiTl2C5FItXxVjCODTvMhYV9kB8ygIbo12oaDVq7-LDD7W6JigIAAAKqUgAAAAJoAQcKAGza7xIo1-VKDWhT6pIkg59r5lCBDXYWaER8D-_2t9lG-GrYkeVbETDkdgZd1xyFlvMbU9JW30slLUe2JycMB43Kt8XfQ_L0KceqUDemQ9gg2SX6lfHce28wMhj4ndoQfznSZsIu4icSDcmfmp2ZAtEAYwC7TjcJpq-Ui3wpMmqnS0rVp0LauHOkYmvW4wmoTf-zgNC03QcVzqpr62HKrub2AV7f4rpC1jn6FBej3AzZ7Zqcd7eR0r61zGIkqr_11KEvKYWl5JSLkGG1aLXQVCDjr2L7qsiJSOBTawZShoIk8laeRZg3uow5HpcCK37aFdxTCwqBPjnvUT0Nwq3zsXM6PkGsR7794EBwHT8ac9L-ZXCwhOQgVbAHKfrgsc13pmCy06l_iZj1d198VPPRkgF-DxrEdy490NvGpkrXfalls6WKn-7NlaF9InXuANjnzW-nTviAxhW6mJIhxIgWSBgFafHZoAJ_btUuZMgZqTciJc724m2juCDl0yiH6vvdDjuOR-OWPD-dh7gl9o0tnnolGhuvoUCt03YSoCiIOTNlaEN4tmmcYV7YHu4PtH1amZA2Wa7j4mTHVPtJWteXMrLaqA7VBEZgok28PxvbY_kGNvFuCxcUJ2inP2NLC3aXagtDhXF97YBIu1SIqdlQThwAOFO72OQYjecERJemUTYm8n0IZazSQAtsfPvNc0cpHRWJfDHZ0TtPaYfGMgkx2KEj_WMDI3oAaie8D60fMIRpIh__8H4dMoHu08A1jRwe6AbcVvyu273CEnYhODC7eMKmObggvroaYYUWVdkuZVRVqlnX9EDKM9epVQrBuNXlaWlApHKPXWnSGiWDKo47V1bXgAt8Dbx1ZZzkrl33bhxiTH5d-bo8YtZNc-r5aYKBKoOidHI7nFbTo4vT-QUO9n9-awTVqTGlcQ1BwjPYYyX1OtxJA_yiluwEF3nhmALFuakjXkiRWZIu8ePWt84aQCiiXchWG_-Ls310tX-jLGL_KdizEOJJ08eFgovsm7Vs2_EgyfWMRW-Lqdi39ZpupLOPpR7sjmPuvXHGS-PMeK4iAxrdhqNUhNcey14JC_C2q0NeC_actK8AJ_Ez7CL7Iwsn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 60E3 6 KB
3 KB 105ms
105ms Script
text/javascript 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=1922545901&js=pmw1&base=te-clr1-ae2246a1-4eff-4553-bd87-eb908dea6fe1

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

0f6e3736f7b2d2088e5c45e56c8f1ee07a0fe5ab72af64b080f7e07346f281b0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
content-length: 2332
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: 19350X_TnRra9S3RENqz61PEf14Y5STJA_11FLEiisqKDg1MG7i4wA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 60E3 38 KB
12 KB 106ms
105ms Script
text/javascript 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=1922545901&js=pmw2

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: 1IxcE1HzcehCP8kRZqBxFKFEymt0KFM8_otAD6BXnEtHvzcRLOYOgA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 60E3 43 B
1 KB 104ms
104ms Image
image/gif 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=sojern02_d&pid=sojern01&cid=0&w=300&h=250&c=eae0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: esajqZ6wrPYQxu1AfyHj9u0htrBGJo6moqmGurXW9MLRLYdenIo2NQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 60E3 6 KB
3 KB 115ms
115ms Script
text/javascript 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=25307397&js=st_1&sz=300x250&c=te-fb55

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d8d95d02b6ff0d66aa8d0802a31292146a40d23fe5a466c635e1ef7580fa5e6b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
content-length: 2246
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: xeEJWvu7mnKtiFzv6BdaWD4sYKbmj-H1JdFUyGB0LylTvXTCpg2cdw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ca Show response
choices.trustarc.com/ Frame 60E3 38 KB
12 KB 11ms
10ms Script
text/javascript 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=25307397&js=st_2

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 21:52:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59355
cross-origin-embedder-policy: unsafe-none
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=UTF-8
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: yVPAnwJYpuPscHaxa9n4R1QsYufwkEI3Y2GGX0NNYvbxSKWPnujiRw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cap
choices.trustarc.com/ Frame 60E3 43 B
1 KB 115ms
115ms Image
image/gif 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://choices.trustarc.com/cap?aid=sojern02&pid=sojern01&cid=25307397&w=300&h=250&c=dec5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-100.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P3
cross-origin-embedder-policy: unsafe-none
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
vary: Origin
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: origin
server: nginx
cross-origin-opener-policy: unsafe-none
x-frame-options: SAMEORIGIN
expect-ct: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: geolocation=(), microphone=(), payment=()
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id: 8m2YPlVljlph0C8ZUtmbFNe4MX1HDy7RP4AaNkAdm2Z9-UkjRoQLHA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/ Frame 312C 0
145 B 32ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/postback?dt=2255451533761563475000&di=https%3A%2F%2Fearnme.club%2F&md=1&gt=DE&c1=ams3&c2=0&ti=3389830757012732483&pv=35ba5be0-24f5-4a06-81f4-628fd2410efb&ac=11493887&cr=215907859&ci=225545&ui=2928211502789460109&sr=10264&pp=2180927&to=3&pc=26730095&pd=avt&ap=&de=2&dm=300x250&cb=1186271738&sid=AX3pSZ8QEeV9kQZs&oz_sc=943bd6bae59cd1052b5f9918&oz_df=1662301286874&oz_l=59&cv=3
Requested by: Host: s.update.ib.adnxs.net
URL: https://s.update.ib.adnxs.net/2/2.67.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 04 Sep 2022 14:21:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7B15 0
12 B 14ms
13ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JrouUA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:26 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 get
choices.trustarc.com/ Frame CDB1 287 B
629 B 7ms
7ms Image
image/png 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=25209229&js=st_2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-100.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: public
date: Wed, 17 Aug 2022 02:15:42 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
server: nginx
age: 1598744
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 287
x-amz-cf-id: Ny0xlNY0mCrpPR4qhkGRyQS8zrfvkR_0y0w-T-8S4boHmjJS8fGMNg==
expires: Fri, 16 Sep 2022 02:15:42 GMT

GET
H2 200 get
choices.trustarc.com/ Frame CDB1 739 B
1 KB 8ms
7ms Image
image/png 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=25209229&js=st_2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-100.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: public
date: Sun, 21 Aug 2022 04:20:45 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
server: nginx
age: 1245641
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 739
x-amz-cf-id: 2U5ilvYx6RCRDP4pdeep8g24VIgKUV7mU4JkQJrRqGHAoDu21VMwrw==
expires: Tue, 20 Sep 2022 04:20:45 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 2E58 287 B
629 B 7ms
7ms Image
image/png 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=25247223&js=st_2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-100.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: public
date: Wed, 17 Aug 2022 02:15:42 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
server: nginx
age: 1598744
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 287
x-amz-cf-id: jlBYHRlm4u1CHHlM5MPm3ePCMhZDFwaluQvTxcCjyyQo14Fk2-J8qA==
expires: Fri, 16 Sep 2022 02:15:42 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 2E58 739 B
1 KB 7ms
7ms Image
image/png 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by: Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=sojern02&pid=sojern01&cid=25247223&js=st_2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-100.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: public
date: Sun, 21 Aug 2022 04:20:45 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
server: nginx
age: 1245641
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 739
x-amz-cf-id: mG4IcjqukAlhByKk_pRqOuPjfGWwlG73gdkZwWxxKM0NMHW9lMsbWA==
expires: Tue, 20 Sep 2022 04:20:45 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 60E3 287 B
628 B 7ms
7ms Image
image/png 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-100.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: public
date: Wed, 17 Aug 2022 02:15:42 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
server: nginx
age: 1598744
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 287
x-amz-cf-id: NRD4VOgQyEThjeSGcY33bv5KwKoMnBj2ofEqpZQ1Rr0I65UfGt6rVw==
expires: Fri, 16 Sep 2022 02:15:42 GMT

POST
H/1.1 200
OK postback Show response
s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/ Frame 312C 0
145 B 32ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/postback?dt=2255451533761563475000&di=https%3A%2F%2Fearnme.club%2F&md=1&gt=DE&c1=ams3&c2=0&ti=3389830757012732483&pv=35ba5be0-24f5-4a06-81f4-628fd2410efb&ac=11493887&cr=215907859&ci=225545&ui=2928211502789460109&sr=10264&pp=2180927&to=3&pc=26730095&pd=avt&ap=&de=2&dm=300x250&cb=1186271738&sid=AX3pSZ8QEeV9kQZs&oz_sc=943bd6bae59cd1052b5f9918&oz_df=1662301287033&oz_l=383&cv=3
Requested by: Host: s.update.ib.adnxs.net
URL: https://s.update.ib.adnxs.net/2/2.67.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 04 Sep 2022 14:21:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H2 200 get
choices.trustarc.com/ Frame 22C1 287 B
629 B 7ms
7ms Image
image/png 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-100.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: public
date: Wed, 17 Aug 2022 02:15:42 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
server: nginx
age: 1598745
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 287
x-amz-cf-id: EYHdW5EewXRvCxJwbuM-x9FlaI-iHbZDG5547-9FMJMFrDgKv9o2OA==
expires: Fri, 16 Sep 2022 02:15:42 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 22C1 739 B
1 KB 7ms
7ms Image
image/png 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-100.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: public
date: Sun, 21 Aug 2022 04:20:45 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
server: nginx
age: 1245642
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 739
x-amz-cf-id: 3ZYHF5fbVsm5RPp4sFPlS6FUcHav9KWc5lQKmFZDIH8TleqnJbMhgg==
expires: Tue, 20 Sep 2022 04:20:45 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 7DEE 287 B
628 B 8ms
8ms Image
image/png 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-100.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: public
date: Wed, 17 Aug 2022 02:15:42 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
server: nginx
age: 1598745
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 287
x-amz-cf-id: Lw2VyPlXGqw3De1fnoA9UE9T93bdknkbj0-GqMVqMA4ETvb3qoH0TA==
expires: Fri, 16 Sep 2022 02:15:42 GMT

GET
H2 200 get
choices.trustarc.com/ Frame 7DEE 739 B
1 KB 8ms
7ms Image
image/png 52.222.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by: Host: earnme.club
URL: http://earnme.club/safe2.php?link=v3nahJc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-100.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: public
date: Sun, 21 Aug 2022 04:20:45 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
server: nginx
age: 1245642
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P3
timing-allow-origin: *
content-length: 739
x-amz-cf-id: Sjbu65xZ-KC77-cmLLA-ewyNEVLx1N_IrNQ5x5jvCE4dKU40DXT9Zw==
expires: Tue, 20 Sep 2022 04:20:45 GMT

GET
BLOB 200
OK 7bf8d38e-d122-4f41-8b10-a7c45e772152
https://flashnetic.com/ Frame 312C 787 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://flashnetic.com/7bf8d38e-d122-4f41-8b10-a7c45e772152
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4afe2a8fa310b16be0bd41d2405ded9dd74641d5f258f27227982b880db89568

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Length: 787

POST
H/1.1 200
OK postback Show response
s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/ Frame 312C 0
145 B 32ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/postback?dt=2255451533761563475000&di=https%3A%2F%2Fearnme.club%2F&md=1&gt=DE&c1=ams3&c2=0&ti=3389830757012732483&pv=35ba5be0-24f5-4a06-81f4-628fd2410efb&ac=11493887&cr=215907859&ci=225545&ui=2928211502789460109&sr=10264&pp=2180927&to=3&pc=26730095&pd=avt&ap=&de=2&dm=300x250&cb=1186271738&sid=AX3pSZ8QEeV9kQZs&oz_sc=943bd6bae59cd1052b5f9918&oz_df=1662301287205&oz_l=352&cv=3
Requested by: Host: s.update.ib.adnxs.net
URL: https://s.update.ib.adnxs.net/2/2.67.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 04 Sep 2022 14:21:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4703 0
0 52ms
52ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220831&jk=68508337944220&bg=!d3SldDDNAAZTikH4c4o7ACkAdvg8Ws30UAvDE4NiB2-rJpAvkjk-WIb-vszfgUObudP3y0ux6Ts9ngIAAAJjUgAAAAFoAQcKALV4IKnr-HZ76d5qF634sH39RydN5XXPsUkUVa9Xwq3Oi17ZhQ7gitTNVb_ImIb5O2wxaT0EyS55sGEhhNGHAPAfwpwlgSryGWbKP0k4lqGsqSd_Yl0U2cgvbmZ1lZkKnMz3z4EYD6oc-AmgxRCDU8KYACE-rwqrIbwKPg8mrMeNWmMLJeeCOIvYe3Hu7VDpATSqSix46s3AmbUVleyCxNbfLfuGMvmmYkVBX8F76W9FbV0o6nOvmQLFOb13vucqdk_OOkyjjnK1wJxy9yK8M3pjjKzVEtdf-27KV2cBZm_Aw7CGmhn4Lr-YRUMb2pXV-lzQldCt-ENH3D7kzqyBQ8Gvnfp-8OU2Y4Si5og-wui75KAVrTJUY5Wiqzme49tFe-tGlUsOVnkbhzshrM9hhqhMSK8nV2siQiFQWB1R8lfZQf0n2YoCcmqp9K7z6VghSZaypjPUWme2scJEXXDp7LbkPITX8QxEok4N1M5V2mOQX4ZVBMKlfo-RgaunuBbliGe7PLTMuAKPH9OJCsRqPOcOGxHBbheQMy_dUA-T_mAHTARQKNQHN0-0e_ZtlqrZVVDlQphqM9HYmSh3metjPIqqrK1meIOGrGqhxyejWngLKcJaBhiJ85ZeH8yUIrey8Brup7W8QORbnO-5Ad6qRn_YO-jF-U0dwZ_YJjfKRlerOoLZROjXL4uCLruu1fJ5BcqvtJvybpH-OEE7STUjqT5llZeSiog_qaWfIPWzTZMcC6NTYm4gagEH7rnAZMCS34jAxZhsrpmVitBNwJS-hz63vwmDeLSM3wInVJP5IadLXZSTgfa2Q9QApcTZ-yiFzUb6-YgeHLNrQLMHYPEpUmLweF0eOZV9JpV-lVqbl1ZPtxzdvA0nNSbhI8T-BdV3ISz2c3oNlb-OtTwi9_H1fyCm9tbiGizBjh5Yw5wUssQ2tGy7YyGV-Zkl-Jsl3FwSMtvRXmG4z1LPry3Ir786i726diQnchKWHEgyEC3iYtUAlayWpQONovztzt9SxqoNpwCktr0Z22IE8USWafFc0xsYyE3W1hGeQ0wc9JkFzRr-7whsy_5l8K_M75LmE5U9QL8BYbadr6IflEUGNBsOFum5mEKIP1ChTeJUsawKitZeMNv5GEkv0oQnLbpwpNObxezSsQEl0BNpTPa6JxcRwGMby52hQiSMauh3YjXOuw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

POST
H/1.1 200
OK postback Show response
s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/ Frame 312C 0
145 B 70ms
69ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/postback?dt=2255451533761563475000&di=https%3A%2F%2Fearnme.club%2F&md=1&gt=DE&c1=ams3&c2=0&ti=3389830757012732483&pv=35ba5be0-24f5-4a06-81f4-628fd2410efb&ac=11493887&cr=215907859&ci=225545&ui=2928211502789460109&sr=10264&pp=2180927&to=3&pc=26730095&pd=avt&ap=&de=2&dm=300x250&cb=1186271738&sid=AX3pSZ8QEeV9kQZs&oz_sc=943bd6bae59cd1052b5f9918&oz_df=1662301287377&oz_l=21569&cv=3
Requested by: Host: s.update.ib.adnxs.net
URL: https://s.update.ib.adnxs.net/2/2.67.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 04 Sep 2022 14:21:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022083001&jk=3900837087679291&bg=!Hh2lHVnNAAZTikH4c4o7ACkAdvg8Wk-QGtbon6j2DiVilqwFk6OrZXU8m1N_8a7l3W4HAAtLUDk5mQIAAACTUgAAAAFoAQcKAOHjkL4-Q7QDsdL0zkW9xZrppxha34DBi35zsD7cB4OSc66iuepDYy3N9k0kAl0O6FJqGkAJkPg_5s4duu2Rqd2LFr6lAe3p24Yqls4gPXevTJGo7EZcrfYbF0zxSgLRg3XYk4Bf08nskfV6LN-nstyi1DGkn3sNYKTAVao8ejvEv4e31Qeqb3_MNQ9Ym21qIXpIJ4EzI1Q2uww6cJPFwJB4RnLVxt6G9uYgBmFvX-gSgRbTLWOn9pq5SbEt9qvE0_KBB1vfQV7cd3ZW61vNHkcdcHe-_I0FmHupulggqoXZ_VCZAp4z3-XipLTXHhp5dps5GQGV4kpBJbGZsdXWgIsMnPDWnTGjxpcvLw3u5l0WcwohvF3r7yd7-Wul61uUzdKpikeO4ocIQ7pcmFKWSE4qlB7-M1RknJPlzpicYeRPxv7vDDCXEhG_uIgNPhh7iLdPS6GJB97hCTJfukhljZ01chlObeUP-tfkNuoDYro7MEmI_Gc8Hwv9o5u5wg0z8vzbjGIueWYdIauJq2SqZrOvLs6OfOyn0X5FCYWeK-kSv1MgKfJcNVcBtF2H6bpWHq-l5LaDstwyFnkDIxUzWFw12TBX1VEh8bnvNm-_W0-8tO6wVM6Q2cVQ61X6wdTwS2Blo2LciL9p7hkPxy4Fhy0Anzln28hGN4PNnTJoftu2O2sCqvsWIeZ0Az9GEGF2hnbCUKeRWBqYpkz0evJeJI-2MVNAN_LQuaf57fbJdM4cBuck0aVCgo9YTRyyGwW5W9JLB-LhZnhLxacYWi25q4bIfXwzK7iCTQgl__SzL8KcqLTzLjVxGWF6PdiecVpaXvZ-Z64XOG2tCFAhSlnJ16ZuDj11YAMssFqH-d_ufaN-FhiJu0RQ4CIJ3XXqAjaT8liHGjzDuqd96yRpN2BL56DmtrOFJCTh6Ha1syCSF7PFDGrC4dy6aMjMcD92TUEFGU0gJv7lrHXXwkOb6hAaEhw3TNNFI1PEuE9hXtKuxrOoAPtCKm-oY0PRG7qTLLnhSZGYHUpfaRoLL2XWMiUT9mRGQNj_RfeVJm4FGvR-ziNXXySjArjdwbtj-1ZOgfiAn404O3fkA8EjvhQ3L4g06lNVt6I_xZY8gT61hjOF5tD9vVn3PuMY-YVkXgNcpZ-HOF70mcnUundPRJu7RrBniUZOrQXR0_62-V0Dz3kYVZoST-LR
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://earnme.club/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

POST
H/1.1 200
OK postback Show response
s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/ Frame 312C 0
145 B 33ms
32ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/postback?dt=2255451533761563475000&di=https%3A%2F%2Fearnme.club%2F&md=1&gt=DE&c1=ams3&c2=0&ti=3389830757012732483&pv=35ba5be0-24f5-4a06-81f4-628fd2410efb&ac=11493887&cr=215907859&ci=225545&ui=2928211502789460109&sr=10264&pp=2180927&to=3&pc=26730095&pd=avt&ap=&de=2&dm=300x250&cb=1186271738&sid=AX3pSZ8QEeV9kQZs&oz_sc=943bd6bae59cd1052b5f9918&oz_df=1662301287549&oz_l=963&cv=3
Requested by: Host: s.update.ib.adnxs.net
URL: https://s.update.ib.adnxs.net/2/2.67.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 04 Sep 2022 14:21:26 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 Tuitype-Bold.woff
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 90E9 32 KB
32 KB 22ms
22ms Font
font/woff 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/Tuitype-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/fonts.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 17:34:59 GMT
x-content-type-options: nosniff
age: 333988
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33164
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 17:34:59 GMT

GET
H3 200 Tuitype-Regular.woff
s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/ Frame 90E9 32 KB
32 KB 20ms
20ms Font
font/woff 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/Tuitype-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16046623051478990848/300x250-Live_Happy/fonts.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 17:34:59 GMT
x-content-type-options: nosniff
age: 333988
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32792
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:32 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 17:34:59 GMT

GET
H3 200 16e2073035968668e0268512ee5031a5.jpg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 8157 17 KB
17 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/16e2073035968668e0268512ee5031a5.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfd1106b87f96ff783e71e722d5ea8cd707006bca6b293d2860c20e03cf864e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:30:24 GMT
x-content-type-options: nosniff
age: 337864
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17252
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 16:30:24 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF8A 43 B
215 B 180ms
180ms Image
image/gif 2600:1f13:800:7782:2ffd:4913:b6c3:d37a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1127614&asId=ee64977a-7d66-d271-f929-fbee132e10df&tv=%7Bc:nfUaU2,pingTime:5,time:7142,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:28%7D,%7Br:r,w:728,h:90,t:627%7D,%7Bpiv:100,vs:i,r:,t:2141%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:2141,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2137~0,0~100%5D,as:%5B622~0.0,1515~728.90%5D%7D%7D,%7Bsl:i,t:2141,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:582,fm:tgtwLOY+11%7C121.886862-62195780%7C1211%7C122%7C123%7C1311%7C1411%7C1412%7C1511%7C1512%7C1611%7C1612%7C1711%7C1712%7C1811%7C1911%7C1912%7C1a11%7C1b11%7C1b12%7C1b2%7C1b3%7C1c11%7C1c12%7C1d11%7C1d12%7C1e11%7C1e12%7C1f11%7C1f12%7C1g11%7C1g12%7C1h1%7C1i1%7C1j11%7C1j2%7C1j3%7C1k1%7C1l11%7C1m11%7C1m12%7C1n11%7C1n12%7C1o11%7C1p11%7C1p12%7C1q11%7C1q12%7C1r11%7C1s%7C1t*.1127614-65017073%7C1t1%7C1u1%7C1u2%7C1v1%7C1v2%7C1w%7C1x1%7C1y1%7C1y2%7C1z%7C1101%7C11111%7C112%7C113%7C114%7C115%7C116,idMap:1t*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:28 GMT
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 16e2073035968668e0268512ee5031a5.jpg
s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame 986C 17 KB
17 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2753383143326280557/media/16e2073035968668e0268512ee5031a5.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfd1106b87f96ff783e71e722d5ea8cd707006bca6b293d2860c20e03cf864e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Wed, 31 Aug 2022 16:30:24 GMT
x-content-type-options: nosniff
age: 337864
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17252
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 16:20:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 31 Aug 2023 16:30:24 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame BF8A 43 B
215 B 179ms
178ms Image
image/gif 2600:1f13:800:7782:2ffd:4913:b6c3:d37a
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1127614&asId=ee64977a-7d66-d271-f929-fbee132e10df&tv=%7Bc:nfUaVV,pingTime:5,time:7259,type:p,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:28%7D,%7Br:r,w:728,h:90,t:627%7D,%7Bpiv:100,vs:i,r:,t:2141%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5118,o:2141,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:28,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2137~0,0~100%5D,as:%5B622~0.0,1515~728.90%5D%7D%7D,%7Bsl:i,t:2141,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5117~100%5D,as:%5B5117~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:582,fm:tgtwLOY+11%7C121.886862-62195780%7C1211%7C122%7C123%7C1311%7C1411%7C1412%7C1511%7C1512%7C1611%7C1612%7C1711%7C1712%7C1811%7C1911%7C1912%7C1a11%7C1b11%7C1b12%7C1b2%7C1b3%7C1c11%7C1c12%7C1d11%7C1d12%7C1e11%7C1e12%7C1f11%7C1f12%7C1g11%7C1g12%7C1h1%7C1i1%7C1j11%7C1j2%7C1j3%7C1k1%7C1l11%7C1m11%7C1m12%7C1n11%7C1n12%7C1o11%7C1p11%7C1p12%7C1q11%7C1q12%7C1r11%7C1s%7C1t*.1127614-65017073%7C1t1%7C1u1%7C1u2%7C1v1%7C1v2%7C1w%7C1x1%7C1y1%7C1y2%7C1z%7C1101%7C11111%7C112%7C113%7C114%7C115%7C116,idMap:1t*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:2ffd:4913:b6c3:d37a Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:28 GMT
x-server-name: dt21.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 1EB2 87 KB
28 KB 246ms
246ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 0826 87 KB
28 KB 288ms
288ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 7164 87 KB
28 KB 347ms
346ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame AECC 87 KB
28 KB 470ms
470ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 2787 87 KB
28 KB 505ms
504ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 9B1B 87 KB
28 KB 551ms
551ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame BBAF 87 KB
28 KB 599ms
599ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 2ACE 87 KB
28 KB 524ms
523ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 60F4 87 KB
28 KB 526ms
525ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 7966 87 KB
28 KB 555ms
554ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0D22 15 KB
6 KB 16ms
16ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 1565429
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 1EB2 87 KB
28 KB 340ms
339ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 00:22:08 GMT
server: nginx
etag: W/"63041db0-15cdc"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame A3C4 87 KB
28 KB 582ms
582ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 1FE3 87 KB
28 KB 640ms
640ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0D22
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=0&topUrl=earnme.club&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=RTGav3xPRlZGOTVLWVJPMUFDVkdMcm9abFBBL2Qrbmp6MTQxdmpCVEhHWHdXNDI4eVY5MDRZTFpNUGt6bGNkOHEvSEVhcncyZEpUVjIrOS9zTm8zK3c5ZjBpVzkxcVVra0FGeHhIMlpjRk54M2h2QTU1amwwVXFsY3NzQm...

433 B
648 B

17ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=RTGav3xPRlZGOTVLWVJPMUFDVkdMcm9abFBBL2Qrbmp6MTQxdmpCVEhHWHdXNDI4eVY5MDRZTFpNUGt6bGNkOHEvSEVhcncyZEpUVjIrOS9zTm8zK3c5ZjBpVzkxcVVra0FGeHhIMlpjRk54M2h2QTU1amwwVXFsY3NzQm03bVcwdENMZk9rMjZnVU5Wckxoc25Ta2ZXdEdTRzFwQUQzdUlwc1lLN3RkS1BLMlA2YVIvRmtJT0N5WjFnc2dLYU9QVmRIRkhSR2h5dE1jYVVxTG5Qb2RSRDl3QVVrd21QcFFBV1NIamNUVGhxbjJ1NEV4Y3JCejZiWnFEc2FDUzY5SnVVeTcxMXhlaHAybnVxbTd1MW90SVFJWDJzYkdjUUlJU3BSTFJFMDJjYzFiZVpLUT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3e5d56fdc6da430731e3757af7d9e1dbcd03ba431c640c6480f1d7600a0cdd28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:28 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1627362
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=RTGav3xPRlZGOTVLWVJPMUFDVkdMcm9abFBBL2Qrbmp6MTQxdmpCVEhHWHdXNDI4eVY5MDRZTFpNUGt6bGNkOHEvSEVhcncyZEpUVjIrOS9zTm8zK3c5ZjBpVzkxcVVra0FGeHhIMlpjRk54M2h2QTU1amwwVXFsY3NzQm03bVcwdENMZk9rMjZnVU5Wckxoc25Ta2ZXdEdTRzFwQUQzdUlwc1lLN3RkS1BLMlA2YVIvRmtJT0N5WjFnc2dLYU9QVmRIRkhSR2h5dE1jYVVxTG5Qb2RSRDl3QVVrd21QcFFBV1NIamNUVGhxbjJ1NEV4Y3JCejZiWnFEc2FDUzY5SnVVeTcxMXhlaHAybnVxbTd1MW90SVFJWDJzYkdjUUlJU3BSTFJFMDJjYzFiZVpLUT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 657257
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CF87 15 KB
6 KB 15ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 1796951
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 0826 87 KB
28 KB 348ms
348ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 00:22:08 GMT
server: nginx
etag: W/"63041db0-15cdc"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame D129 87 KB
28 KB 602ms
601ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 32B9 87 KB
28 KB 623ms
623ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame CF87
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=0&topUrl=earnme.club&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=0jO4k3wzdDJQZGg2NWlQSjJwOGR3L1p0Njl1cjFRZjlSaTdaNnorTnBFVnAzK1plaEl4SHFRUFRHNGQ1WVNVSjZmUHpNQTRPWnhFbVpQdzdwdzRYT29nR0ltTldKcEs4cUJHYzg3bytlNzRCQmx2RUFRR1AwZWdMZVowK2...

419 B
647 B

23ms
23ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=0jO4k3wzdDJQZGg2NWlQSjJwOGR3L1p0Njl1cjFRZjlSaTdaNnorTnBFVnAzK1plaEl4SHFRUFRHNGQ1WVNVSjZmUHpNQTRPWnhFbVpQdzdwdzRYT29nR0ltTldKcEs4cUJHYzg3bytlNzRCQmx2RUFRR1AwZWdMZVowK2o2UWEwNFZBMmN3NkdtTVRNRC9maHQrczRpdmVOK2dveFF0SGNMUkZLaFpaNjFIYWRBZDY3ak54T29jR0hpU0hGcFZXUzBNdzd3aFRPbHcrNnRtd2lZRmpjbjdlVGExRDhCMWl4ZjZlTExKM0tzRTY4VkpoZllLRndEZmF0d05oZTRWT25QWmlpbE83Z3RuWE4rWEJ6MjJPSzIwYSt6SXZadUhZRk1ScUpUSWJabTJuNnQ2az18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6f784b3582e84a3eb9165d50e3e57be3506183ed8cffdaaaccc76dc6c4a37dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2119065
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=0jO4k3wzdDJQZGg2NWlQSjJwOGR3L1p0Njl1cjFRZjlSaTdaNnorTnBFVnAzK1plaEl4SHFRUFRHNGQ1WVNVSjZmUHpNQTRPWnhFbVpQdzdwdzRYT29nR0ltTldKcEs4cUJHYzg3bytlNzRCQmx2RUFRR1AwZWdMZVowK2o2UWEwNFZBMmN3NkdtTVRNRC9maHQrczRpdmVOK2dveFF0SGNMUkZLaFpaNjFIYWRBZDY3ak54T29jR0hpU0hGcFZXUzBNdzd3aFRPbHcrNnRtd2lZRmpjbjdlVGExRDhCMWl4ZjZlTExKM0tzRTY4VkpoZllLRndEZmF0d05oZTRWT25QWmlpbE83Z3RuWE4rWEJ6MjJPSzIwYSt6SXZadUhZRk1ScUpUSWJabTJuNnQ2az18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 903700
content-length: 0
expires: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame EFD0 87 KB
28 KB 632ms
632ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame C4F6 87 KB
28 KB 649ms
649ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 25CF 87 KB
28 KB 657ms
657ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 6CF5 87 KB
28 KB 626ms
626ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame B9F2 87 KB
28 KB 609ms
609ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B728 15 KB
6 KB 28ms
27ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 8429199
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 7164 87 KB
28 KB 313ms
313ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 00:22:08 GMT
server: nginx
etag: W/"63041db0-15cdc"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 7CB1 87 KB
28 KB 621ms
621ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame B728
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=KVSR-19UUHF0Zk01eERuQjdZMVZFQ1UwSUoyYmQ0NzBObWZ4a0JHTzhEWkg4bzRWcFRmUXFEZ...
https://mug.criteo.com/sid?cpp=WI6FVnx4T3gxdEFPZ2lvT2pFQTVmV3pMWWZTcmJzU1pMYWY5N3AzOC9CT0NNYkRpMEg2N0F5K2lqVGo4VXJpMUV3UmhjR2s0ZUcveGZqWXduV2p5STFmdjJyVXJSdGJoSTE5K25CVkNaZDduQThGY04zblkzREtkeUpsem...

438 B
655 B

17ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=WI6FVnx4T3gxdEFPZ2lvT2pFQTVmV3pMWWZTcmJzU1pMYWY5N3AzOC9CT0NNYkRpMEg2N0F5K2lqVGo4VXJpMUV3UmhjR2s0ZUcveGZqWXduV2p5STFmdjJyVXJSdGJoSTE5K25CVkNaZDduQThGY04zblkzREtkeUpsemVQNTlERy9wdFN5Qm4vNWJnY2VYTExCK1hQaExlUzdUMUg3ZFJrRU1MMm1VUzlySEZ4bjVYcmxSSnhNWFNjckFXWDYzVlUxbzdtc0k1S3JacFNaODZ1TWhaSXhORnplbytJTUVsZXBLcnNpY3NaTEl0djJVYlR6ZEJ1SXUyM2oyUVUrWGlsZDBDaTdlS0xMajNCVjNwOXpqajl0VW1UZWNMbUo5TVhqTklGeWovMC9JWUJSTT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b701653a04d8ad9e810f1c9901ea83485244fa892cc43926e3342609434df41e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:28 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2146684
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=WI6FVnx4T3gxdEFPZ2lvT2pFQTVmV3pMWWZTcmJzU1pMYWY5N3AzOC9CT0NNYkRpMEg2N0F5K2lqVGo4VXJpMUV3UmhjR2s0ZUcveGZqWXduV2p5STFmdjJyVXJSdGJoSTE5K25CVkNaZDduQThGY04zblkzREtkeUpsemVQNTlERy9wdFN5Qm4vNWJnY2VYTExCK1hQaExlUzdUMUg3ZFJrRU1MMm1VUzlySEZ4bjVYcmxSSnhNWFNjckFXWDYzVlUxbzdtc0k1S3JacFNaODZ1TWhaSXhORnplbytJTUVsZXBLcnNpY3NaTEl0djJVYlR6ZEJ1SXUyM2oyUVUrWGlsZDBDaTdlS0xMajNCVjNwOXpqajl0VW1UZWNMbUo5TVhqTklGeWovMC9JWUJSTT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 750114
content-length: 0
expires: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame B684 87 KB
28 KB 556ms
555ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 472D 15 KB
6 KB 14ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 945987
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame AECC 87 KB
28 KB 337ms
337ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 00:22:08 GMT
server: nginx
etag: W/"63041db0-15cdc"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame CD14 87 KB
28 KB 579ms
579ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 472D
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=KVSR-19UUHF0Zk01eERuQjdZMVZFQ1UwSUoyYmQ0NzBObWZ4a0JHTzhEWkg4bzRWcFRmUXFEZ...
https://mug.criteo.com/sid?cpp=6O9lrXxBYW9qZ2FLZE5uU3plSmZXSklMbXhTbjZ1Szc2U0lqZE9uUHJJZ2dDY05uUW1rU0VkVUJuR1JuZHpnbUxqdnFIeHFTOHJVZ3U4R0ZURG93Y3pCZ0xteHg2UTJwczh2bW15bTVkdnVFRkNnbjlJSkF6cXBlZUpEYW...

420 B
647 B

16ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=6O9lrXxBYW9qZ2FLZE5uU3plSmZXSklMbXhTbjZ1Szc2U0lqZE9uUHJJZ2dDY05uUW1rU0VkVUJuR1JuZHpnbUxqdnFIeHFTOHJVZ3U4R0ZURG93Y3pCZ0xteHg2UTJwczh2bW15bTVkdnVFRkNnbjlJSkF6cXBlZUpEYWlmbGp0cmRtYkRXZ2lvY2tpc1dHclhJVUJWT29UOFVsMzJib0VYVlJRekVXSHB4alJINzREWW9vNkdna0YwTWtWTmtVT1RqNDk2K3N6V3pxNUVqR0R4LzZra25KdGVTVWgyQTBRekdCQ212WDNSTVFMSElnOSs2SG1yVmdvSHpoQ09mMitmTDlxREFZeE54MDl4b1pCelRZVDlYUE5OYjlucEw1VlRDZTQ1WmptbXZ4QWhpWT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dd651161cdaaa50c92fb2d4e61cb82dbdd54936b20dd3ba78396e51beecabf1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1006498
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:28 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=6O9lrXxBYW9qZ2FLZE5uU3plSmZXSklMbXhTbjZ1Szc2U0lqZE9uUHJJZ2dDY05uUW1rU0VkVUJuR1JuZHpnbUxqdnFIeHFTOHJVZ3U4R0ZURG93Y3pCZ0xteHg2UTJwczh2bW15bTVkdnVFRkNnbjlJSkF6cXBlZUpEYWlmbGp0cmRtYkRXZ2lvY2tpc1dHclhJVUJWT29UOFVsMzJib0VYVlJRekVXSHB4alJINzREWW9vNkdna0YwTWtWTmtVT1RqNDk2K3N6V3pxNUVqR0R4LzZra25KdGVTVWgyQTBRekdCQ212WDNSTVFMSElnOSs2SG1yVmdvSHpoQ09mMitmTDlxREFZeE54MDl4b1pCelRZVDlYUE5OYjlucEw1VlRDZTQ1WmptbXZ4QWhpWT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 687607
content-length: 0
expires: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame AD87 87 KB
28 KB 595ms
594ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: hb.adpone.com
URL: https://hb.adpone.com/prebid6.15.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E8A2 15 KB
6 KB 19ms
18ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 2292875
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 2787 87 KB
28 KB 356ms
355ms XHR
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://flashnetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
last-modified: Tue, 23 Aug 2022 00:22:08 GMT
server: nginx
etag: W/"63041db0-15cdc"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 05 Sep 2022 14:21:29 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame E8A2
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=0TijD19UUHF0Zk01eERuQjdZMVZFQ1UwSUolMkZGb01WUkklMkY4aVY1NG9HM1A4NEsxcUJDc...
https://mug.criteo.com/sid?cpp=bmZCr3xsMVl6WkxwQTlFNVRiVlRmd0ZrS3ArdTFLcXRvMS96TTIwZk8rK1Q1bWxPSjhOZTZySDlDTTRrK2puK01yTlBGTTkvZFdERHhyejdEUUI5NjVmanVSRUc1Nis4OVc2ajJETzl2RmxTWlBYSlhXakxlVTF3NDZGVk...

441 B
655 B

17ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=bmZCr3xsMVl6WkxwQTlFNVRiVlRmd0ZrS3ArdTFLcXRvMS96TTIwZk8rK1Q1bWxPSjhOZTZySDlDTTRrK2puK01yTlBGTTkvZFdERHhyejdEUUI5NjVmanVSRUc1Nis4OVc2ajJETzl2RmxTWlBYSlhXakxlVTF3NDZGVk9OTmlzU3VuTUlVcURpMWc1WVNyanczb3NGblR4OGVQbTF6Y1dpY0ZqWHZiMlR4cyszUUpFdmZlbUZMTjA2UTFwUnQ2RWMvajJJUUFsR01UbTJROUluM2R6aHc3QkY2RFJYSnJVVEhIeXN0WHBqd25xUUE5MUZGMGNpbjQwa2Z1QWN1cUw0b3RmV1hSc205WFdYM0tXekhuem93MHRJQjlsWEpnT3dzNlpKMnN6UnEvZ3lIcz18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4f28768451fff3a49d0843683e94ccc7e110044c01b0637ce3327d9173531de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2592374
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=bmZCr3xsMVl6WkxwQTlFNVRiVlRmd0ZrS3ArdTFLcXRvMS96TTIwZk8rK1Q1bWxPSjhOZTZySDlDTTRrK2puK01yTlBGTTkvZFdERHhyejdEUUI5NjVmanVSRUc1Nis4OVc2ajJETzl2RmxTWlBYSlhXakxlVTF3NDZGVk9OTmlzU3VuTUlVcURpMWc1WVNyanczb3NGblR4OGVQbTF6Y1dpY0ZqWHZiMlR4cyszUUpFdmZlbUZMTjA2UTFwUnQ2RWMvajJJUUFsR01UbTJROUluM2R6aHc3QkY2RFJYSnJVVEhIeXN0WHBqd25xUUE5MUZGMGNpbjQwa2Z1QWN1cUw0b3RmV1hSc205WFdYM0tXekhuem93MHRJQjlsWEpnT3dzNlpKMnN6UnEvZ3lIcz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 816582
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 84F4 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 1017118
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 84F4
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=umkA_F9UUHF0Zk01eERuQjdZMVZFQ1UwSUolMkZobmJJV0w2VnJGdDU1b205TE9rJTJCQmljT...
https://mug.criteo.com/sid?cpp=pmQT9HxhWUd1UzVWRjR3UXVoWTFiUXpJVDVSY1hMU2d5ZnZMQjVhSEliK1FTL3N4em1PVzdHZVlXNjVZTkRSS1NYc0VxbHM5MnpDSWFWSzJEZXRFcnhzQVpoMmplV1hheHZxT09KQlZWNFdRaEgxTXdGbkEzMFQxWjZhbE...

428 B
655 B

17ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=pmQT9HxhWUd1UzVWRjR3UXVoWTFiUXpJVDVSY1hMU2d5ZnZMQjVhSEliK1FTL3N4em1PVzdHZVlXNjVZTkRSS1NYc0VxbHM5MnpDSWFWSzJEZXRFcnhzQVpoMmplV1hheHZxT09KQlZWNFdRaEgxTXdGbkEzMFQxWjZhbEVXZG1maXlKV3VvSzhqT2pVRVhMVk44Uy90aERabVlTQmlLNlIxOXFILzVHWkdyckYramR0UWhnUEprWXJvbXIrcHBjOGdwRFhJTkpCWWRSRUpRLzNUR25aMXJnNHRiYytsY0ErR0Z6L0lJMjBXQVN0UkdWUlJ2a2M5Q3loSlAyaHAxN1U3VnV1aVFjSnNvb0k1OStNZmRjNS9IOVBPN3NBK0pvU2k1RFRiSkR1N2IzZGNnYz18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7af0a44eb4ea5e34cfbd9273f8fdc4ba68f2b80b12fb8e1cf27fc7e8ca09baaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1679999
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=pmQT9HxhWUd1UzVWRjR3UXVoWTFiUXpJVDVSY1hMU2d5ZnZMQjVhSEliK1FTL3N4em1PVzdHZVlXNjVZTkRSS1NYc0VxbHM5MnpDSWFWSzJEZXRFcnhzQVpoMmplV1hheHZxT09KQlZWNFdRaEgxTXdGbkEzMFQxWjZhbEVXZG1maXlKV3VvSzhqT2pVRVhMVk44Uy90aERabVlTQmlLNlIxOXFILzVHWkdyckYramR0UWhnUEprWXJvbXIrcHBjOGdwRFhJTkpCWWRSRUpRLzNUR25aMXJnNHRiYytsY0ErR0Z6L0lJMjBXQVN0UkdWUlJ2a2M5Q3loSlAyaHAxN1U3VnV1aVFjSnNvb0k1OStNZmRjNS9IOVBPN3NBK0pvU2k1RFRiSkR1N2IzZGNnYz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 689075
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 0FA8 15 KB
6 KB 17ms
16ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:29 GMT
server-processing-duration-in-ticks: 4212
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1B59 15 KB
6 KB 19ms
18ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 2354682
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 0FA8
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=umkA_F9UUHF0Zk01eERuQjdZMVZFQ1UwSUolMkZobmJJV0w2VnJGdDU1b205TE9rJTJCQmljT...
https://mug.criteo.com/sid?cpp=cd9GD3xJYXlhcTRnMlhrZ0xoNW9jbVJqQlh4ZkZxbXB3dS9MT2tQZHZlTTVmNms4RG9tT1JVaGJDdGVQN3BoUVRsSnFXR0R5WUkwZ1pKempLL2tUTkRrb1ZGdWxWZk9XTk5jT1N2UGVYNHUybzVIZTBZTnpUbUkwUzRWdG...

431 B
653 B

26ms
26ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=cd9GD3xJYXlhcTRnMlhrZ0xoNW9jbVJqQlh4ZkZxbXB3dS9MT2tQZHZlTTVmNms4RG9tT1JVaGJDdGVQN3BoUVRsSnFXR0R5WUkwZ1pKempLL2tUTkRrb1ZGdWxWZk9XTk5jT1N2UGVYNHUybzVIZTBZTnpUbUkwUzRWdGtMYU9Na0lWdTJTRTVoUk1GZVdwenhpSlhwQ3RoQ2RzVGtSWm5iTk5IdjZwUC9UNVlHUHhaMXEzdmVJeWRKT01ScHJ1MUtIazMwNHpkeHA1dHA1ajNFd3FuTHM0WUJxbXVWVkVVQjNkRDF5dC9PZytMcUZJR2FLeldiOFA0UzhHNmkwRGJjQ1lQc3JpWXhWM3RDQTYwclRPSDRQSS9oT3Y4K1dvUHo0VE1vc3NPeGhHZEN6ST18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2b60a53e89d091b109fa3ab2db8b0c348bc58d1d0a230c41ae61215001c0a954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4780278
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=cd9GD3xJYXlhcTRnMlhrZ0xoNW9jbVJqQlh4ZkZxbXB3dS9MT2tQZHZlTTVmNms4RG9tT1JVaGJDdGVQN3BoUVRsSnFXR0R5WUkwZ1pKempLL2tUTkRrb1ZGdWxWZk9XTk5jT1N2UGVYNHUybzVIZTBZTnpUbUkwUzRWdGtMYU9Na0lWdTJTRTVoUk1GZVdwenhpSlhwQ3RoQ2RzVGtSWm5iTk5IdjZwUC9UNVlHUHhaMXEzdmVJeWRKT01ScHJ1MUtIazMwNHpkeHA1dHA1ajNFd3FuTHM0WUJxbXVWVkVVQjNkRDF5dC9PZytMcUZJR2FLeldiOFA0UzhHNmkwRGJjQ1lQc3JpWXhWM3RDQTYwclRPSDRQSS9oT3Y4K1dvUHo0VE1vc3NPeGhHZEN6ST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 573287
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1B59
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=umkA_F9UUHF0Zk01eERuQjdZMVZFQ1UwSUolMkZobmJJV0w2VnJGdDU1b205TE9rJTJCQmljT...
https://mug.criteo.com/sid?cpp=AFoi63x2Z09hM2hsaGNkeUt6OENBQ2IrQ3ljdk0xYVUzQW9mU0RndUJQdGVKYk1UNnVTN3d5aW5tOXo1b3gwdkFiRkx3cDAyOWhlZFR3enRMcksyaEVoc1JUR2h3bUI0Z3o2eDBRQy85RlQ3T3p2YTR5ZStFSWpBWUhRdD...

422 B
643 B

16ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=AFoi63x2Z09hM2hsaGNkeUt6OENBQ2IrQ3ljdk0xYVUzQW9mU0RndUJQdGVKYk1UNnVTN3d5aW5tOXo1b3gwdkFiRkx3cDAyOWhlZFR3enRMcksyaEVoc1JUR2h3bUI0Z3o2eDBRQy85RlQ3T3p2YTR5ZStFSWpBWUhRdDdSNDVkcDEzQ25ybVlaV0VIa2ZCallyNHhYd0RBenhKOEY0bVVHYTAycDQ3TzVrZTFldVBWWTFDTkIxcWowTlN3Z3ZoZ1NtMEpPamljZWdISjJwU2VJR3RobG9nWnF3VS8xRkFWRXdQLy9CWG9rcitMNDdSOXMvMFQ3RXFkWEE2V29oSjNWQnlncStaaVhIMzB5YmRwYnFjeCtsbkViS1dRcS9RcitnNTduYURvS3hKYUloRT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2baa6ad2dacc23228e395124af0f3be4035e8dd2e71ae12e2ce6dac2d0d2a15a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 988377
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=AFoi63x2Z09hM2hsaGNkeUt6OENBQ2IrQ3ljdk0xYVUzQW9mU0RndUJQdGVKYk1UNnVTN3d5aW5tOXo1b3gwdkFiRkx3cDAyOWhlZFR3enRMcksyaEVoc1JUR2h3bUI0Z3o2eDBRQy85RlQ3T3p2YTR5ZStFSWpBWUhRdDdSNDVkcDEzQ25ybVlaV0VIa2ZCallyNHhYd0RBenhKOEY0bVVHYTAycDQ3TzVrZTFldVBWWTFDTkIxcWowTlN3Z3ZoZ1NtMEpPamljZWdISjJwU2VJR3RobG9nWnF3VS8xRkFWRXdQLy9CWG9rcitMNDdSOXMvMFQ3RXFkWEE2V29oSjNWQnlncStaaVhIMzB5YmRwYnFjeCtsbkViS1dRcS9RcitnNTduYURvS3hKYUloRT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 623252
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4020 15 KB
6 KB 16ms
16ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 1901485
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4020
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=IO5NQF9UUHF0Zk01eERuQjdZMVZFQ1UwSUo1TWdicGRzSVBzV2N3Z2x4QXZQbUglMkZxSm5GU...
https://mug.criteo.com/sid?cpp=Rdy3N3wxY1owM0x6b3hUTWsrMGN3QWdnQU9mRzFzVk5LK1hRWGR0QTY1Y3FNVXFvZjF6TXlZNzZYMHM0eUwveXRzNDBwd0I1d084ekNTaXU3TC9HS3Q4dDE2MFg5Y25Ma0xiT0VnUDFlLzMrU1JVYVRSWTAxUzNrMEd1Tj...

420 B
649 B

16ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Rdy3N3wxY1owM0x6b3hUTWsrMGN3QWdnQU9mRzFzVk5LK1hRWGR0QTY1Y3FNVXFvZjF6TXlZNzZYMHM0eUwveXRzNDBwd0I1d084ekNTaXU3TC9HS3Q4dDE2MFg5Y25Ma0xiT0VnUDFlLzMrU1JVYVRSWTAxUzNrMEd1TjR0YTkxa3ZJUXhkSG90cFhYMHRvd2l5RGZ6c0lhUkxQNVdVSnlTYllhL2tiVkoybENhK1RYdm9raHJQWUpQdGoyRXpoaXVQNGo2VUM2K29sZWRBZ0pnMXVVeEh4NXJMNEc1V2tvNGF0Sldkd3J0dUVLRWluRTVsUEZwa1NENHlsVlViRTMwVGNlVlBGVWRIRW9DZllVQ1dUSDU4NGUxSDdUQ1BHUWlqOEJmTExZK0E2eW5rOD18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4a23ff3fd690ffb38aa51de5e2bb8fa8b6e0a42431613e8af9283986d540e413

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1937721
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=Rdy3N3wxY1owM0x6b3hUTWsrMGN3QWdnQU9mRzFzVk5LK1hRWGR0QTY1Y3FNVXFvZjF6TXlZNzZYMHM0eUwveXRzNDBwd0I1d084ekNTaXU3TC9HS3Q4dDE2MFg5Y25Ma0xiT0VnUDFlLzMrU1JVYVRSWTAxUzNrMEd1TjR0YTkxa3ZJUXhkSG90cFhYMHRvd2l5RGZ6c0lhUkxQNVdVSnlTYllhL2tiVkoybENhK1RYdm9raHJQWUpQdGoyRXpoaXVQNGo2VUM2K29sZWRBZ0pnMXVVeEh4NXJMNEc1V2tvNGF0Sldkd3J0dUVLRWluRTVsUEZwa1NENHlsVlViRTMwVGNlVlBGVWRIRW9DZllVQ1dUSDU4NGUxSDdUQ1BHUWlqOEJmTExZK0E2eW5rOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 352691
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5478 15 KB
6 KB 16ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 1545817
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5478
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=kNxViF9UUHF0Zk01eERuQjdZMVZFQ1UwSUp3ekZ1RlFOQklBWHBFUUZDQ0NtVW9BMThFblF6J...
https://mug.criteo.com/sid?cpp=NuJrFXwyQzJJeDlNcVg5ek4rUGYyRG51bkhNNy9HQTlSZytlbUJjMkNiaHJIMTBEVDIrcGY0R1U5RUNuTGUydUVFTktLaHkzTnJpWjRKaXBLejF2Ym9sdXI5Wko3bkNTa3MzVGFMd1UxOXdXY1Z3ZFB5VjFhNEUxQ2JiME...

436 B
656 B

16ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=NuJrFXwyQzJJeDlNcVg5ek4rUGYyRG51bkhNNy9HQTlSZytlbUJjMkNiaHJIMTBEVDIrcGY0R1U5RUNuTGUydUVFTktLaHkzTnJpWjRKaXBLejF2Ym9sdXI5Wko3bkNTa3MzVGFMd1UxOXdXY1Z3ZFB5VjFhNEUxQ2JiME9vVWJUL3ZxNHF0bEhFbjlabFE2aTB1U0pieVIxbitmN2ZuRlA0cTdkaG9qUjNndytJV3llQ3k1R2RJbVhlN29pQUN5alEzb1Bkb1Mya3doOE5xanFHSWdWbVJEOVlCb1lGOGFsZVkvbWRGZ3hLT3dlazNQVjdoYnJneHpGWUZmQnQ3Y1JIenBqcFpwNDh3T0dRUEhIdmFvU1NTck05UjFBTEJ3NGlZWWZyU1BqOWlZallLaz18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ffa1864baba6eb989337112c7ecb8944c343b3ebcf9683857512fa8910a57302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1937303
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=NuJrFXwyQzJJeDlNcVg5ek4rUGYyRG51bkhNNy9HQTlSZytlbUJjMkNiaHJIMTBEVDIrcGY0R1U5RUNuTGUydUVFTktLaHkzTnJpWjRKaXBLejF2Ym9sdXI5Wko3bkNTa3MzVGFMd1UxOXdXY1Z3ZFB5VjFhNEUxQ2JiME9vVWJUL3ZxNHF0bEhFbjlabFE2aTB1U0pieVIxbitmN2ZuRlA0cTdkaG9qUjNndytJV3llQ3k1R2RJbVhlN29pQUN5alEzb1Bkb1Mya3doOE5xanFHSWdWbVJEOVlCb1lGOGFsZVkvbWRGZ3hLT3dlazNQVjdoYnJneHpGWUZmQnQ3Y1JIenBqcFpwNDh3T0dRUEhIdmFvU1NTck05UjFBTEJ3NGlZWWZyU1BqOWlZallLaz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 730280
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame ECEF 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 2221236
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame ECEF
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=DWCeQl9UUHF0Zk01eERuQjdZMVZFQ1UwSUo4RmtkOVZlOUh0QWZpcGc4TzlnR1VtNlc0c0Exc...
https://mug.criteo.com/sid?cpp=gNcWFnxvL2tYTEpXb3RCQ0JSVHlCc0E3ODVFRCtycVRycWtkWk1aaGRVN2RTeldtSjFrakVUK0hoOE96TUtZd1RkRTdtbW16WVk1b0hmbjd5bkw2SlliOEV4ZWtBMzI5RXV1bGlhWldKQ0V2MEtuaVYrV2xSVUVXRVNBbV...

417 B
664 B

17ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=gNcWFnxvL2tYTEpXb3RCQ0JSVHlCc0E3ODVFRCtycVRycWtkWk1aaGRVN2RTeldtSjFrakVUK0hoOE96TUtZd1RkRTdtbW16WVk1b0hmbjd5bkw2SlliOEV4ZWtBMzI5RXV1bGlhWldKQ0V2MEtuaVYrV2xSVUVXRVNBbVdRVzBqSkZIbWxlallBVU1nUWpvMkNPZ0hEUWRvNlgybEdza2RTWjJ6NEltdDNBaTIzNEZGTkNzSldTS2N5TmxLTENFU2ZkbTZYWHdIR3dLZG5XeFUxSEZxc3ptdVB4Q3g2b3dUNDFzdGs1QmM5VnlPQmVZaHJhOUdjQnZsSU9RODhRbHRNQ3RXTnF0L2hRdnZkY2pHcEFZcjdFb0Y0Q1N1WSs3NlUvemQ5Qmh1bG5uRStWUT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6856470a05b9bb14f9e559880569500625be2c25b977d91a1960e0a4633e4d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1641439
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=gNcWFnxvL2tYTEpXb3RCQ0JSVHlCc0E3ODVFRCtycVRycWtkWk1aaGRVN2RTeldtSjFrakVUK0hoOE96TUtZd1RkRTdtbW16WVk1b0hmbjd5bkw2SlliOEV4ZWtBMzI5RXV1bGlhWldKQ0V2MEtuaVYrV2xSVUVXRVNBbVdRVzBqSkZIbWxlallBVU1nUWpvMkNPZ0hEUWRvNlgybEdza2RTWjJ6NEltdDNBaTIzNEZGTkNzSldTS2N5TmxLTENFU2ZkbTZYWHdIR3dLZG5XeFUxSEZxc3ptdVB4Q3g2b3dUNDFzdGs1QmM5VnlPQmVZaHJhOUdjQnZsSU9RODhRbHRNQ3RXTnF0L2hRdnZkY2pHcEFZcjdFb0Y0Q1N1WSs3NlUvemQ5Qmh1bG5uRStWUT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 546125
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 512C 15 KB
6 KB 16ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 1433790
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E3D1 15 KB
6 KB 18ms
18ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 1808749
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 512C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=LKSr3l9UUHF0Zk01eERuQjdZMVZFQ1UwSUo3dUR4Z081WW5wNk5jSkd3V3duJTJGcEpKeTV3M...
https://mug.criteo.com/sid?cpp=U4gfT3xJcjgxZHEvanFMa3JoQTg4T2RnOW85aWFiNHJzUGtLdjF5VklhQU5uU0o3L0JZRy9Cc1Y3bi9PV0hWWFYxck03VjFIUlZTTy93bytYR0ZYOUhTWjNkU1pYSm9PTW4vUzBuTGttM2VtVUZTTDcxb0VkeXZKNWJNb1...

430 B
654 B

19ms
19ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=U4gfT3xJcjgxZHEvanFMa3JoQTg4T2RnOW85aWFiNHJzUGtLdjF5VklhQU5uU0o3L0JZRy9Cc1Y3bi9PV0hWWFYxck03VjFIUlZTTy93bytYR0ZYOUhTWjNkU1pYSm9PTW4vUzBuTGttM2VtVUZTTDcxb0VkeXZKNWJNb1VXdnQwcHo5UHhmQmNFMVlYOU9oZkVRVVZjcm9kSVFlZzhnelhiSVhQMjZaWmlaOXNaYTBMS0E4bDRndmJxRjBETTVkODNobnZwczBpNXpwMHhBbmYrRzR5S245ZCtLZ3JqSWZvK1VFL0ZTQk9MZXFkQnRVa3grMzBIamNTbzlJNEVHU0Y2MXdaWmEvOEtIbWQ0TzZzOUdDeDJSTEc2Zjd2QXFrVEhOOGZRK1VFWFBURjV3TT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

06faadbb85d8364fac1c95da61a5f4b7bc6e7a7fc529e1eb94944c88ecd1e053

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1441783
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=U4gfT3xJcjgxZHEvanFMa3JoQTg4T2RnOW85aWFiNHJzUGtLdjF5VklhQU5uU0o3L0JZRy9Cc1Y3bi9PV0hWWFYxck03VjFIUlZTTy93bytYR0ZYOUhTWjNkU1pYSm9PTW4vUzBuTGttM2VtVUZTTDcxb0VkeXZKNWJNb1VXdnQwcHo5UHhmQmNFMVlYOU9oZkVRVVZjcm9kSVFlZzhnelhiSVhQMjZaWmlaOXNaYTBMS0E4bDRndmJxRjBETTVkODNobnZwczBpNXpwMHhBbmYrRzR5S245ZCtLZ3JqSWZvK1VFL0ZTQk9MZXFkQnRVa3grMzBIamNTbzlJNEVHU0Y2MXdaWmEvOEtIbWQ0TzZzOUdDeDJSTEc2Zjd2QXFrVEhOOGZRK1VFWFBURjV3TT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 657408
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4C6C 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:30 GMT
server: Kestrel
server-processing-duration-in-ticks: 1887572
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame E3D1
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=LKSr3l9UUHF0Zk01eERuQjdZMVZFQ1UwSUo3dUR4Z081WW5wNk5jSkd3V3duJTJGcEpKeTV3M...
https://mug.criteo.com/sid?cpp=3ijIiXxtQWdvb3JCNHRzaEVmQ3lEQUhVMzE5Qno2SmJMMFA2aFNVYzhYajJrdHpYbTBWdnpHWmJkVEovVmRnVzFMS2tpbHh5bm9UWW14MU11RWR2OTVWRG9kaE43Zi93R245S0hYKzJ1cUYzTTlQVXRFWkJxVHVnVnQzTV...

425 B
651 B

15ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=3ijIiXxtQWdvb3JCNHRzaEVmQ3lEQUhVMzE5Qno2SmJMMFA2aFNVYzhYajJrdHpYbTBWdnpHWmJkVEovVmRnVzFMS2tpbHh5bm9UWW14MU11RWR2OTVWRG9kaE43Zi93R245S0hYKzJ1cUYzTTlQVXRFWkJxVHVnVnQzTVlTNWpsRENJMWRhSllBekhCNnd5MGdjR0lvMGtyaitnM0F4WktUS1VlV3RWZVF4bFVoZ3FKejhLUnZVL3IydXhYVTdobnc3a01IOVE0THhjRWtPZmJLZGNnTlV4M3VhcVN6Q29JSy9SR1Y1OUFlMGQyQWowVnNJdlBOaElCemZzMEFiRk4yT2xFWlNUNERRdU5pRFZHdWFzMkRzbENncXVIVUJwQUlwV2Q5MXNZb3dhRDVwVT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

085bb6139fbc88ff13d8b9f7cfd49daf277213404a701aad9e4f0304d84c6847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 884365
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:30 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=3ijIiXxtQWdvb3JCNHRzaEVmQ3lEQUhVMzE5Qno2SmJMMFA2aFNVYzhYajJrdHpYbTBWdnpHWmJkVEovVmRnVzFMS2tpbHh5bm9UWW14MU11RWR2OTVWRG9kaE43Zi93R245S0hYKzJ1cUYzTTlQVXRFWkJxVHVnVnQzTVlTNWpsRENJMWRhSllBekhCNnd5MGdjR0lvMGtyaitnM0F4WktUS1VlV3RWZVF4bFVoZ3FKejhLUnZVL3IydXhYVTdobnc3a01IOVE0THhjRWtPZmJLZGNnTlV4M3VhcVN6Q29JSy9SR1Y1OUFlMGQyQWowVnNJdlBOaElCemZzMEFiRk4yT2xFWlNUNERRdU5pRFZHdWFzMkRzbENncXVIVUJwQUlwV2Q5MXNZb3dhRDVwVT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 630875
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3EF1 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:30 GMT
server-processing-duration-in-ticks: 3739
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4C6C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=LKSr3l9UUHF0Zk01eERuQjdZMVZFQ1UwSUo3dUR4Z081WW5wNk5jSkd3V3duJTJGcEpKeTV3M...
https://mug.criteo.com/sid?cpp=1uoySnxmTWcvNXRpbkFkaElHZS9TVE9xcE1GSGlUNUdGSjFnNTBmSklma3VtL1pFaHBjcU04WTZzZnFZempaK2xSdVNKRXV5d0VxTVQvdUpwQkE4cDRJYWNnVFNqN0Yrc0VWVGZqZ1kwQkQ2Q2JFc0tMYVlaS0hBejB0R0...

428 B
652 B

17ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=1uoySnxmTWcvNXRpbkFkaElHZS9TVE9xcE1GSGlUNUdGSjFnNTBmSklma3VtL1pFaHBjcU04WTZzZnFZempaK2xSdVNKRXV5d0VxTVQvdUpwQkE4cDRJYWNnVFNqN0Yrc0VWVGZqZ1kwQkQ2Q2JFc0tMYVlaS0hBejB0R0lCREJCRVovR0RuSStwY3ZMSFYvS2kyUkZrTTNIRXYxZ0JSSEJ4TzdYcTZJRnJDa1JzOTZrc1RBbVdUZXVla1oyc0h2eExSclZnb1grYWt2aUdHM2QxTWoxVGRlK25udVhnVjJLU1p1UEFYeWVpSUZrTmJJWmVUUjh6Qm9mT1kwRDFrYW1wZUw1cFZ6eDZJaE9hVStVN2JhOUVkd08yU3F2ZTEvbzFYSzNHY2w3ZGhSbEFxdz18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e500e97c5aaf304cb2df02cc926ca57b6d622b553e93b4295222b5796e1ebb94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1989095
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=1uoySnxmTWcvNXRpbkFkaElHZS9TVE9xcE1GSGlUNUdGSjFnNTBmSklma3VtL1pFaHBjcU04WTZzZnFZempaK2xSdVNKRXV5d0VxTVQvdUpwQkE4cDRJYWNnVFNqN0Yrc0VWVGZqZ1kwQkQ2Q2JFc0tMYVlaS0hBejB0R0lCREJCRVovR0RuSStwY3ZMSFYvS2kyUkZrTTNIRXYxZ0JSSEJ4TzdYcTZJRnJDa1JzOTZrc1RBbVdUZXVla1oyc0h2eExSclZnb1grYWt2aUdHM2QxTWoxVGRlK25udVhnVjJLU1p1UEFYeWVpSUZrTmJJWmVUUjh6Qm9mT1kwRDFrYW1wZUw1cFZ6eDZJaE9hVStVN2JhOUVkd08yU3F2ZTEvbzFYSzNHY2w3ZGhSbEFxdz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 477750
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 291F 15 KB
6 KB 15ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 986420
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2641 15 KB
6 KB 17ms
16ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 2283277
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3EF1
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=QQSPFl9UUHF0Zk01eERuQjdZMVZFQ1UwSUoybzNHbWlMeUlOOFY5NUliaXdXbGFQRGYyZG5ZU...
https://mug.criteo.com/sid?cpp=uMTLiXxLWVZKN3Mreld4YmgvdmpzNTJHUURINkVsd0tTTWY2Ri9rMFUzUGQ1eWpTUHFyYlhDWGpDQWkyalpYMWl6R2ZtNW1NTG9tNTlXTWRDTmVqcldXYyttQzFYSlpuNVBpb3dFTmtWVDAxNHRRZEwvT24yUWVuWGFMbl...

428 B
651 B

35ms
34ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=uMTLiXxLWVZKN3Mreld4YmgvdmpzNTJHUURINkVsd0tTTWY2Ri9rMFUzUGQ1eWpTUHFyYlhDWGpDQWkyalpYMWl6R2ZtNW1NTG9tNTlXTWRDTmVqcldXYyttQzFYSlpuNVBpb3dFTmtWVDAxNHRRZEwvT24yUWVuWGFMblo5T0tUcjY2eTRaNVNYL0FpT3U1TEVIclFuWGF0RVlKQ3ErZkZjQWh4U3pxRnFGMVR0Y3FJcEZVaE1IY3pWUWN5dnU2amdxTFgwbGtRM3F3MTM4TmNvem84K3d1b0tJcWREV242T1VueW5FOXpaR0Faa2ErMFJidDhIVDZuMWdiRndRVXJHQXVDc1Vob25ISUl4RlZ5c0VyNDdNeVZMeFJRNGlxcjluc3B1b2JWb0c0U1BuND18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

51d2b7c644c27e0629666ac2803c3e5a7fb03fd50c6ccc1c977e9b5cdf2945cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 11654476
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=uMTLiXxLWVZKN3Mreld4YmgvdmpzNTJHUURINkVsd0tTTWY2Ri9rMFUzUGQ1eWpTUHFyYlhDWGpDQWkyalpYMWl6R2ZtNW1NTG9tNTlXTWRDTmVqcldXYyttQzFYSlpuNVBpb3dFTmtWVDAxNHRRZEwvT24yUWVuWGFMblo5T0tUcjY2eTRaNVNYL0FpT3U1TEVIclFuWGF0RVlKQ3ErZkZjQWh4U3pxRnFGMVR0Y3FJcEZVaE1IY3pWUWN5dnU2amdxTFgwbGtRM3F3MTM4TmNvem84K3d1b0tJcWREV242T1VueW5FOXpaR0Faa2ErMFJidDhIVDZuMWdiRndRVXJHQXVDc1Vob25ISUl4RlZ5c0VyNDdNeVZMeFJRNGlxcjluc3B1b2JWb0c0U1BuND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 538765
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9D74 15 KB
6 KB 16ms
16ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 1060880
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 291F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=QQSPFl9UUHF0Zk01eERuQjdZMVZFQ1UwSUoybzNHbWlMeUlOOFY5NUliaXdXbGFQRGYyZG5ZU...
https://mug.criteo.com/sid?cpp=Yr0mUnxTeFp0NCtOZXhvUHk1emUyRmtORjRnWUlYR3RwYUU0RTZxN28rR1dnb2JUc1JYTGwzR0ZXUzNoTE5KUWE0N1BSTnc0RVBXWURZb3FUQWtZMWw3VkQxaDNXQ2t1b0E0OWlSVjFOL3V4aWRaVmZncndIaVVVL21lNU...

419 B
645 B

15ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Yr0mUnxTeFp0NCtOZXhvUHk1emUyRmtORjRnWUlYR3RwYUU0RTZxN28rR1dnb2JUc1JYTGwzR0ZXUzNoTE5KUWE0N1BSTnc0RVBXWURZb3FUQWtZMWw3VkQxaDNXQ2t1b0E0OWlSVjFOL3V4aWRaVmZncndIaVVVL21lNUJ4RlJMMmI5ZGNiZ3lwb3lINWRhNEVOQkU5R2w2c1hEZGowb2FvZ2ZtMk5OMlBYcnQxaG5VaUxDMDhZZEpINnBoM1VFaHJ1TDMzVFkyaEZlTXZPVi9OVFJPUTgxdFVER3Y3QWtEaUphRGRMUkx3akhDeWluVzBSdU5ERlhMQjd0RzFuRDZ2SnpGcDhiTUVmMlJoeHpaWXhUcVRMYmFCclFoV0toN2JBaVByRTZKTzMyOVZlTT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c419cefbc9ad598e121d0e35bc9c4392a7e36752cba025b46315cc90320b6a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 967816
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=Yr0mUnxTeFp0NCtOZXhvUHk1emUyRmtORjRnWUlYR3RwYUU0RTZxN28rR1dnb2JUc1JYTGwzR0ZXUzNoTE5KUWE0N1BSTnc0RVBXWURZb3FUQWtZMWw3VkQxaDNXQ2t1b0E0OWlSVjFOL3V4aWRaVmZncndIaVVVL21lNUJ4RlJMMmI5ZGNiZ3lwb3lINWRhNEVOQkU5R2w2c1hEZGowb2FvZ2ZtMk5OMlBYcnQxaG5VaUxDMDhZZEpINnBoM1VFaHJ1TDMzVFkyaEZlTXZPVi9OVFJPUTgxdFVER3Y3QWtEaUphRGRMUkx3akhDeWluVzBSdU5ERlhMQjd0RzFuRDZ2SnpGcDhiTUVmMlJoeHpaWXhUcVRMYmFCclFoV0toN2JBaVByRTZKTzMyOVZlTT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 733299
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame C252 15 KB
6 KB 14ms
14ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 1023700
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1617 15 KB
6 KB 16ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 1688685
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2641
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=QQSPFl9UUHF0Zk01eERuQjdZMVZFQ1UwSUoybzNHbWlMeUlOOFY5NUliaXdXbGFQRGYyZG5ZU...
https://mug.criteo.com/sid?cpp=jrclXnxndXp1L0lXVVhhUUhzQlFRV2xRNlU5ajNlUFh6bEhmTmVPWVFHR2lYZTkrbHFjREVKckp3T2NnR1VZSkt2YXViMDlhb2VLcVVzeENLUUUxV3kxTUpHZFdTNFBuaVZYV2xiUGJpNWZ3NitKbmtXZEtQMnJCU2lKUW...

433 B
653 B

19ms
19ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=jrclXnxndXp1L0lXVVhhUUhzQlFRV2xRNlU5ajNlUFh6bEhmTmVPWVFHR2lYZTkrbHFjREVKckp3T2NnR1VZSkt2YXViMDlhb2VLcVVzeENLUUUxV3kxTUpHZFdTNFBuaVZYV2xiUGJpNWZ3NitKbmtXZEtQMnJCU2lKUWtxQVQ3ays4QzkwSDhVV2lPOGtsbWhMTFlHMXZpbDVVUlpRb2VGTlRjUVRlOHVuL2dnNXhjT0RBZG9jd3RFd2x3bnRnaFdEQmJ4dDJFRDNHU1NUNGhCSStlOXF5blJIUlpwZmhEeitFeFlDUk80WEFxL0w0RldLYkFrYUVTMUZqUjZHaXZlWloxZTJiRXFoT0FnNlphUGNKdThuOTVreDdTTUlBd0VDNW5RUDNFb2RrdFNSMD18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1b6e4ff4bd2eab318dd7aadfee512265bdf0b48de4c1201f6dc8ae1cb5f49601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:30 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1774157
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:30 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=jrclXnxndXp1L0lXVVhhUUhzQlFRV2xRNlU5ajNlUFh6bEhmTmVPWVFHR2lYZTkrbHFjREVKckp3T2NnR1VZSkt2YXViMDlhb2VLcVVzeENLUUUxV3kxTUpHZFdTNFBuaVZYV2xiUGJpNWZ3NitKbmtXZEtQMnJCU2lKUWtxQVQ3ays4QzkwSDhVV2lPOGtsbWhMTFlHMXZpbDVVUlpRb2VGTlRjUVRlOHVuL2dnNXhjT0RBZG9jd3RFd2x3bnRnaFdEQmJ4dDJFRDNHU1NUNGhCSStlOXF5blJIUlpwZmhEeitFeFlDUk80WEFxL0w0RldLYkFrYUVTMUZqUjZHaXZlWloxZTJiRXFoT0FnNlphUGNKdThuOTVreDdTTUlBd0VDNW5RUDNFb2RrdFNSMD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 511433
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9D74
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=kuY0_19UUHF0Zk01eERuQjdZMVZFQ1UwSUo3WCUyQnM1S0tEYWhLQ3BBazFwZExFRTN0NzVWU...
https://mug.criteo.com/sid?cpp=-_B5qHxFaWZrUEErTVdJYi9wM1ZvOHdaa1JLcGx1TzdoNFhYUEY4NGJ2Wk1YbFovTWN0Z1g3bGNlUmdMTHdHRldzSENSSHJUSEZ0K1hsNE4rbkF0RnR5b0dDUW1DTmpBbTRZT0dzdjhuOTFYelVoOGlkbEFiSzFKb2NPY0...

422 B
647 B

18ms
17ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=-_B5qHxFaWZrUEErTVdJYi9wM1ZvOHdaa1JLcGx1TzdoNFhYUEY4NGJ2Wk1YbFovTWN0Z1g3bGNlUmdMTHdHRldzSENSSHJUSEZ0K1hsNE4rbkF0RnR5b0dDUW1DTmpBbTRZT0dzdjhuOTFYelVoOGlkbEFiSzFKb2NPY0JYZEVrZFg4bXk5YkorR2JjMUNkMHBaTVluSGh5bXJvTmZWWnFpWHh2UERxU3E5QnhMcEtPMWhlYXBPbTIxV1FMb29jNkZhWXdvNEJHNlhKMmkxWDgzT1BDQU90TWZDT04xL2x0Y2szazFDbzRkK0djaURHQ1ZadkZra2tmdmNaRityeDlvWnBDYVVJdXE3VjJIVHN5QkQ1UGt4aXdvM1RLWjEwbTYzaFhCbzdBQ09XVk9YST18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4acdd0f781acf0d75caeb8c612378bf1968b8c7715067ab65bd1e31fade05bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:30 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2472637
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=-_B5qHxFaWZrUEErTVdJYi9wM1ZvOHdaa1JLcGx1TzdoNFhYUEY4NGJ2Wk1YbFovTWN0Z1g3bGNlUmdMTHdHRldzSENSSHJUSEZ0K1hsNE4rbkF0RnR5b0dDUW1DTmpBbTRZT0dzdjhuOTFYelVoOGlkbEFiSzFKb2NPY0JYZEVrZFg4bXk5YkorR2JjMUNkMHBaTVluSGh5bXJvTmZWWnFpWHh2UERxU3E5QnhMcEtPMWhlYXBPbTIxV1FMb29jNkZhWXdvNEJHNlhKMmkxWDgzT1BDQU90TWZDT04xL2x0Y2szazFDbzRkK0djaURHQ1ZadkZra2tmdmNaRityeDlvWnBDYVVJdXE3VjJIVHN5QkQ1UGt4aXdvM1RLWjEwbTYzaFhCbzdBQ09XVk9YST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 616288
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 96E5 15 KB
6 KB 16ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:30 GMT
server: Kestrel
server-processing-duration-in-ticks: 1699797
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame C252
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=kuY0_19UUHF0Zk01eERuQjdZMVZFQ1UwSUo3WCUyQnM1S0tEYWhLQ3BBazFwZExFRTN0NzVWU...
https://mug.criteo.com/sid?cpp=zov1YnxwNElobFRFcjAydXpEeFdZUDQrWlRvNWJvdkJ1L25aUTVoaE0zL3VsdzlvTzVEQnd4TXFYazRqVmtlTkxOaWZvVGN6QkQ3d3NlMEgxL0NBMUNkVHhPTktDcFZtYzlCcUlxZ2ZNZVNMSy9Dd3k5dlh5b2xjVTlSVm...

428 B
650 B

17ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=zov1YnxwNElobFRFcjAydXpEeFdZUDQrWlRvNWJvdkJ1L25aUTVoaE0zL3VsdzlvTzVEQnd4TXFYazRqVmtlTkxOaWZvVGN6QkQ3d3NlMEgxL0NBMUNkVHhPTktDcFZtYzlCcUlxZ2ZNZVNMSy9Dd3k5dlh5b2xjVTlSVm1GRzltTGNpM1FMeThWWjFpdWtObmFEcnJPditYZ1NHazQwWnNBNkw2M0ZtYjFMVDRBZ1kyVTNiR1VibnlyaWw1NTd4bkcrbmZvUGdDbElZQ0d1MVE1R2V2UEZoMG1xNW85QjExWENKSjdWS3h4Y24yMTliWjRNS3VpZUo3aFJWeWlpOExONWlUMXpBODlxbngzRHZUbHdJUWhjRTYvRTBzMktaSktNdjJaN0VqYjg0cDlLMD18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8bc5eb95a0736ed8262a435b459c4580634f8295597e0cabdb8f443b205c5f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:30 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1667357
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=zov1YnxwNElobFRFcjAydXpEeFdZUDQrWlRvNWJvdkJ1L25aUTVoaE0zL3VsdzlvTzVEQnd4TXFYazRqVmtlTkxOaWZvVGN6QkQ3d3NlMEgxL0NBMUNkVHhPTktDcFZtYzlCcUlxZ2ZNZVNMSy9Dd3k5dlh5b2xjVTlSVm1GRzltTGNpM1FMeThWWjFpdWtObmFEcnJPditYZ1NHazQwWnNBNkw2M0ZtYjFMVDRBZ1kyVTNiR1VibnlyaWw1NTd4bkcrbmZvUGdDbElZQ0d1MVE1R2V2UEZoMG1xNW85QjExWENKSjdWS3h4Y24yMTliWjRNS3VpZUo3aFJWeWlpOExONWlUMXpBODlxbngzRHZUbHdJUWhjRTYvRTBzMktaSktNdjJaN0VqYjg0cDlLMD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 808216
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 833B 15 KB
6 KB 16ms
16ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 1374939
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1617
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=4P4V6l9UUHF0Zk01eERuQjdZMVZFQ1UwSUp4MDFlZ1FtOHM5eDhBalRaemRxTmVRQ0VCcjJST...
https://mug.criteo.com/sid?cpp=_KSROHxPTEZmZ0VOYXJUOFFQdWFNV1ZraW9TZ0V2cE5jc0VDakJTd3cxTzZGQjkrODdTZ0VqbHhSLzArRDRNTXB6QTBDVlRYZmp1OHdKY0NtTUhockNxN1VlMWpmdWQydmtNYndHZGZ2RmErM1JheENPM3VpTXYrMnZ0az...

427 B
652 B

16ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_KSROHxPTEZmZ0VOYXJUOFFQdWFNV1ZraW9TZ0V2cE5jc0VDakJTd3cxTzZGQjkrODdTZ0VqbHhSLzArRDRNTXB6QTBDVlRYZmp1OHdKY0NtTUhockNxN1VlMWpmdWQydmtNYndHZGZ2RmErM1JheENPM3VpTXYrMnZ0azVLRGNVK1ZyUzBWTnpoeHVScTRXU3MxdHlnVHFaSGI3MXc0OUhnV2NyMU1uQjBqdWdCNnhNMHMxVzlBbTdhTzk0Nk1pMTl5Z0lKWlRTNEZjcjIxZ1owNkx2N05IQVBCZnNuaHNmSjVpODZWM3dWMmE4N2FUVWlFYWEyMnFXMThjeG9pdzlUdHhHL1U1M0JPQmpvdFQraEdCV1doQk9ITDFEa3Bjb0FueEw5NkNGMlk3d0FoQT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b5c2888a9cccab746f9435b8357e45ca305e0a73156db4472ebcb247321b23c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1099091
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=_KSROHxPTEZmZ0VOYXJUOFFQdWFNV1ZraW9TZ0V2cE5jc0VDakJTd3cxTzZGQjkrODdTZ0VqbHhSLzArRDRNTXB6QTBDVlRYZmp1OHdKY0NtTUhockNxN1VlMWpmdWQydmtNYndHZGZ2RmErM1JheENPM3VpTXYrMnZ0azVLRGNVK1ZyUzBWTnpoeHVScTRXU3MxdHlnVHFaSGI3MXc0OUhnV2NyMU1uQjBqdWdCNnhNMHMxVzlBbTdhTzk0Nk1pMTl5Z0lKWlRTNEZjcjIxZ1owNkx2N05IQVBCZnNuaHNmSjVpODZWM3dWMmE4N2FUVWlFYWEyMnFXMThjeG9pdzlUdHhHL1U1M0JPQmpvdFQraEdCV1doQk9ITDFEa3Bjb0FueEw5NkNGMlk3d0FoQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 329959
content-length: 0
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4864 15 KB
6 KB 17ms
16ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://flashnetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 2153579
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 96E5
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=pEHyA19UUHF0Zk01eERuQjdZMVZFQ1UwSUo3TVRJVE5rbTkxNWxBQWg0JTJCSHVmUXI2VyUyQ...
https://mug.criteo.com/sid?cpp=ChoLnHxuOWY3OGltVTUyaDVQSEt4WjJieHRablFINkt5TmlJenp2R0FqOTlxY0dKTVpTUkdhcnBORzFSK3cyK0RMK3NmWXQ3bGdvT2V0V2hRTGh3UUoxR3Y4cmNmb2l4QXNsZVNYZk8rbTFQK05PcXgxMFIzUDdnQjZPd2...

427 B
666 B

15ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ChoLnHxuOWY3OGltVTUyaDVQSEt4WjJieHRablFINkt5TmlJenp2R0FqOTlxY0dKTVpTUkdhcnBORzFSK3cyK0RMK3NmWXQ3bGdvT2V0V2hRTGh3UUoxR3Y4cmNmb2l4QXNsZVNYZk8rbTFQK05PcXgxMFIzUDdnQjZPd21mY1p5Y0FaYkJSNlR3OTJtTGNpT1RJRzNkVm00S3Yyc1B0SVdMSG5NcmNKbnplZ3ZSZkR3cUZXaG5WaHRaOTFPTVlydEQyT0d2WVF6QWRLOWZhUmNGc2ZCby9Td3BLbzBjbUdWZTFpZ1RZZUVaTVBDZlFSQjIxaFladnhFTitLa042M2U2S3ZoMjhUckt1UERidThVaHNJKzFzQXJobmdQT29GdG5rRStTTnhsMHRZTE5RMD18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

224cb394c10f43f68afe5385be96fa491169e817e98a240df59e8deaf64ec2aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:30 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 895641
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=ChoLnHxuOWY3OGltVTUyaDVQSEt4WjJieHRablFINkt5TmlJenp2R0FqOTlxY0dKTVpTUkdhcnBORzFSK3cyK0RMK3NmWXQ3bGdvT2V0V2hRTGh3UUoxR3Y4cmNmb2l4QXNsZVNYZk8rbTFQK05PcXgxMFIzUDdnQjZPd21mY1p5Y0FaYkJSNlR3OTJtTGNpT1RJRzNkVm00S3Yyc1B0SVdMSG5NcmNKbnplZ3ZSZkR3cUZXaG5WaHRaOTFPTVlydEQyT0d2WVF6QWRLOWZhUmNGc2ZCby9Td3BLbzBjbUdWZTFpZ1RZZUVaTVBDZlFSQjIxaFladnhFTitLa042M2U2S3ZoMjhUckt1UERidThVaHNJKzFzQXJobmdQT29GdG5rRStTTnhsMHRZTE5RMD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 694235
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 833B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=pEHyA19UUHF0Zk01eERuQjdZMVZFQ1UwSUo3TVRJVE5rbTkxNWxBQWg0JTJCSHVmUXI2VyUyQ...
https://mug.criteo.com/sid?cpp=lLFiwXxYRHNoYU5laWJaVE9TZXZ6YW96VWV5WFh6U3VaNS9sS1o2K0NrZWw4cEQxd0RIM1lqcE9QK1d0SWh3WUlvU0MzUGRWWkhRWVFKTzg1NkRQVVR6QXA5TzA3MkNUZklHZ0NkOGtuTmhRT2RVTTlUR3FrS1JjUUdmeS...

422 B
653 B

16ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=lLFiwXxYRHNoYU5laWJaVE9TZXZ6YW96VWV5WFh6U3VaNS9sS1o2K0NrZWw4cEQxd0RIM1lqcE9QK1d0SWh3WUlvU0MzUGRWWkhRWVFKTzg1NkRQVVR6QXA5TzA3MkNUZklHZ0NkOGtuTmhRT2RVTTlUR3FrS1JjUUdmeStXeUhwQU02OERCbS9FU0N6VWpEQWx5ZkNySGh2b29tUXM1T0d3RjdTT3B4T080QXVkc1pHMXZaVzB1bk5paWVwM3VTYlZsQXg2WVhuVzNacDViNEhjQ1JZWmZ1Z2x2YUMvM0VFWFNmUURUYmhTVHJFRUE4aENreFFVMUVLVldzaWdlT3RsMVNQS3pkOGc3WG5Xc3lXMFJ5VU1PL0lzT0FFcmtvOGFGYmtZZGdnS0owVGlRST18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

95c16b1649244927eb3d9cc6de19e84e712b4f77f0846d70452822dd0e17d339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1833226
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:30 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=lLFiwXxYRHNoYU5laWJaVE9TZXZ6YW96VWV5WFh6U3VaNS9sS1o2K0NrZWw4cEQxd0RIM1lqcE9QK1d0SWh3WUlvU0MzUGRWWkhRWVFKTzg1NkRQVVR6QXA5TzA3MkNUZklHZ0NkOGtuTmhRT2RVTTlUR3FrS1JjUUdmeStXeUhwQU02OERCbS9FU0N6VWpEQWx5ZkNySGh2b29tUXM1T0d3RjdTT3B4T080QXVkc1pHMXZaVzB1bk5paWVwM3VTYlZsQXg2WVhuVzNacDViNEhjQ1JZWmZ1Z2x2YUMvM0VFWFNmUURUYmhTVHJFRUE4aENreFFVMUVLVldzaWdlT3RsMVNQS3pkOGc3WG5Xc3lXMFJ5VU1PL0lzT0FFcmtvOGFGYmtZZGdnS0owVGlRST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 517116
content-length: 0
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4864
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=flashnetic.com&sn=ChromeSyncframe&so=2&topUrl=earnme.club&bundle=OdtSdl9UUHF0Zk01eERuQjdZMVZFQ1UwSUo4MEI2Z3IyV21ZRFRkTUZGQXBzUDlua0J2TVJFN...
https://mug.criteo.com/sid?cpp=9rME-HxQSUYwdW9WS2U3MHE5Y1dGMytkSWtxUlFIOWJ4b1JnWVZ2NGlXMVJRUTJYVUh0aG1ST2pxdHBvcEthWWdrOXQxRUt5OE1HQzJiK2FPdTVzYVJ0VEtyU1QzUGQzcnU1dUg1SlNrU2huS1MvNTNTaU04M1AyN04wM2...

417 B
649 B

16ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=9rME-HxQSUYwdW9WS2U3MHE5Y1dGMytkSWtxUlFIOWJ4b1JnWVZ2NGlXMVJRUTJYVUh0aG1ST2pxdHBvcEthWWdrOXQxRUt5OE1HQzJiK2FPdTVzYVJ0VEtyU1QzUGQzcnU1dUg1SlNrU2huS1MvNTNTaU04M1AyN04wM2tJQkFrWVRxTUlnZ05aTUVBZTdDbWtuZTBJTmczR2Nhd1lOeVlDNEJmNVE5Z3U5WjdPQjB2S3pKU05HV2x6c1pzazVYUE84b00wdnByNXBmeE5qZVp2L2VCVzhVeU85bU9OQTM1aXluenpxVzB2OXBDak96eTlYbjJDY1RqbkkvMFdmcW5MRm1uR3VXRmtxd3ZRWVBMZldRQmo2Q0R1UEx0d0wwM3hwZzlSQ3JxMzNiOG0wQT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5409fe6fe07e8f285cc98f513e362e6b316fb6291d0602858aadb4cf3026e5ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:30 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1605550
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 04 Sep 2022 14:21:29 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
location: https://mug.criteo.com/sid?cpp=9rME-HxQSUYwdW9WS2U3MHE5Y1dGMytkSWtxUlFIOWJ4b1JnWVZ2NGlXMVJRUTJYVUh0aG1ST2pxdHBvcEthWWdrOXQxRUt5OE1HQzJiK2FPdTVzYVJ0VEtyU1QzUGQzcnU1dUg1SlNrU2huS1MvNTNTaU04M1AyN04wM2tJQkFrWVRxTUlnZ05aTUVBZTdDbWtuZTBJTmczR2Nhd1lOeVlDNEJmNVE5Z3U5WjdPQjB2S3pKU05HV2x6c1pzazVYUE84b00wdnByNXBmeE5qZVp2L2VCVzhVeU85bU9OQTM1aXluenpxVzB2OXBDak96eTlYbjJDY1RqbkkvMFdmcW5MRm1uR3VXRmtxd3ZRWVBMZldRQmo2Q0R1UEx0d0wwM3hwZzlSQ3JxMzNiOG0wQT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 666924
content-length: 0
expires: 0

POST
H/1.1 200
OK postback Show response
s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/ Frame 312C 0
145 B 34ms
33ms XHR
text/plain 18.203.209.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.ib.adnxs.net/2/2.67.0/225545/AX3pSZ8QEeV9kQZs/postback?dt=2255451533761563475000&di=https%3A%2F%2Fearnme.club%2F&md=1&gt=DE&c1=ams3&c2=0&ti=3389830757012732483&pv=35ba5be0-24f5-4a06-81f4-628fd2410efb&ac=11493887&cr=215907859&ci=225545&ui=2928211502789460109&sr=10264&pp=2180927&to=3&pc=26730095&pd=avt&ap=&de=2&dm=300x250&cb=1186271738&sid=AX3pSZ8QEeV9kQZs&oz_sc=943bd6bae59cd1052b5f9918&oz_df=1662301291756&oz_l=304&cv=3
Requested by: Host: s.update.ib.adnxs.net
URL: https://s.update.ib.adnxs.net/2/2.67.0/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.209.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-209-222.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://flashnetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 04 Sep 2022 14:21:31 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Domain: prebid.smilewanted.com
URL: https://prebid.smilewanted.com/

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
earnme.club/	1970-01-20 05:45:01	Name: tp2 Value: v3nahJc
.google.com/	1970-01-20 15:14:47	Name: __Secure-ENID Value: 6.SE=I_q0KB02d99g-wH0nL1fYfSguI_8FE_AOL72GzqMZYxkaCHspW0Q8iHX2zOIOxZhpnjafGvVCkwI7XhpgdlrpcS6y0Ak7-zTu6meo4WS1z6ChwpOtc1MXVrc-kFeKOGBQqU0hdGu4gGRw38KjVlDguStZsTa02JddULKxijPvx0
.google.com/	1970-01-20 15:21:01	Name: CONSENT Value: PENDING+697
earnme.club/	1970-01-20 14:30:37	Name: _uc_referrer Value: https://www.google.com/
earnme.club/	1970-01-20 06:28:13	Name: _pbjs_userid_consent_data Value: 3524755945110770
.earnme.club/	1970-01-20 15:21:01	Name: _ga Value: GA1.1.937080875.1662301278
.earnme.club/	1970-01-20 15:21:01	Name: _ga_LY1N2M6E7Y Value: GS1.1.1662301277.1.1.1662301277.0.0.0
.rubiconproject.com/	1970-01-20 14:30:37	Name: khaos Value: L7NF9ETS-1O-MFAL
.rubiconproject.com/	1970-01-20 14:30:37	Name: audit Value: 1\|naVuGyos1qpV7Q1ES2xGFy+IXqvPVzt4X6LBWwGzep0JDp7MRhFcadPVaWNyVcOvT0XZRSL7Xhq7N1XQbIqEyNp8FH0KG6PuUN+/nvRkaHE=
earnme.club/	1970-01-20 05:46:27	Name: _lr_geo_location Value: DE
.earnme.club/	1970-01-20 15:06:37	Name: cto_bidid Value: obrf0l93JTJGQW1Gc0s2NHFvUyUyQmc1RUZFUnJWTnpMMCUyRndiWWYzZ0hpVyUyRnFwemtiY1JNbmtDRGpmeEgyUWczcHFBeTVEbVFia0RJTnlEc3JYRHNXempGUnhYTFV3JTNEJTNE
.adnxs.com/	1970-01-20 07:54:37	Name: uuid2 Value: 2928211502789460109
.doubleclick.net/	1970-01-20 15:06:37	Name: IDE Value: AHWqTUlCsVtwKjNwrsTKpLOzsDdI_DtpeD5age333KbJZjcWcyu-gToXbAqeZWFlmSs
.ad.gt/	1970-01-20 05:46:27	Name: au_idmatch Value: eyJhcG4iOiAxNjYyMzAxMjc5MzcyLCAidHRkIjogMTY2MjMwMTI3OTM3MiwgInB1YiI6IDE2NjIzMDEyNzkzNzIsICJhZHgiOiAxNjYyMzAxMjc5MzcyLCAiZ29vIjogMTY2MjMwMTI3OTM3MiwgImJlZXMiOiAxNjYyMzAxMjc5MzcyLCAidW5ydWx5IjogMTY2MjMwMTI3OTM3MiwgInJ1YiI6IDE2NjIzMDEyNzkzNzIsICJ0YWJvb2xhIjogMTY2MjMwMTI3OTM3MiwgIm1lZGlhbWF0aCI6IDE2NjIzMDEyNzkzNzIsICJwcG50IjogMTY2MjMwMTI3OTM3MiwgImlwIjogMTY2MjMwMTI3OTM3MiwgImltcHIiOiAxNjYyMzAxMjc5MzcyLCAic29uIjogMTY2MjMwMTI3OTM3MiwgIm9wZW54IjogMTY2MjMwMTI3OTM3MiwgImFkbyI6IDE2NjIzMDEyNzkzNzIsICJzbWFydCI6IDE2NjIzMDEyNzkzNzJ9
.adnxs.com/	1970-01-20 07:54:37	Name: icu Value: ChkIv46FARAKGAQgBCgEMN_o0pgGOARABEgEEN_o0pgGGAM.
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.doubleclick.net/	1970-01-20 05:45:04	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 14:30:37	Name: CMID Value: YxS0YGLUgret8.FuKMhcmwAA
.casalemedia.com/	1970-01-20 07:54:37	Name: CMPS Value: 1145
.casalemedia.com/	1970-01-20 07:54:37	Name: CMPRO Value: 1145
.adtriba.com/	1970-01-20 15:21:01	Name: atbgdid Value: 34ab9cde-6873-4b15-a79f-38be017d6129
.aniview.com/	1970-01-20 06:13:49	Name: aniC Value:
.ad-srv.net/	1970-01-20 07:54:37	Name: u8x7eovwf3h6_uid Value: d1b12c92382ac109
.adnxs.com/	1970-01-20 07:54:37	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?]nrRkO!]tbPl1M>e)ZlrFUfJ+tGXxoi^*(]Q-_R/c=@qxPY[.U_DDB8]5)CU^-Ls3If)y3KL9D3I?+5n#iG:
.yieldlab.net/	1970-01-20 14:30:37	Name: id Value: 703bbae8-89aa-47f3-9d6d-9f78135127f2
.spotxchange.com/	1970-01-20 06:25:20	Name: audience Value: d958fab6-2c5c-11ed-a894-1a3cf9d10306
.yahoo.com/	1970-01-20 14:30:58	Name: A3 Value: d=AQABBGG0FGMCEFS2z3APoypKJjbeEweIZcQFEgEBAQEFFmMeYwAAAAAA_eMAAA&S=AQAAAjum9aS9aR6owfdAs0Z0WCE
.ad-srv.net/	1970-01-20 07:54:37	Name: v0rur7gqspb3_uid Value: 1ea41c68fb45e467
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379079:2519519
.awin1.com/	1970-01-20 05:55:06	Name: awpv14098 Value: 559379\|1662301282\|da1647a0-2c5c-11ed-94b9-2265b3bf8141
.analytics.yahoo.com/	1970-01-20 14:30:37	Name: IDSYNC Value: "18yl~26z2:18yx~26z2"
.3lift.com/	1970-01-20 07:54:37	Name: tluid Value: 478178603170516237604
.quantserve.com/	1970-01-20 07:54:37	Name: d Value: ED0BCQGCJ4EA
.quantserve.com/	1970-01-20 15:15:15	Name: mc Value: 6314b462-affb4-ca87a-c5ec2
.mathtag.com/	1970-01-20 15:10:56	Name: uuid Value: 54326314-b462-4b00-ba9a-623816e19522
.mathtag.com/	1970-01-20 06:28:13	Name: mt_mop Value: 4:1662301282
.ctnsnet.com/	1970-01-20 14:30:37	Name: cid_81d2e425c84d43c4aa5fc9446fc49c3a Value: 1
.ctnsnet.com/	1970-01-20 14:30:37	Name: gid_CAESEC93VUBEy3IIakFLNCQcIvM Value: 1
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 14:30:37	Name: bcookie Value: "v=2&07f6b931-ccf6-476f-8f1d-7c643200979a"
.linkedin.com/	1970-01-20 10:04:13	Name: li_gc Value: MTswOzE2NjIzMDEyODI7MjswMjEaFpdxbyFYyp1gZhxbIBvbGh5JcFX3d9pbfNnWXu3h7g==
.linkedin.com/	1970-01-20 05:46:27	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2465:u=1:x=1:i=1662301283:t=1662387683:v=2:sig=AQHbYuNjoa3hZYHZwyVyHyJDVci8rzfk"
.de17a.com/	1970-01-20 14:23:25	Name: guid Value: 1.7901070243435259390
.adform.net/	1970-01-20 06:28:13	Name: C Value: 1
.amazon-adsystem.com/	1970-01-20 10:45:58	Name: ad-id Value: AxtZzNoQ-0Gpirrfep06glI
.amazon-adsystem.com/	1970-01-20 15:21:01	Name: ad-privacy Value: 0
.earnme.club/	1970-01-20 15:06:37	Name: __gads Value: ID=0e400c037c8bfdab-22c16bbe13ce00cd:T=1662301277:RT=1662301282:S=ALNI_MY_9vNZ2TPZfxl8JG_U08OY2p8gWw
.everesttech.net/	1970-01-20 14:30:37	Name: everest_g_v2 Value: g_surferid~YxS0YwALb3qlcgBC
.casalemedia.com/	1970-01-20 07:54:37	Name: CMTS Value: 1156
.adfarm1.adition.com/	1970-01-20 07:54:37	Name: UserID1 Value: 7139529646592751771
.adform.net/	1970-01-20 07:11:25	Name: uid Value: 6402019895202831794
.tribalfusion.com/	1970-01-20 07:54:37	Name: ANON_ID Value: a6nseFMZaAC6pqGpS71cMvTQIZbgxA87Lk0g4dDgKcS28YZbZbUfZcQTHjGrZbEiyJubeLHGtWLnTI5MRZaBqjrTPIE
.criteo.com/	1970-01-20 15:06:37	Name: uid Value: e474815b-b9dd-440a-a64f-6299cb803e82
.earnme.club/	1970-01-20 15:06:37	Name: cto_bundle Value: 1SaXTF9vM2hQV01FcGk2YTB0WnRtTlNjUkxFYTR4ZURuRG9XVzQ1RU41Wjk3WUhUOXNTNkF0ZGYwRW52S1JORDhKZ0l0QUtDSUs1YVdVc3hiTktEU2p2Qm94aEpCdnYxQ2FpRU9uYmhtV1RRWDQ4SDZ5UHV5U1JPUGhsV1FzQzZRdFd5dURKa2xNTFo1bHclMkJuaXlSQzFPZWpGZyUzRCUzRA

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://earnme.club/zero-8i-from-infinix/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://earnme.club' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://earnme.club/zero-8i-from-infinix/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://earnme.club' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://earnme.club/zero-8i-from-infinix/ Message: Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://earnme.club' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://prebid.smilewanted.com/ Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012208121708000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
worker	error	URL: blob:https://flashnetic.com/5a601b4d-91ee-4284-84e6-91228a0a5e89 Message: Mixed Content: The page at 'blob:https://flashnetic.com/5a601b4d-91ee-4284-84e6-91228a0a5e89' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://flashnetic.com/5a601b4d-91ee-4284-84e6-91228a0a5e89 Message: Mixed Content: The page at 'blob:https://flashnetic.com/5a601b4d-91ee-4284-84e6-91228a0a5e89' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1961d1ba9749499095e2904a9bc9e2cf.safeframe.googlesyndication.com
5aa24a37af2c1d0aaa38a1634cbfe388.safeframe.googlesyndication.com
712640f0cc3a8545cb495f4e44daf3f7.safeframe.googlesyndication.com
a.ad.gt
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad.ad-srv.net
ad.doubleclick.net
ad.yieldlab.net
ad10.ad-srv.net
adpone-d.openx.net
adservice.google.com
adservice.google.de
adx.adform.net
ams-pageview-public.s3.amazonaws.com
ams3-ib.adnxs.com
at.teads.tv
ats.rlcdn.com
beacon-ams3.rubiconproject.com
beacon.sojern.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
cat.hbwrapper.com
cdn.adapex.io
cdn.adnxs.com
cdn.ampproject.org
cdn.contentspread.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.playstream.media
choices.trustarc.com
choices.truste.com
cloudflare.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
crcdn01.adnxs-simple.com
d.adtriba.com
d5p.de17a.com
d65a9111d03c0b1f2b40b15b21024224.safeframe.googlesyndication.com
data00.adlooxtracking.com
dclk-match.dotomi.com
digikulture-d.openx.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
earnme.club
eb2.3lift.com
eus.rubiconproject.com
excellence-prebid.sfo2.cdn.digitaloceanspaces.com
fastlane.rubiconproject.com
flashnetic.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
geo.privacymanager.io
go1.aniview.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.adpone.com
htlb.casalemedia.com
htlbid.com
i.clean.gg
ib.adnxs.com
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
j.adlooxtracking.com
lb.eu-1-id5-sync.com
link.tnlink.in
match.adsrvr.org
media.kaspersky.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbjs.e-planning.net
pixel-sync.sitescout.com
pixel.rubiconproject.com
player.aniview.com
player.avplayer.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.adnxs.com
prebid.media.net
prebid.smilewanted.com
prg.smartadserver.com
px.ads.linkedin.com
region1.google-analytics.com
s.ad.smaato.net
s.tribalfusion.com
s.update.ib.adnxs.net
s0.2mdn.net
secure.gravatar.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adbutter.net
static.adsafeprotected.com
static.criteo.net
streaming.playstream.media
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
tg1.playstream.media
tm.ad-srv.net
tnlink.in
token.rubiconproject.com
tpc.googlesyndication.com
track1.aniview.com
track1.avplayer.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
prebid.smilewanted.com
104.18.18.126
104.18.19.126
107.178.244.119
13.32.27.51
138.201.63.145
141.95.33.111
141.95.98.68
142.250.181.226
142.250.184.194
142.250.186.166
143.204.215.113
143.204.215.67
143.204.89.60
144.76.87.156
147.75.85.234
151.101.193.108
151.101.2.49
151.101.65.108
151.139.128.11
157.90.71.190
178.250.0.165
178.250.2.146
18.203.209.222
18.66.23.213
185.29.134.248
185.64.190.80
185.85.15.23
185.86.138.121
185.89.208.11
185.89.210.212
185.89.210.82
185.94.180.126
192.241.157.60
198.47.127.19
2001:4860:4802:34::36
205.185.216.42
213.155.156.182
216.58.212.130
23.205.235.133
23.205.253.64
23.35.229.56
23.35.236.188
23.35.237.56
2406:2600:4::1
2600:1f13:800:7782:2ffd:4913:b6c3:d37a
2600:9000:214f:7a00:8:48e:53c0:93a1
2600:9000:223f:9800:1b:5138:8a40:93a1
2602:803:c003:200::27
2602:803:c003:200::41
2606:4700:10::ac43:266a
2606:4700:20::ac43:49e4
2606:4700:4400::ac40:98f5
2606:4700::6810:84e5
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2a00:1450:4001:801::2002
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2008
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2001
2a00:1450:4001:831::2006
2a00:1450:400e:801::200a
2a02:2638:1::13
2a02:26f0:3500:c::5c7b:6837
2a02:26f0:ea:4b9::2c79
2a02:26f0:f700:4::212:4f0d
2a02:fa8:8806:20::2040
2a04:fa87:fffe::c000:4902
2a05:d018:d29:3601:1c03:949a:3875:f724
2a06:98c1:3121::c
3.126.56.137
3.33.220.150
34.107.148.139
34.250.54.135
34.95.69.49
34.98.64.218
35.156.8.160
35.186.193.173
35.241.31.249
35.244.159.8
35.244.174.68
37.157.3.28
37.157.6.247
37.157.6.248
37.187.28.21
44.224.191.126
46.105.201.233
5.178.65.246
51.89.9.254
52.204.142.233
52.21.172.125
52.216.232.227
52.222.214.100
52.28.203.152
52.57.145.143
52.59.71.86
52.95.125.22
54.157.211.237
54.188.185.41
66.155.71.149
69.173.144.139
69.173.144.165
76.223.111.18
85.114.159.93
88.99.70.21
96.16.132.239
99.86.4.86
00258aceaeebf1213cd9966816bf2368b72ff62f16a28d30c685d463becb788c
00544505dd5d4fbd0d42aa45a7aa9651e5f06dc7b415055993b16f7118e4b4fd
02740988c000f39a4a358b7afa18979291fa2b4c276afe6a33237bedd1795948
03871471a0675b4fba54a0f9932f69342b3a351c4a4855f8cf930d353ffd7f49
03b0f5c2cbb2aef4c2ed814b15a73d064a1bf968b984a461b7a5c96fa1f9e4ba
04767542ed18ac4861727b0318e9a59c54580b88dfd6b1a787fe9d76711f7145
04aaeea5e77f0952bdcb590233ccb5aedd78a387cdfc15d5f9d73d67be72d3b4
04e9bea5c4b3bc0e1835864819ca5013b7b30457b5fc70f6e25d38d7ae2bc91f
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
054c480b41dbb8bb1a0db0dd51f85a18dafa9679cd1988d4824f9da3f8aa1215
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d9487d0d05b38994c2a06ab9639cfa33afe0c98f89cbb0f3bcefb4cfb0aa84
06e0e91a01af508f9eb830feafe8dbf0b381e0333ce3667489e6cf48809c927b
06faa076f6765bba3191357d3268db124531b495da50c9e2dc78ba9890cc14b1
06faadbb85d8364fac1c95da61a5f4b7bc6e7a7fc529e1eb94944c88ecd1e053
074c0274ebca8c0e9e0104ad11ea2038c0cb1a30ec9ba9ad6da0d511153c7e1f
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
085bb6139fbc88ff13d8b9f7cfd49daf277213404a701aad9e4f0304d84c6847
091947b2487d26f854607a6f963ba911f3cc168e797b2e6903db5d645f43efd7
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
096ddcd6353390a194d3a68b5f7c2fbf5ccf142dbb32421c927042af27e9c400
0a279d2716140e9d451e17c1eb85e9dd5822cb847079963eb4442a69e7bc684a
0a334c49e7a2e7081145d49823d822417dfe1456cfcef16d5bba9290f34e6032
0aca9d549981e9a27a786545ba75fed3bc70738752aa299e95af6669f199464a
0ae668cdd696bebd955cc6dc5f93c260bcbcbb515cbcb7145fceba3fda72e80d
0b3d53392a2ebb6a2fe0c7d4c5ab95663cbb75a2ae9dc8d8506c1d7aa8f51646
0b860a88f23dca8107e19bfa3af19aa5c58ab70a3531262f47ad371f4c226b4b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc006d41c386d832cbee91e6ccf33feb078474a29b847fb60e47ae8865928b9
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bd424b113da155f26c1800507f6b42442fca305cd76a2ba7a18f2a7feef21ec
0e0d5aaebcb9185499dabbc6f1e6979b963ba0a9e683603e0662e96302be9983
0e16d841b1486b5bd9c69a543084e0f558463ad9bd7ffd8791301367f8a849a6
0e39772fd4ab2ea007f5b93277960107e5a96696c53eef90c6e694e556ff5c26
0f6e3736f7b2d2088e5c45e56c8f1ee07a0fe5ab72af64b080f7e07346f281b0
100e5af15fe1910a3296fc6042b01ad12551ae410520b000d62e10454ca1bb25
107f9f42af6971e337620553b79628ed5eddd183ec47de302b8554ed3223b513
115657adc9f6a18b895a254b86eba723f4a7b83fbdf51ad4aa8e173a8887387d
11793e513503667611d1b09576e5b9575a1dcc80f68af2f3a7e56505655dc811
1189e840cf15b6d9c35689554948a7455767181e755dfc538c4912efc768eaa4
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1326d911d716467ac41909b5fd8af44dfa453c2f0de27759860584ef1ad8bcbc
13385bc296bb2dc9cac61d19963d6868de43445187fdb91b6980e892773a1c37
1421e72aa04580502fe9938be0b6be58be485ae895a3563bcf6f5a2536e326b8
162327e4a7155fc009d99a80a9dd825581ccb540bf9a37b7343f8637f34ae7ce
16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba
174449c9a8393b3a2990ae70a6b1ee3c902def54f9440292ecc316032a4966e5
17bffe616d8a1e024f86111d240eee3ad8d03076f543e82e1b552704c8f30e86
17e6c4698298ec2bc9fe8f5bf7bc120607ae6d0a357c96e4436d7e69c7747601
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1827b33859eb5896fed0115e644c8d34944585a557eafae155934eaa2fe40039
186b0a55e7275c84c35a6d1535e9f05a13fd6bdd959ddba21c3d73f159762122
18ae2ac5caf41e12b2dd1ddf575dc4baccf3e0db1a374a65ae847ede23659e65
1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3
1b26c04ff19851d0780ba6dbc37d4920b48f3eeb54963c9ea1667941e01bb7ed
1b6e4ff4bd2eab318dd7aadfee512265bdf0b48de4c1201f6dc8ae1cb5f49601
1b78344a18cc46582ecbd6c65057aa0d36c76a8f2d9d23a738eba4a905f27a51
1cf6723bc6fdabc360afa8360ff6fa68bbaf5678344c2ef5367019c1c68f9e39
1da1d4b69a98776d3f77ea14b63ac16ededd29266f62fa4a87c2b5d88d17b2f0
1e01229bbb5b2f75d84278ab92afb8d3613223493bb7f58700b7f26b5bd7c71d
1e4fe7d22bcc670c10b30e762a6719c9734fda5cef60ba4d021354c31c03a380
1e651a4b9fe404b2dfb84e4a324730875c5207ab9230b338a59e9225d20d98e2
1f1c0e9e76f5baa28c2453d0d02b97d42e5f66283f0d3058a4ccc366e7f2411a
1f30cdfc13f70058988657db4f8ffc071652d07ab662c9080bc4e6c93886280b
1fd0b2ae3a82b08ac40493caa5c246e6f10e35d7357d495a26d2f0ec02c7ec53
2119289f05d9a59a96284785dc13266dc3b8564835df6a2382e64d82aa94067f
224cb394c10f43f68afe5385be96fa491169e817e98a240df59e8deaf64ec2aa
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
22b708f3ebd27eed5651b3b2bbe8e7df0135344ee6830ff1d63f741d47a67cc5
22d58a82be2a75e3333c3d7d6f03f593d4beea9301e051f95bae23ccdd4b7ee3
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
237f00f14862013eeedbbbb7e57554c0ef2f6f20655bb80d9ae0ef8bdca4abed
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
246d55b6ef0bb428e645bb958717046721a0dd3a1c2c798534dfd18caa726d44
24849ab57d0420d7d16ab736887a565d612608b711ac6e57f7ce8e400cbdab1f
248d0f732763fd82701728aff2902d3e6b079e73f1ea00c1c4bb749f45e9226f
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
25280083af87c8d6dbc6ff5bb926bf9d0d373d244cead76893430166b8df0bd6
2628cecef6fbcc5bd2bd059e469c3405114850b917f67ff26d50adb632a36984
273826eb9314fd3865e9c7adffa3cbf1525bc1e70282cacb76d6efd67250c5e8
274dfd0486ba0bef509d26b4b2509c7b149d8a447b5133dbc337a4640612cf9b
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
28e8096b890e49b4e5e638e51800745fe7de489aa19474d51a4749dac1837167
29d04c40da5e890976cdb0d7945286d370bd9d92b5ec8e29a056ef47163d230e
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
2a57e3e70f456b1c1828f5acb6e8226fd3ad04ba2e294d59f54e407f3253a270
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b4fb40605171ead73d378f3bf90d138679f7d4cbc215be7b4e1e6bd16cd05f7
2b60a53e89d091b109fa3ab2db8b0c348bc58d1d0a230c41ae61215001c0a954
2baa6ad2dacc23228e395124af0f3be4035e8dd2e71ae12e2ce6dac2d0d2a15a
2c6cd6437201b0cf35c1eccffc8e99291167d496c73ab43ecb3cfeec5a5dc28f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e744a66257c7c975261db63da2cc0b344ff2a82621849aea8c8c7019337df51
30493fed370c9d0d6d86a288001ec12460d0e4e7785ab381eeda6efe5c5e90ea
30df1408d82b10753d186bac5c4f46f54cf3de339f64ef30b4bec81f24dd2a0b
314913e2c13c247ad48403b67158391de7c43af769db026cafad36d751456e52
31efeb7bd7ac7560d47cc93debc722a4b1c1925f261151b1ee5601cb3cc8c0c5
322dec810cfe0cd1251de3c9422bb5467d3be06b74edb09f3791d928df82a3ab
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3420f6a93b72d3cc53cd9945a97479ef9c82f2470eb12f14fce796be23608308
34ad53c94ea7daad6cad0a833a6235cf1cb4eac7d3c11390fd2aec23ed7acb73
35700fd4dc1a4008ab66bc0e57c19689f6daca9368bfd2a6beea1b86dc0159d8
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
367e2af43809edcff2e4f2c6da127b3eae182e5e5ce918cd93bb61d87ba60c7e
3701c4a3bc16d9adb16be9e22dca15c38e69902880850080dce8301e04ee6378
37bdde71eda05551adae1974b43916d2fc58ca04bc1b8325aab65e2668152b66
386d782c3a0d9e89bbde434ae2a1a925c640715b717a7697c39a8f1104608cf0
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3aa35cda3424825b2d14500636dfacc4e64f8cd1d0d0f980fd78fadaab20fbb2
3aadd6520c5272231979cd6f9cba3c2d42795007c581dd147b3a1356a524edc6
3b0bc36f527b511251af347e357dd43096c3c242906588e96cf0fbb7b8611ff4
3b3116b096bdf5bc5346cfdf6c61a9924c325551bbbb9bf01ce0979dd54e32eb
3bd9841b73da798a11eee426806a6db72a7bb989418684b121f751a275b96def
3c0c388e728c9320a5d2d5aaa053091b053be9e935905fbdfe0018332278c7ff
3c12fe8a2233d0ecfd991358b04cf3045935d06eba9ccef85c014980308697ef
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dad89bd01783443195a892365b91096da2f6ebb36b2169ab32af37344c82f1f
3dd40f4fc7893dda92c8a8911e0fdb3b28c3fa465582358376d0775b93e73903
3e196d4ba5941a2d4ba1cd45b1290c46ffb95face19dfe004af04538c94b1eb1
3e1ad7f6908aa6757ccbac4f4da0abbbafd1705a76981126f40530d62c8ea309
3e50ae2431cabfea1f2ec009649bdd2b6d20d58370880a09cabd02c5cd7e5a25
3e5d56fdc6da430731e3757af7d9e1dbcd03ba431c640c6480f1d7600a0cdd28
3ee1aafe7fc3760e4f8e7531e236a9ee0ca51ecaf7361cc63b3a115f8fcb1e7b
3f05fa29947e2e6c5b0c08d35d87727d9bcc5bb68aaaaf8def8a37f84a234b55
3f2a8ca1705a3d8e66979c8df98e647b51d96906c013b6a047fa55eca49e813c
3f2c0c4e4c89eae172edef7969867243fca9370249d772d7724ab3bca286e1e1
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400962b96edf8fbb443ff0cbe24f87aa13fa5ce6613db8604e2d5334f7f4f4f1
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
401fe5a4c1c7065544d860e5a3af5fa5f7707f221ea7b82e21fbc95562d9469e
4083c44d2860140b136b84fdb3ff8f248074dd47481040f70445f619c1815f94
40f06e2fa7d180e086d73705d465e636048378a1eb00def94a5aefa675c0886b
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
42bb07e86a1c72c41e96505ba9bed5a641961602c76b40ad1af243c6e94d27a4
430686436041ca4751355318414690e3c7a42e79dc0136c2ea1af10df86740ae
43a9a2154c658cf0a3a1aebe3d5ce4ea817564fc27e85b90f2651cf46f37deda
43decec48022e7c63bd86e646c5902c4dbd1650b341f9378537c772f2b8406bb
44519173d8c8c7e9ac22412ecf41f79ee46d3773b9a55e0970b7d57b47e170eb
448fd4139f39990e8ecc35115c75bf30ebfbbdf7af3ff61642a93395379b1184
4523df3ea81ac6ae3e9f0006d7b8a62eab2c93ae5cb410f1588fe8914a071b4e
45c9a4c5a5a462873793bbd1fd7878f52f9b54c58a3808e9776535e17fb1f674
46a3ac9772e00ee618ffdecb3deb469397fa1d732789dad969c8397dc65e328d
475316d3002b7bf04d39e01825b8443b2748411e616908cbc2a87e49faa1f1ef
47df803326d83ae8c0b7f1d9e8bea7ea792531fce35661b7ec0e7f46fba70404
48445ebd57b08f7c79a763ea6f298547bfdfd8d29f1aacc1b7c8ed8eeef9f64b
4870915b661e4b212581ce157e4d1507f127f6d71dc562af0f8bc7fba3829c0e
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
4a23ff3fd690ffb38aa51de5e2bb8fa8b6e0a42431613e8af9283986d540e413
4a3170b295102d035d71ac0831fd855bfa941a78fd7b573b9ae7b583f8b6545c
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4acdd0f781acf0d75caeb8c612378bf1968b8c7715067ab65bd1e31fade05bf0
4afe2a8fa310b16be0bd41d2405ded9dd74641d5f258f27227982b880db89568
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b4be258f1895ef0339e7b17a0dd6e953b529f74fcd3e861d0aa933a1f789ee3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4baa280c316f80216c7d9dcb64f308726f23cfe4fd4ada8d36aee7c3ea101108
4c129de4ca6a81fa546be49e4e916ac53a75016043574edf197af18b16daeb54
4c391f607106472f6c850287a3db8908f71fb4b0908b3c4ff8febd90110d4a8b
4c787f328ce9fe9dfcbc0a5ba61dbc0737c998b8c23dff5662047f254772d2e9
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e98478c20dd3fbfd6e868ef9e0c18e5d07ae52bc060819f8d229c1322438780
4f28768451fff3a49d0843683e94ccc7e110044c01b0637ce3327d9173531de1
4f5b2a1d8445987e9bea4ea40115e763b53d81f6a7ff765f3d97850c540b806d
4f824255471c27fa4d1711fb3dc95cd1abb01d4267cddb88a80da9de0ad9e568
4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e2d3c99a5108b8e0e663b640e64ec8e147c19ee542b4f588b8b8829d973151
51d2b7c644c27e0629666ac2803c3e5a7fb03fd50c6ccc1c977e9b5cdf2945cf
53d8e2df0b9330aafcf9a35de9c0f67da108cb1f93b2be1066de0401e6cb0b10
53f37a2953106459fce99aff159c5e95b5433d63fbb976960c585d272960e2cd
5409fe6fe07e8f285cc98f513e362e6b316fb6291d0602858aadb4cf3026e5ce
5412fd0ad071050bf43ac5a91295c6220d2123177c9689708c78281e1f018f21
558587aecf42d586786beb44c29643e4140c153e47f39fc18e4567cfedfd9fb3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562ebd4cea76dbbbeb4a6c7bf1b51792e0b675fcf9634bff8725724dfa0151d5
56a1f9f82e6d3e3daee225c3e8c505256874ef4326d49f806a1085bee7d909ad
56cd3fc1c9b108bcee6f7ab85eb921d4fe5af08e8825e553c65bda6f3a753e63
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
571d29030eddb0ad8e924f625d155f38e67271b228e59afba74ad2304369ee75
572bc0584a0476c0e03db0b475dcf119873378e8e950ddd66ba027264432f2b2
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5968deed67db36c17098f115d0fd4318e4ef3616b6c3541da921599e64689040
5b82f3cfb4321b69d1c7a978bbc29d67a6bff2f5efb2ecca0935c9d46a9371d4
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c72c8504a9b6e57dd1d1c36e0d9975788482101baab4d8188093cb287e358b8
5c8de4984d7c3876d27eebf18970f01083f96f9acfc61535b5815bf3ef22f171
5cd56a9561b65e00b4da7b4db9d108c1139a66f366d38403db75ebad6190bee9
5cfb8c98b29a96e65acecf9480b3bb67247fc5f61a6522cfb66fff3f31fed933
5d20e5400f784c60650aac191c6f1c33f1c7ac3075244b24bdcbddf789d99bb6
5d31e14e5d718fa605af89793d6aa5a40b233e584bd833b5e62d535eaeda93ad
5dadfcecb536de94c9f5a5812cfd232b6b4f91a41ac0b8d94e03d30b0c8bb65c
5db1a3bdb623cff86e791150634e3c2783c4f9db1def107463440a024476eb6e
5dbb5147d180034bf86adfe8c60a4c1c7e777b1e13ada51d26a6b8319f76791a
5e13b90799f22196ba6eb73bc0ae35fb1ac591db29c060a37babd4fcf1f34efd
5fa13fd4d5c83d7cd065ea22d6046bd254e1441e2709a0bcc546827b2d86b80e
5fb48e6a58d8a8675f2b230633e5e7483d7b6835a09fe4f21d8a300ec9d5a951
5ff87d0ef4017f6c2c2147123c4ce8c75d0a33bbd72c72cc207472711012e3f0
60e16b30455ae16c6bd635ea4169a3586368fc10cf546cd4730205dd555fabb2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622cd4a2d30e2b367e91504a877c0284d39bf4ff04c3fdca849996e4df5553af
62a6ea4f4b2336e0ee130058685a3114e26242e80d318b4f8fbc88d7fb795d8c
632455e18650def1247aeacc25754ad0eb43e504ee0ae3da61c63182dc5081b8
637fb5bc1e79a5cffc5c03503ee2a5d8a35732fdd77d9983a2dd85beb048e042
63ba293fc740fb6f1b4cc76013dba543263d030a3ae9aa099471736fc4286229
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
640c7329d6fa76a0ae3487f6b1a5b85287cc51bda33dc83e65bd0ed0a37d8f71
64ab062a2a4d62d22170dd14c4a3a566632d1ebf476ab80d27c7c81901209e36
64cf23885cb5733e196a93ae78b5c0eb657a5a254a7e7d5d857461b65309fd20
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66605eb4654e28ab60da1eca0cca51b376d75165475f029600c552c3b3018e25
67cf9871481edf375ebba52eecd62ffe472180db0268b078e54162d50a5916b1
6856470a05b9bb14f9e559880569500625be2c25b977d91a1960e0a4633e4d90
694bf9218f362e6dc6cd3dd24342d4ad35e9626ebce40ffdfa3d0594e2614534
694ce4f838c91a20a34c29ac78509b8f74ca3243ad823a88d33a0a1def0fe6fb
694eeab7f4bb722f4f0386adb8b3d3e7d220f732b6075a5b620f3b4bcc3cfb0b
6a38e3d7419dba4aa6a97c4f2da1b393ecf486ab18ae55ad252c49922dddb5f9
6a3cf00b5a1952093d4444a827278d450b250088616a8cb9f4aa8a3718f9b595
6a8611452378b638501d9869963cde74c1e831df48d5a9f96f90b7f645295b78
6bae4a5df5ad2928d29b1664add68f4cc8070c283864945b9243cd09867270d8
6bf3c89a3c323e01473a4f52450d9ffd0f0b16f3054f4608b5d284bbc3187c40
6caeac58650e614eedd1331cd86eed2ec9e3341e4b6b8b46660c069c93d5d608
6cbf3e7040043cc14ff89276fe067a34d0fb805e0a933b0dc73c1ace1ce3a2ef
6d38edfdaff5a3e6cfcccd26f9eed468207f91adf8833e2dd28e8660035492ba
6d9de14770fcd48eb127eefe75a2eca6167f8f380b6308a113125eb5645169b0
6ebad5a338d69559a5d326d8be302c5288cc2045cef7ea6f6ec1c57d019ba41d
6f0be0504789765af0a9f8cf06583f487d612a99a773a7c67a0a157fad99812e
6f784b3582e84a3eb9165d50e3e57be3506183ed8cffdaaaccc76dc6c4a37dfb
6fba09a93a4f6197684101fef0f415ad00fb0dee1a59fdd557089d9acaf4848d
7041206683c7b5da4188ef7ed1523815102ac13af21f55c4b04b5fbbe4514ae5
712a5128616a7b6a16f64a6a0c2533780a2c4f41c713fe5da0e947b5d4263947
71c47aeb78c1495815cdb8b9edb895fefb3e54ec1dece1f6676ea97f7e0a2915
72a4c2ab1126b34efac59540b1fd242d7789c98bf984b60bb2f57ad5af9c947b
72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206
72ddba36042c638dce4256b4581fa6addf5b18b07c58f3383863f94eac426be6
72f727bab11a0aab90ba2c6bd2381bfb76cc40b369491108970bb9739e2edf03
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
73d2d9664745fbb23bc1ec6e64d7c74a173c9a08f4f7be614b3a9f5c434b14a5
740e0453046ae81a1f198a17c1024016b34d7ebb528869159737e635ddbb2f58
742f3207cc1915facc61291fdd7b78f93a8d880d4c6aeeddab150d4f374cc332
743459c8eff4a1e53b1604de38e517efd3bcd75c9286b90053e95c50e3d9f347
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
747fe85d8724d1a1118770887b2d61f71fa491b3ee0df7fa6cd228bc9d1b90a6
7548d4301e7fe09a2f73a6fbe821a60ebfc0a946c4bc30fc18d11577ccdd62a8
755da2e15ee6c129e5cdc49ca4fbeba9577dbd04080e81d52ea8070aab706824
7595bfe8c6e2ac1a699e703bedf3af611d3e4e9d841dcbe33bbc988423236f42
7906f9d066af037d1fe806047b60d717d4b1fe7fd0588b77e60b506c0f7a3d68
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da
7af0a44eb4ea5e34cfbd9273f8fdc4ba68f2b80b12fb8e1cf27fc7e8ca09baaf
7b9e8ba46101b855d0019e5462d942c5e209fc404be589d2c96e8057c12d7a65
7bf9d89a0f5414b003b68cb8d9e0707003122bc2cabc5daadb51397f712e3113
7c15a87a92d430919dc2e02ba4c19e73cbedda992ce9ce92eabdee1d1e7f312f
7c7676e360321158fd19fb1eae9c426d70ff38ccaebca142bd0a5c0659f59856
7da1fbad6f4b62772fc4837f892e891a649f1fec234dda4d9da493720abcd325
7e13632e083c3a84a6f4e4e75519fd27738b1556e6e192dda168ac909415c8ad
7ea7d6db42ec5295a07728bd249cae3a8c7876c9e13de77c33407d93d45bb542
7f9f775834eeb1a2db9dafabc9927a32efe858b537990996ed44e62b1ded874f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fe251802040e7c75741266a79431e8b081ce83a0d845d23fd9752e17c34fc10
802a0ac9c835c0add64067c222d71b52bff0f5cfaafe4b673b1875a68ffaabb4
80706ad1f7353efb152c32ef70c4eaa4ac2c109fb1841e355dbf7353f48ef36b
81ad10ef2e72a790660a767c40dbe9997036c0a480b7769cd9219578bdce15ac
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
823c562de715fb23643c27016827043b39394e6dd6332fb701bd2bac513ddb06
825ec614cbf8d5a3d1e4e8a3cc76f513fd9780a7076f4c4e9ea4f008697e7b34
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
84fc1a47fb8d68b7a785967b89645b6a89297d240170cc5530a4edcef5d91559
853301ff4184ec094ac37c2f661f4c97036efb0b691640d86fe62cf76a06ede4
865a889eda275ec804dad8f75d031b383ee95da2b58fa276095296257cd63555
871469d7db411effa912da2f18a5cf1dc710b40987198fe30f98358f982003e8
875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
884fc0b051313b4717d2e86079831eded3dcd206d04796ead8af03acc8d825f3
887fdde608c6ff1af2f72f3974b1f9dcc768d9dc2b86b41e6b065b60fa90a9c2
8892a89f5adbf140a250d8e72ff7f3e19e8e6274e7826125565398d089ab5064
88c65b5614a5f5e40fff67a9f1f661557f5cf35bb22d4bb449295cdc5db05386
89013866b8ebfdf82160764b685d3348dbc619e7342d161756f8153252ac3ae8
8a86c94bc7276039ac50a7210a71e52c6bf8ae0894c7a255f84a3444c04da28b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bc5eb95a0736ed8262a435b459c4580634f8295597e0cabdb8f443b205c5f00
8cca43627e4d80bb78c2437c793b99da78310efaf2d7f6d041671c73d3a693f3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de5be317de0e910d5ccea3ce5a604f6fe59df71dfc30b8d7272bd1fab48617e
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
8fd2d8c35411ccc150c9cb5fa7b57bdeb88b318b0a6e5835b9041edfd7fbf087
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81
92093ecec7545ef1898fdfa0a3593a6818b61098d41d20795049db900d742a1f
93e933cda2759567f9067d8cd22f3dc10aca9aa5d69781ec9e3c12cc613f0657
94aab20768fff5dae0deaf0df74343dcf83837dedd4ebd01135f46440caed61f
94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215
95575cd1f83035fcac0e58511c6f04d2874046a4e07d11bd584980ca31a3ea78
95c16b1649244927eb3d9cc6de19e84e712b4f77f0846d70452822dd0e17d339
961d69dd0e8a2f52ae99473f60e510978dd3c6cda2365e665977afc10c975492
96250b0de15d90f6e2e2ee39329e3060c7bc4a15e69cb6933039664f024f7efd
9654143a6201edb2c90d881fd3f22c725b41e9104596cb4c5c7b693a8f718304
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99645501e9491336d3eb6d1d91100bab25f87597c7a49e0d32d1f2ea8bf84aa7
9995f7b591f7fbb199201d85cf5fec4ada31d66e919a3b41797f392157a355ab
9a0ff2822ee7554f715e835db9a2a2d1de6d9dac316861f11d723a5a8f49d767
9a50ad0ca396beb78f1ba7d052bb9a63624ff6520527190e5a8e8cd1b91d0ca1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b37fcba8a09af276b78636ab3c89f164866d714c05061e24ca58f952b034950
9bd0f35c4ee20f483eb007212473f67c8029f9b7f326ee6e5d91c56e4ea2f8f0
9c82eac9959155428273174dc54a59b0b1c3860d614bfad246c480239017e9b5
9d5fb7e96468a61fb39d86fa84c844413be52472cf020edf6a42244e318197e8
9d99cdf31736850b9bccf74d72829f0b2520ee71733345c2b56f2b69c15a429a
9d99d5dc2e523d10581441a4c4de7cf29527063bd6c1198f601f863ceba76913
9e30e787b6a4cb1cc7770078a538fe02efc49bfa5d9a2e91bab3fea3308c1a8c
9e35264eb8d8b5366d1667190d1cc816b8494caff314d4638a76c476bbe3846a
9f3e58cabbf34b393496f42920e374d58c143892f24b19c2ea51c1751a34c52e
9fb6b8d30eb3254f5dc7764e3f1de7dedc98d1d7836072bd606f9d03c67375bc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0911fd88e692e3055a025e5237e89d8cdef3ac0015fc19a318e82d5ed1eca01
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a7e0734e57be7f5ca3f90c5e30ac070e93a1f2f55100884920da36aaf57705
a1c0f9401109b38b6a1e3bd0f78c236055d17ad31838e34cc4f254f253e05cca
a288f6d8bed5da66244881b97b6355d945f6ca755c1fc09b750724745cceae03
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a484d64d446aeeb95de71c608c6c5e23275a6e2e6e17eebbace64de980d2ba94
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5013943ab98bd7d19d019af64200db5b5240f2aea80340c7cd6cba2cba2e48e
a53a550b26535c60e2bc31737d457b09245c63f25c4f799b0f5cd31ff6262c2d
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8b7f347dbe78d968ef1daf5dc0d1ecdd6d85bbf9481ebf54e4d871b1e8fd48d
a91bc0ee1b66945c1bcb13edd557f8dbb9d4c5fff2d87003eed6723eaf09f633
a93369cca5d2866fae9f175940c5960b184225ad4ff416783970e444b94f5620
a991cef8e1b302989f94dad4a0e23a70dd561b60d2b41f58ed87228f0051f9c5
aa3eed140bb1247b6d2ae2f6ab785daff6f7d34a5e9b970662dc675a9544994c
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
ab5aacb15f7643c6a017ed7562252f4066194b17f312c0673d228faaaecbe44b
ab716468482877fd517f038b636dd6d7604fbc6f5feaf865b4f6b7eb3a94edf9
abaa484421865309a7781e540844f1b5260ed131080f8dd9f083d8f18beea107
ac076bd50b0a7ed3d1a893e3cebefee5ead614b25d761d7681e449fe2f417f8b
ac211a52db3739f40a9131a86af7e5c92f67ec144d077042bda25daed0220313
ac4e912413e83a8d57b9051982ba173096cdcaebc34795cfbc20d279d9e71e81
acec236733d5f9fe383b6f48f287b22277e5a18478976810ce503e7cd7f0a371
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae145b1ff47378f884489f438958423a99182898dc655e4b296566a293db2293
af72b36eb0c3b1b8b320582239a6d1467929873676e7aba4707eaa7187e1590a
b004b56de6f2e573fd7b3d53e557a8180fe72002d937d1e9183e68adf1a61319
b0f9ee26598f590e7d508f7b17d01b9b2313b782a2ee83cef5a7891f91cc849a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1977610fe360d184c2c6b5dc993928465c2b0da2fc63520a20a0c6a2ea16940
b2b2642c0bdba2196a847323b443f3f01751a4258ca62dca29dd9a37fc50267f
b3ae1be851de91fea1d6c42b19df2f1a35df8fa626b30c879b090324eda44ce6
b3c55bd4ed6177b4da7320f4b8d86b2f8b653971be7057221ffd1275f224a04d
b3d58bcf272258d6dde92e0123d8bd16f3caf1c4a025147c5964fe778e064e6a
b451a9f9a0d031ae626504830f334a708ff3634e8688688d1d4cf17a6fb756e3
b4b982a1fd1fcad684cc4a0f83628b3483d49a13f4195d9677d7bb3ff43cef7e
b4e74076e89e65b6d268dff479464af60172bd9938bedd460354f91fc80b971a
b531298c21acbb00db64a132e4fc06aef20dad3d4cadc074ae80e8e2c5fea079
b59e198c356c79d1ba89670c50cdb7e54181037f277ee106126caf570278bc11
b5c2888a9cccab746f9435b8357e45ca305e0a73156db4472ebcb247321b23c5
b67fe64923a586061ca8b4ee5086f981d05f483f4a1bd87f6ccecb8570f8dffd
b701653a04d8ad9e810f1c9901ea83485244fa892cc43926e3342609434df41e
b789904f1040c2ffaa49c39466ca30151485a1755e8af916d5c08fff599a4d61
b7ab369b8ffb17bacfb0041f1657a3cd6d3c84c446531e6f726fd6e26177c6de
b8454ccf07df995887867bc627836fe8961796f4a1ca6282c0a7ecec2d5fcedd
b8be3a9deba1f5211cd3452e1903769d14527c69b6626e6a21aced17d934545f
ba519701704300131ec1a61ce11818302759cad54e051d14f94a9d9da9294aec
bb609adfb919b1b06ba838c242ceeb6351bdfd1917ac381e841b3c68c107fd94
bb8b60b144ca4d9a6e4ba7f33d0b726192b7ca2970dbb2b0c5c3deac8ef027d0
bbc9f1bed18cf74eb7b2db59162e562dde1c63fe5e1bdbc6e2800b8743544405
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bccecb44351b2fdb1821323ebd6851fe740e30b79a0ba383211e9aac11ed7aaf
bd449f6374d9f3bf9dee958e0f3e7debc4332403f21f62dab437eb9c1d3fe326
bd7b1d65cca997ddd5f2d1fd32e01a3b3627c0215695159d6c918d91906a91ab
bee8a17b32f0d6e6d59a3245fbd4c39c28b7b85ae07dceb1f044f6691fa862e9
bf2be06d19a68f71fdee682bdcaa39cffa36c4deb5918fb5b8fa79e335376332
bf80e080c635437a40cb0ddbd26a59bf1568342bb97958b6df7e25e8f7647ca3
bfd1106b87f96ff783e71e722d5ea8cd707006bca6b293d2860c20e03cf864e0
c064be50f74674d0e56f5b57f606503143ab3f679e9094e2d6718ae5947e1f64
c0fe25cd463995bb9787f6c6b93f7029d6f953dab7d9a4fdc57cd2d975d8b9f0
c122bf16f9de05d15fa26e56ff7155276c61e15dbef505c6d4c885927205c5ac
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1478a0e944ec232c5ef748062f121fca6c3635ab77ca53d76b2f5f0a498f458
c20dbd16a2ab6f11b63b8c5cebc1d4c7a711d2dea7c77c6540483d9f31eafd41
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2213551a7ed065aaf2f453d2e582c837e4a2c21228f8da3aaa3d6edb1d91fa9
c24a4ad3d4e23f8037feb38744e17fabeb0c2d3b5714c049d091dfc5f6811280
c261555eab7ae93e60d96a5c5f4f177d11262c0c16e6a1422cf9afadfade15be
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c315ca8ec44e193f68c047ef05157a67f43086a066474533c870a64235116f00
c358ea8253e6ef25cd7884c4f41b2a4a90b0cc939aaf30e3ae3bd80a8653939c
c3667a48785621b8f3449b5d58569d7e468c91c954eb89930e60797e8c3ece3d
c419cefbc9ad598e121d0e35bc9c4392a7e36752cba025b46315cc90320b6a13
c490df7b9187c8d51f819a05ea9225437caf8d3e112a8a103bed8ffb844e3ec2
c5a261902b805d2a940d0395abd13ee962205d3193539df07e9f076616b6bdfd
c633fe85b434ffcabfc6e51b4bf9c6394022218c1528968ec41dc8f409f91dce
c65209840749be7df4eb7f2c6d291d39d51594aa86afaf30e550d2cb2b3d1368
c68a3804b628d39473651dd1f47293ef25ed4bfb7f06b9a47d733e61ab1cf86a
c6f53a46d6b541a39ca63d7119e4a832a243c8d6967f4da1292e2ccc5682c2a7
c732adb13b1be3b4e9283988a26cdf5153eefe90b9797f8e70fe2a6378affbe4
c8356135a2910f429eaab41d100680627e417d126cbed99c410f0d5aad490ab2
c97965206d0fc1ee1766e554de0e6e5184fc91f0a20d706b91826f2ea7fd42af
c97a0704edb32b2b517a99079e7c0dc76c63b48b29ddac9b66a828c4988c1249
c9d572a7ef7f92b0ba383519d26e1a6296c52ce5b8911a2377d7fa59583f72b9
c9dbc74f8f591bdba553b655e9532b6952e06c1d57a44596898665874cf62a76
ca2d5ce32706e456229af7e2ad295ec345f1c7b95cd9bcdd71d396ce40665892
caa078f9db5e28a34545a384f43aa2c5d24f965dd303c138d701fb8c6274541a
cbe0410e9d8a9ebd491893b7d67349cd142bc752be8f09fa2942875e396715fc
ccf2216aa895c54df175766e61de60120e23408d15e88adf7ef60465c6d95876
cd48ba910f937c3a25fff2e8c4f919638004c12649dbc9a3f01338e2e43ddc9c
ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c
ce4076cd760ba035ee9d326f3a1bf9157dfeac50fb058a9aedfe53b2fd10ad91
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf502616f6f03cc07ed9840f59bc76e575097e2eeb85f0657acc01227a64ab45
d00e2a551104177e260c6fd92c837ced982a7817bc7e7d574f163342e503fd53
d0c9bdb145b0b53faf94370bde14632e6cb5afe49b489485c5843cb47e6d34ee
d162942e00d8e9beb4aad8a89aa7cd40336e4c5875d4cce97d4cf4bfd883db21
d1abef527f498afd45a968e9d226413e58b40b21872f23164ff7a203a26f40b6
d1de2906dcfd9c90adb74051bc57e09912767ee818ff2a3e603a3f5c36daf31d
d2b19b6ce69b28132824048b0fb9d85893a1841fa760364d2284f586643fe209
d3846ad469eed16ff203c86e06f5260b701440a6f267cb37e5b57f9c09096f18
d40635ff442c41fbbf9a2fa138d9e19a3927cd37ab0b7c5ab1eed0b0b6ae0c85
d466c3aea78a2ef5009ef8b21d94955d145f7437091bc9b65da8393aea287a51
d5c636ddb6491c354acfce0d6ba725a7bf8dfeeb6ec352ce5ea8bd23b06bb268
d66cc2943b8861d2c66f9785f2231813ee6162bcdc5407d13953caf90f0acb72
d67bc3d235ddbcccaf2f45fcb6a680f8cf27f7e20afb75af42bf010f0cead11b
d6d8d60caee61a05e122b53b41ce9facf41903f14e05ba7611dd1ac8010fc453
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d7a3ab30f5ce3f57ae84e11693a66974a82a148d9da3d4a632e461f696c7c46d
d7bb3c50cc5b07cea81e62a53039ec4aa49cd718058cbf799eef27bbdb5b958c
d7f1af03fd77b83111dbb2d4cd94e3479037fec5f249d1bcaa1185b63c92d97b
d8295848601a45fc6ff78a90ac4d35396851ea4411b76a06feeb357ec99a37bc
d82ef0e23bfda8d2203c0635e8a791bd2090968dd68277f51d73e4eeef581849
d84b0211d62e15e0241df2ab13157fca362b1421319bac442f494fe50ccab011
d8d95d02b6ff0d66aa8d0802a31292146a40d23fe5a466c635e1ef7580fa5e6b
d8ec1529c8252274b8fa894f3816672ba99b45464e27f6994c14b438fd22c671
d91c38797a4f40c02b517763adb6b8d25ca0d0af244856025ecc3543b8540679
d97be599c4a60be37624ac37389f1044372972a1fe7fe3ef14344c3f291e6f46
da2f283bc63982ada827afdc989ee2e7f76e04b6697a466bf737cb772167e6f6
dac43e8e6be50c7198edeeab728182a92cc02c46c1ac421e4c314a87caf1a732
db6ce769c2c80fba556451aeac4b55e9558cf7a775e9afade27fcb47238d1454
dcad33d15a1a517c86bebdfdbb5441a64a13448af519a10aa10b08c93adb8ae8
dd0a2e34838848891e3548f20ab6086ba496e0d17f17c963def633ef0b978217
dd651161cdaaa50c92fb2d4e61cb82dbdd54936b20dd3ba78396e51beecabf1c
dd99f977221654076dccf6724c6ecb00d577bae6af56f13d13cb7e52f68f312d
ddac7c0056a1d640bc539434eff300aae8e8e667165c26f4dc6e404832993e71
de24e1eed5d9105cafd245df0b2ee43e6f3a900c77c862dbcd6c9b10fbc9dc56
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
dea9b644dd50689274730cb79eb80c83470f1cdb4de3ecb584ddec2d0b0bc28d
df1aa02f6d8660492185fd7474dcca3dafd0da3d786330a7ea6a47f5dc92ba06
df6c3fb8a6e7410b4436c8af2ba78cd7ac29df9a10c92010e39bf56d06aede7e
df7edca11bb01cbc654d54a98c0431522787112b50c510ae9c35d48f093c8a84
dfe8853b2397a43e20d55fd377aafeed785c7ae335ed07b4986997b9780f48a2
e03a5c2ad1d8a489b94e6e8aa9f7aaf548a711e1e54612e146baa9762b31756a
e154cb118d2cbe6b220f545fd23983979ee732484e21ee61fafb31e3bc0643c0
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e348bfdcf611ffb6171346c8d2aae87b4f8ef13ee0838829e931e4a704b91e38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f714f28225e03c64ce6cd24eb1f076426d54a0c7bdadd813b590013008b9f1
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4446065ebfb65a302d17b88e2c7ed326d8402769eab0843833dea049a65c992
e452e427426a73874dc18f54731b508406883dd902393dc5e393625ab22fd574
e48c13ee0c78a3b3b63beef462793be55ea25c0d85a214298b58b2a2a9171c9e
e500e97c5aaf304cb2df02cc926ca57b6d622b553e93b4295222b5796e1ebb94
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5aef9c60d57099288db6200c682a71118ae16dc28cb57063c6b7171177873fb
e5c486bf7d530918b59fe569c9b232ff2356ec265bdd25c3977a4dbbd9da123e
e6006a0a6d560858e75740afdf9aa3d67cf85f357e5b28179be6c00e953a674c
e6148c3de2c60edf946b618080e19bbeb1dbbd3f3c72a11b7e92cff37235f749
e660349bf043da9567cab49e2da43fd3ad300bfe29482b6de93e3451ef9e4575
e7a76e6a18f5731e86e4ca1311256e8d1f46cfbeb9c07fc41db096313168398e
e7fe1f8f95f5b966837b6fd94703f0af7606ec21bdbecc76e81c90bd923c767c
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e851345505ee432c9397d60e5d91929ab4e5921f75c91f359b0939a879304b7a
e85815908064ec7977f13468af609ac980317a21b5b519cfa107948cf76b8ce9
e8962d65caa8b6f0dc72b61fbb38446161265efab5e41ca343cedfafd139a4e1
e9969ec6163fc467674443a6cd06f78cf8d664794d386558db417565e57423d3
ea7347c1870b87d019e8e54959e07f0d4e1a881b1033a88742146e23490548d3
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eb1a2b637d4180c76fd21156c86148a50794ef6af1a89c732f011bb4f01f6ead
ec1dd200d55d30ec8ad0f69b4a0f89f7f1edd5516a7dbe2231290ea0c12d1df8
ec26f4fc87d31274bdfd75bd0825a76d73abcd82ea4b19369e7a6064585285fb
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eec33f8281e609b1e0cc4d47810fd5fb44594a54cfde9473d8bddec6eaed1b6e
eede788b45440308e6614f919c6597fe4d2d6e66cf6b91bee866a5f64c705d6c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa755d6b2fd734832c35131ef13630f82cbde29d78f0aab5dbb1875cf9732f6
efd518eab6cae1a929207adb01ee5c6ba9b2f0fc8ec1ead930bc0264a27fc09e
f10c2c2c80bce60304a99a9dd4eda8dfe05817e7d7312cc82f4063845c124975
f1143f1f599ebd68106d21c1f9068dc92a6b5ef352cb350698785374f8ce22c2
f11889c42b8c5a2a61298de346e2cb85c870d622d5ea3af51ef02917ea519480
f13bc08411a45add285949483ee8ab65001f6d7ebaddcfc83d5b2df50a4cde0b
f14746077c4b21d233ef06920b4db14f9517c774d959e4e0c6d47d30f4b202ba
f1fcba40ff3b73142e94c02f11139e7f7791f7f4d8a014f33c1eec8a83a23292
f3382cc87fdb08eae6e65526325b1ebccef876c8d85e241ef9b1113d32d56580
f4192092848d9db62e3104c0fbb850eed72b5f62df4b47bbb40f3c5d2dbc7b97
f48e0d15e28efb234f8adf1e82e00af623bc31e111588ec5c9d6d6aad3b533b2
f4f7313ea04c224de753cfb712fe126c6005aa29fc390ff119e61c041a9c5ef4
f561883b96dbed59c05eb01e58e236668a4a66fc5aa180ca7002997cc6d3d57f
f56b17285faca3467dfa08b636bf34f8e5cf58a008b456b7ebf3bd4b037ad750
f674fbfa6f56c98338eb149698212609bb1f23a407b9c5f5661587fbd7852f6b
f693ff6e729b3968f4fb770167d50f30cfe5f4f893bda5b288e9405b5093a181
f6ae6b07c337cfc7673415ba141f51938a46750a38bcbae9c7f4e53ee0128540
f7eb85220b60d0fe0a9975f63b4dbed24d3f68dc6f5334ef8f6824d9713fd399
f85c4930a0cf330caad36b5f8847e0a01610609eec657b640f7dd5f028e12fa2
f882756b47651b0f3e87b7031f4d98412c1f2b43fc6cfa900285b8d00a3d3c11
f910f22ffbcef40bbaa26e0bef7e299600ead31245370d9321022ba4143a60de
f956b62c91583dd5c50d53011a10d365d6d439cad546e62ff93d51bb5dbf9df6
fa96f7d5578e0ab3afc49290611f683008ec3d5bd5cf7b11e0a2405055353163
fa99a3bb59d8c6162990d462563edcc49135fd6484c7a4781bc0e44c3894f720
fab8b78105977c1477820d23e1720304f1471bf13a53e405b5cb9b04d00ae39a
fbfd3438e10ab28f28f2e1a1fb2ab3bfa431336af08a72f597c0d4d73bfb046e
fce434e1e523875b5ab186450b7a7d1c91ddc2944c889785c8123c16b58f5618
fd814bf8c8b28b354effb2d4b43bce3b6ebca1c9d2a70d365ba0de1a187637c9
fdd89e2e971b3f946c2e0c3f53d2dcce1b29bc4c1e65abd30b653ccff4afb5d9
fe59b6ed26397d76de6534ad48c308b016e797d49ffa6c2e42090a9b32fa96ee
fea14d1d794264272f94f2294f52e1df757b05cd6c00cc67f5d890bc4e3c963d
ff1f53bee8d59ccd36b10c8c813222a9dc0e5fbfcaee8f81ddaa9d2c19bd778b
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3
ffa1864baba6eb989337112c7ecb8944c343b3ebcf9683857512fa8910a57302
ffd31f1a119a35784591574dadb08b5bf61831ead705fe9e29cc60556db59605

earnme.club Open in urlscan Pro 157.90.71.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

1688 Requests

94 %HTTPS

31 %IPv6

80 Domains

130 Subdomains

104 IPs

12 Countries

17916 kBTransfer

47776 kBSize

54 Cookies

6 Outgoing links

Page URL History

Redirected requests

1688 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 45 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

earnme.club Open in urlscan Pro
157.90.71.190 Public Scan

Screenshot
Live screenshot

Full Image

1688
Requests

94 %
HTTPS

31 %
IPv6

80
Domains

130
Subdomains

104
IPs

12
Countries

17916 kB
Transfer

47776 kB
Size

54
Cookies

1688 HTTP transactions
45 data transactions