link.tnlink.in/v4FE5
301 Moved Permanently 707 B IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET /v4FE5 HTTP/1.1
Host: link.tnlink.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sun, 29 Jan 2023 02:54:13 GMT
location: https://link.tnlink.in/v4FE5
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2787
Expires: Sun, 29 Jan 2023 03:40:40 GMT
Date: Sun, 29 Jan 2023 02:54:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4930
Expires: Sun, 29 Jan 2023 04:16:23 GMT
Date: Sun, 29 Jan 2023 02:54:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 02:43:07 GMT
content-type: application/json
age: 666
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17388
Expires: Sun, 29 Jan 2023 07:44:01 GMT
Date: Sun, 29 Jan 2023 02:54:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vFBYlIXbSr9Dtj/v04koaNUySMcrFM6JwjLuNUS89rtM58GOTx/b1qpFrrYjlFFF3MNgQItjH/M=
x-amz-request-id: ZXCNSY34369ZDPYC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 02:50:09 GMT
age: 244
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
link.tnlink.in/v4FE5
302 Found 683 B IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 6371befc85069a96b0cb3c52e754a55a
de3def799f60ce2a16721687937ffb2a3f9bd3ae
db6f3663ecb5b124f3c02ce15691739fe69888b7ed6112f03062489470517f77
Analyzer Verdict Alert fortinet Malware
GET /v4FE5 HTTP/1.1
Host: link.tnlink.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
content-type: text/html
content-length: 683
date: Sun, 29 Jan 2023 02:54:13 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: http://earnme.club/safe2.php?link=v4FE5
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 02:54:13 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 02:41:41 GMT
age: 752
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
earnme.club/safe2.php?link=v4FE5
200 OK 450 B URL HTTP/1.1 earnme.club/safe2.php?link=v4FE5
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 31a01ae22f4fad0629b9bedd774896b9
e37dedf092c86279622bba9a50b52dc26f89b9c6
8c614b251ada4d7c6043436d59e2cfa1b9ecd7888ae52e7f6e18b20aa2a0e30f
Analyzer Verdict Alert fortinet Malware
GET /safe2.php?link=v4FE5 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: tp2=v4FE5; expires=Sun, 29-Jan-2023 02:57:13 GMT; Max-Age=180
content-type: text/html; charset=UTF-8
content-length: 450
content-encoding: gzip
vary: Accept-Encoding
date: Sun, 29 Jan 2023 02:54:13 GMT
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3700
Expires: Sun, 29 Jan 2023 03:55:54 GMT
Date: Sun, 29 Jan 2023 02:54:14 GMT
Connection: keep-alive
earnme.club/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
200 OK 12 kB URL HTTP/2 earnme.club/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/airtel-starts-5g-trial/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 02:54:14 GMT
content-type: text/css
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Sun, 29 Jan 2023 02:54:14 GMT
X-Firefox-Spdy: h2
earnme.club/wp-includes/css/classic-themes.min.css?ver=1
200 OK 144 B URL HTTP/2 earnme.club/wp-includes/css/classic-themes.min.css?ver=1
IP
ASN #24940 Hetzner Online GmbH
Hash fcbd239f30d9a6dd1f3637f291143d37
2871bf7d98af3f43e42f7fa32808048e7134fabf
c2f98e9d71f782b7a3266cd337c61ae6c8dcbb7203669c07852aa2ab65ab6144
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/airtel-starts-5g-trial/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 02:54:14 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 144
date: Sun, 29 Jan 2023 02:54:14 GMT
X-Firefox-Spdy: h2
earnme.club/wp-content/themes/bloggingpro/style.css?ver=1.3.4
200 OK 14 kB URL HTTP/2 earnme.club/wp-content/themes/bloggingpro/style.css?ver=1.3.4
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2091)
Hash 35fb9f56557ab8ddbfe5fe42f7043265
3d7f0046194d7cdbc06aa408018af702d5363b88
7880a5e983cae7e1e30ee88faa28f5176569cb6d06091a04e504cb787143420f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bloggingpro/style.css?ver=1.3.4 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/airtel-starts-5g-trial/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 02:54:14 GMT
content-type: text/css
last-modified: Sun, 01 Jan 2023 07:20:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13560
date: Sun, 29 Jan 2023 02:54:14 GMT
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Am4cZC0nATG3kRE4jK0+ew==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: a8UIFIbSmPR9FR4Sxqw1/biupws=
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
earnme.club/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
200 OK 4.6 kB URL HTTP/2 earnme.club/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/airtel-starts-5g-trial/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 02:54:14 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Sun, 29 Jan 2023 02:54:14 GMT
X-Firefox-Spdy: h2
earnme.club/wp-content/themes/bloggingpro/js/javascript-plugin-min.js?ver=1.3.4
200 OK 15 kB URL HTTP/2 earnme.club/wp-content/themes/bloggingpro/js/javascript-plugin-min.js?ver=1.3.4
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (31911)
Hash cb7a12e88fefedfcdfb84aa5bdcd0074
6d5487ae9d1f8e4ee55a3a0248dee3374584cd32
f36e64985ba539851c169648463e2d00218a412165f5267eaaf160d1aaf657d1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bloggingpro/js/javascript-plugin-min.js?ver=1.3.4 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/airtel-starts-5g-trial/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 02:54:14 GMT
content-type: application/javascript
last-modified: Sun, 01 Jan 2023 07:20:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14838
date: Sun, 29 Jan 2023 02:54:14 GMT
X-Firefox-Spdy: h2
earnme.club/wp-content/themes/bloggingpro/js/infinite-scroll-custom.js?ver=1.3.4
200 OK 6.7 kB URL HTTP/2 earnme.club/wp-content/themes/bloggingpro/js/infinite-scroll-custom.js?ver=1.3.4
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (17739)
Hash 7751a79a4b05c1d9a91f1ca0e71d4d54
fc548c276847e84b0e4bb0e792558fe1932717d0
b2d26d65f099aceb4a4dd06690065bee25dd5adc3ca5ffddf019185e2e13ae5e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bloggingpro/js/infinite-scroll-custom.js?ver=1.3.4 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/airtel-starts-5g-trial/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 02:54:14 GMT
content-type: application/javascript
last-modified: Sun, 01 Jan 2023 07:20:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6749
date: Sun, 29 Jan 2023 02:54:14 GMT
X-Firefox-Spdy: h2
earnme.club/wp-content/themes/bloggingpro/js/customscript.js?ver=1.3.4
200 OK 1.8 kB URL HTTP/2 earnme.club/wp-content/themes/bloggingpro/js/customscript.js?ver=1.3.4
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (385)
Hash d1901b59e132e910c7503c6104fd558b
611f7b99fffe08605e4c5fdeee02141f6316ae8a
5cf7206ecfb818b82e1651f753a695786b3ad25c14270f6d1b61c33b7ecf7f41
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bloggingpro/js/customscript.js?ver=1.3.4 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/airtel-starts-5g-trial/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 02:54:14 GMT
content-type: application/javascript
last-modified: Sun, 01 Jan 2023 07:20:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1843
date: Sun, 29 Jan 2023 02:54:14 GMT
X-Firefox-Spdy: h2
earnme.club/wp-includes/js/comment-reply.min.js?ver=6.1.1
200 OK 1.2 kB URL HTTP/2 earnme.club/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2946)
Hash 7d8acf37582bf5212cbf4e31105de2ac
19581f31ceed66b11804eb6a2b3d00d43f73f071
d48d28cdb9d3dd8b812129663e5cc8b373b67629e2e65988d2b274960f7b847f
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/airtel-starts-5g-trial/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 05 Feb 2023 02:54:14 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1228
date: Sun, 29 Jan 2023 02:54:14 GMT
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y
200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y
IP
File type ASCII text, with very long lines (19467)
Hash 0e136d52bea321f45f8ff9c103baf95a
f60562e60fb1238ebf34c2450eae57aefdb84905
cf0598a7e4bb6b3c294242930397d91d09b1ccb0ec88d782e30130997442f522
GET /gtag/js?id=G-LY1N2M6E7Y HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 02:54:14 GMT
expires: Sun, 29 Jan 2023 02:54:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77195
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 62be17f3197f92d7ecd5014a5ccb16f0
d551f2ef748dcac13fe7cca9ce0e883858e14175
e33d262ddaa35c0970c4da05d48be86e4953424caae0eae0e2d54ecb92f2b0aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6067
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:14 GMT
Last-Modified: Sun, 29 Jan 2023 01:13:07 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=1.3.4
200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=1.3.4
IP
Hash b27cf4f06580bcdccf4eecbe4ad303db
de525ee58dc5fed774f2fd8c315b181e29bd8311
cb50fea5f5cdfd653801467bc04713e11fcb627febb7142f1402cbe420f6def4
GET /css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=1.3.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 02:54:14 GMT
date: Sun, 29 Jan 2023 02:54:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Hash 4610010f425c140b99c88b6819ce1c02
a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earnme.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 10:05:58 GMT
expires: Fri, 26 Jan 2024 10:05:58 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
content-type: font/woff2
age: 233296
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adncdnend.azureedge.net/adtags/earnme.adn.js
200 OK 3.2 kB URL HTTP/2 adncdnend.azureedge.net/adtags/earnme.adn.js
IP
File type ASCII text, with very long lines (925), with CRLF line terminators
Hash 5ec87f5029bbce18e0da03e04c645584
00583fd8ddb5a4e64f86528b42a56a168e08f316
27b638265497a6283f9c8d9e0908efcd4cfbf17f4b7b13f1ba7c5cc0f03d1f9e
GET /adtags/earnme.adn.js HTTP/1.1
Host: adncdnend.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
age: 57741
cache-control: max-age=86400
content-md5: ozNMsIMqxr3YiZI78Pn9aA==
content-type: text/javascript
date: Sun, 29 Jan 2023 02:54:14 GMT
etag: 0x8DAF9353C318DFF
expires: Mon, 30 Jan 2023 02:54:14 GMT
last-modified: Wed, 18 Jan 2023 09:20:26 GMT
server: ECAcc (ska/F75B)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: e5667968-201e-0034-3006-333b95000000
x-ms-version: 2009-09-19
content-length: 3207
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earnme.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:28:49 GMT
expires: Thu, 25 Jan 2024 19:28:49 GMT
cache-control: public, max-age=31536000
age: 285925
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tg1.playstream.media/api/adserver/spt?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f
200 OK 7.1 kB URL HTTP/1.1 tg1.playstream.media/api/adserver/spt?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2964)
Hash c91e122cd132f9f906186b3633325277
3759416e0472b35f15e630a848606cb142a88b81
1ebbf7608e47d46517f02b44ee3d94c8bdbe1293adaebf2c9e3740ac56ff3f91
GET /api/adserver/spt?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f HTTP/1.1
Host: tg1.playstream.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 7093
Cache-Control: max-age=300
Expires: Sun, 29 Jan 2023 02:59:14 GMT
Date: Sun, 29 Jan 2023 02:54:14 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
player.avplayer.com/script/2/v/avcplayer.js
200 OK 61 kB URL HTTP/2 player.avplayer.com/script/2/v/avcplayer.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9dff0335699f04080269947f40c366ae
8447df4f8b168d9c506630f96ef95002c2c6eb28
157b5912ad26a879f38d0dafb1fce2def6df3168a08f991d6203463375fa32fc
GET /script/2/v/avcplayer.js HTTP/1.1
Host: player.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:14 GMT
etag: "1646327924"
cache-control: max-age=600
content-encoding: gzip
content-length: 61326
content-type: application/javascript
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
accept-ranges: bytes
x-hw: 1674960854.dop223.sk1.t,1674960854.cds230.sk1.hn,1674960854.cds065.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/K-jlOqKn9CY
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/K-jlOqKn9CY
IP
Hash 702c2948177031d46d4c83e99b5ed7b0
858a062e8fa69334df9b34203349dc7c595c5f6b
aefdd8f7107efd57817fa1cf9315a9ee248fc074b34f2ea285702542413385b0
POST /s/gts1p5/K-jlOqKn9CY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
player.avplayer.com/script/2/2.55/libs/hls.min.js
200 OK 72 kB URL HTTP/2 player.avplayer.com/script/2/2.55/libs/hls.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 7888b98658e8cef4a98786556ccdab66
d52a58a8e2463dba71947783a8485dcd023100d1
ea7bca216f10e44bd3b4febb9f5a6e6e2f72059b55441e2823ceb3a2be03e161
GET /script/2/2.55/libs/hls.min.js HTTP/1.1
Host: player.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:14 GMT
etag: "1610290372"
cache-control: max-age=600
content-encoding: gzip
content-length: 71831
content-type: application/javascript
last-modified: Sun, 10 Jan 2021 14:52:52 GMT
accept-ranges: bytes
x-hw: 1674960854.dop223.sk1.t,1674960854.cds230.sk1.hn,1674960854.cds256.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 62be17f3197f92d7ecd5014a5ccb16f0
d551f2ef748dcac13fe7cca9ce0e883858e14175
e33d262ddaa35c0970c4da05d48be86e4953424caae0eae0e2d54ecb92f2b0aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6067
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:14 GMT
Last-Modified: Sun, 29 Jan 2023 01:13:07 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
cdn.confiant-integrations.net/d2ehZtyVAa1kXxOtMxFp7XciXcU/gpt_and_prebid/config.js
200 OK 42 kB URL HTTP/2 cdn.confiant-integrations.net/d2ehZtyVAa1kXxOtMxFp7XciXcU/gpt_and_prebid/config.js
IP
File type ASCII text, with very long lines (64490)
Hash 0d9c972e5283c81ddb6a219f2f05686c
a7bb097722351321316d6c20e9e0b1ca3fc87ad0
6cf0e8368575d215ff597bf5dc281b3b00a578f0253f68967b653e493ff48fdc
GET /d2ehZtyVAa1kXxOtMxFp7XciXcU/gpt_and_prebid/config.js HTTP/1.1
Host: cdn.confiant-integrations.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:14 GMT
content-type: text/javascript
x-amz-id-2: 4SRhmBpMs2lxbpQ2jfDtw5ySZReiYMQNGKqgEWbHZbW1CfTMkBEqtDC2kZ2EQrtKZ19dcdUaVJw=
x-amz-request-id: 6X1SA54FJXHCHBNF
last-modified: Sun, 29 Jan 2023 01:24:25 GMT
etag: W/"fb9844d91428d6a4371b0f85ba23ec9a"
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-cache-status: HIT
age: 683
vary: Accept-Encoding
server: cloudflare
cf-ray: 790eae9eccebb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0280336ed6c100d60f8e8d498050ca6d
06c87133d84a626fc382419f761a9d1e5c6ec0f0
0577f5b646d155db02d010f15be6a9fe590d44ebb2ff5ecd5fdfba3f49bd5d1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0577F5B646D155DB02D010F15BE6A9FE590D44EBB2FF5ECD5FDFBA3F49BD5D1C"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16445
Expires: Sun, 29 Jan 2023 07:28:20 GMT
Date: Sun, 29 Jan 2023 02:54:15 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 11a82e7334fd42664eb675945fb7b574
04c027cf71bafe1beb8ee669e7fe0a82be56321c
bf831d5d9322783c16726257f62e535a5342e1e28a9a1968729873e0c1f1aa3c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107604
Date: Sun, 29 Jan 2023 02:54:15 GMT
Etag: "63d4e004-1d7"
Expires: Mon, 30 Jan 2023 08:47:39 GMT
Last-Modified: Sat, 28 Jan 2023 08:42:44 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: k9FckiIrLXxN91W5Nu9cLZdAq9Rwjq8D4Kaaun82OnyScN30gziOxg==
Age: 295
cdn.playstream.media/logo.png
200 OK 1.3 kB URL HTTP/2 cdn.playstream.media/logo.png
IP
ASN #60068 Datacamp Limited
File type PNG image data, 32 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash b0fb81e9e278d867bb73f8a6cde236f2
ca10201696f69919ff9541bb549de2d0b065eb8e
875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b
GET /logo.png HTTP/1.1
Host: cdn.playstream.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:15 GMT
content-type: image/png
content-length: 1265
server: BunnyCDN-DE1-874
cdn-pullzone: 1027527
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 19 Jan 2021 07:48:16 GMT
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 11/21/2022 14:10:19
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: f3002fc00647e0a14df18490a20ff83b
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
track1.aniview.com/track?pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&cb=1674960860086&r=earnme.club&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d65=&d66=7&e=playerLoaded&str=viewable
200 OK 0 B URL HTTP/2 track1.aniview.com/track?pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&cb=1674960860086&r=earnme.club&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d65=&d66=7&e=playerLoaded&str=viewable
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track?pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&cb=1674960860086&r=earnme.club&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d65=&d66=7&e=playerLoaded&str=viewable HTTP/1.1
Host: track1.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:15 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f
200 OK 120 kB URL HTTP/2 player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f
IP
File type Unicode text, UTF-8 text, with very long lines (44568), with LF, NEL line terminators
Size 120 kB (120414 bytes)
Hash 2b0c238b3dc9f4f63bb646d142755200
e21b21d2e256142e082f495540940f87f1759853
8436d1eb3070657621184b39afded4ea5aaa42e9bbbb425bbdcabfb26a5639cb
GET /script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f HTTP/1.1
Host: player.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:15 GMT
etag: "1674370389"
cache-control: max-age=600
content-encoding: gzip
content-length: 120414
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 06:53:09 GMT
accept-ranges: bytes
access-control-allow-origin: *
x-hw: 1674960855.dop213.sk1.t,1674960855.cds015.sk1.hn,1674960855.cds240.sk1.c
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
200 OK 881 B URL HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
IP
File type JSON data\012- , ASCII text, with very long lines (1590), with no line terminators
Hash d4408505f874cfe1c9c375c66af4b843
d16bae7276f31e3b63be45a98530aa18b3f64ad9
712b76fee16808c7d13612dde1d49060c221bb720a90c35bc3427d47002e27af
GET /gh/prebid/currency-file@1/latest.json HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1601
x-jsd-version-type: version
etag: W/"636-R/BEkoS6B/RKKiir6L18J1AV+bI"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 02:54:15 GMT
age: 39208
x-served-by: cache-fra-eddf8230021-FRA, cache-bma1644-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 881
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
Hash c0d8e3eae0b6804c5117e86a0b713655
cf75e92a3f8e46320832d1e869efe1f79b5212d8
ef919be5b2ef0df5e8827b417c6b7780c31744f17da104d610cdb546d5118385
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 02:54:15 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "EE3B815BCEF292A6B05DEFF2104F6F1995D8DB98"
Expires: Sun, 29 Jan 2023 14:00:00 GMT
Last-Modified: Sun, 29 Jan 2023 02:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 577
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790eaea13f76b524-OSL
p.gcprivacy.com/t/gcid_s.min.js
200 OK 9.5 kB URL HTTP/2 p.gcprivacy.com/t/gcid_s.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (9498)
Hash dac6676675972d00f4ec994de0578005
4b0a99773e109d54cf705ac198930869069e3de6
8548fa5f198e18b0feca552d0f369f4c9fc15b9990ef9d28ab2fc556f3e8153e
GET /t/gcid_s.min.js HTTP/1.1
Host: p.gcprivacy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 9500
date: Sat, 28 Jan 2023 09:20:28 GMT
last-modified: Fri, 06 Jan 2023 15:37:53 GMT
etag: "dac6676675972d00f4ec994de0578005"
x-amz-server-side-encryption: AES256
x-amz-version-id: sbZKwqqxtvM50Otwl3WJaXFYTCAIgKPH
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NBpEN6YWe5QjZ-A4ks0OpKJNBau9vDoQcRJxJcAloWxYXieVMFoVwg==
age: 63227
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b504775dcf339c0b425267d9969832b2
08ea9dfe426c78de14b1a8c499b291767465de71
5dab39de05c6a165022c9b4cda5a837e2d79ae180a1730f894a195de7058a3b5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5DAB39DE05C6A165022C9B4CDA5A837E2D79AE180A1730F894A195DE7058A3B5"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3737
Expires: Sun, 29 Jan 2023 03:56:32 GMT
Date: Sun, 29 Jan 2023 02:54:15 GMT
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-LY1N2M6E7Y>m=2oe1p0&_p=136171573&cid=785153261.1674960860&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674960860&sct=1&seg=0&dl=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=Airtel%20Starts%205G%20Trial%20%E2%80%93%20Tech%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-LY1N2M6E7Y>m=2oe1p0&_p=136171573&cid=785153261.1674960860&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674960860&sct=1&seg=0&dl=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=Airtel%20Starts%205G%20Trial%20%E2%80%93%20Tech%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LY1N2M6E7Y>m=2oe1p0&_p=136171573&cid=785153261.1674960860&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674960860&sct=1&seg=0&dl=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=Airtel%20Starts%205G%20Trial%20%E2%80%93%20Tech%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://earnme.club
date: Sun, 29 Jan 2023 02:54:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=100&e=cpll&cb=1674960860341
200 OK 0 B URL HTTP/2 track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=100&e=cpll&cb=1674960860341
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=100&e=cpll&cb=1674960860341 HTTP/1.1
Host: track1.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:15 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
track1.aniview.com/track?r=earnme.club&sn=&ic=0&tgt=0&app=&wi=640&he=361&test=&d36=6.2.76&apppkg=&fv=1&proto=https&clsid=bc7c9daf-2023-473a-aee8-65aee266c64c&rando=43&pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&e=inventory&vi=100&cb=1674960860710
200 OK 0 B URL HTTP/2 track1.aniview.com/track?r=earnme.club&sn=&ic=0&tgt=0&app=&wi=640&he=361&test=&d36=6.2.76&apppkg=&fv=1&proto=https&clsid=bc7c9daf-2023-473a-aee8-65aee266c64c&rando=43&pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&e=inventory&vi=100&cb=1674960860710
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track?r=earnme.club&sn=&ic=0&tgt=0&app=&wi=640&he=361&test=&d36=6.2.76&apppkg=&fv=1&proto=https&clsid=bc7c9daf-2023-473a-aee8-65aee266c64c&rando=43&pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&e=inventory&vi=100&cb=1674960860710 HTTP/1.1
Host: track1.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:15 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
c.neodatagroup.com/adapex.js
200 OK 9.6 kB URL HTTP/2 c.neodatagroup.com/adapex.js
IP
File type ASCII text, with very long lines (1134)
Hash 6a00f4d699d6e6e04a1e25265e6701dc
77b30e37010e563d22065fcd557630112b8723f3
801ea5a2e73dc6399112a36091a3413e22ceb1618ae2cd70390ce210b7586ea3
GET /adapex.js HTTP/1.1
Host: c.neodatagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
age: 5951
cache-control: max-age=7200
content-md5: cZEYEjfieP2tBn5Jy4xhig==
content-type: text/javascript
date: Sun, 29 Jan 2023 02:54:15 GMT
etag: "0x8DB006831D8E8E6+gzip"
expires: Sun, 29 Jan 2023 04:54:15 GMT
last-modified: Fri, 27 Jan 2023 13:12:51 GMT
server: ECAcc (ska/F757)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 5f30ea35-001e-007e-1b7f-33cf01000000
x-ms-version: 2014-02-14
content-length: 9575
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 63560ad03393252986b13e2806235f6c
60688946ba84a4006755d5eddc14e079b5212b7f
e7927cf46618c0b601058c3119f12be4a2d04337e4b860b849461f3a8cc6f215
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7927CF46618C0B601058C3119F12BE4A2D04337E4B860B849461F3A8CC6F215"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12182
Expires: Sun, 29 Jan 2023 06:17:17 GMT
Date: Sun, 29 Jan 2023 02:54:15 GMT
Connection: keep-alive
status.geotrust.com/
200 OK 471 B IP
Hash e822d41cf422e863628f1a7826ff9f5c
98b6d2c8f0481d24a677f2474077c383922cbf93
3c9a2d5a39eaa9bf0b5c4e4d0f2bfe30559ea062e40224d10d4b3094a8e3691a
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2744
Cache-Control: max-age=132377
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:15 GMT
Etag: "63d53738-1d7"
Expires: Mon, 30 Jan 2023 15:40:32 GMT
Last-Modified: Sat, 28 Jan 2023 14:54:48 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 312 B IP
Hash 6dc58e758ed52d1989669c8f61a821ef
d43c374f872456426bb135d8f090d595dda25204
cda1d2b9bc4299b3ddf9b089c4f2444da080139eec22ab6af83dff81df69815f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6176
Cache-Control: max-age=131489
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:15 GMT
Etag: "63d52658-138"
Expires: Mon, 30 Jan 2023 15:25:44 GMT
Last-Modified: Sat, 28 Jan 2023 13:42:48 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 312
c.neodatagroup.com/topics_2033.html
200 OK 987 B URL HTTP/2 c.neodatagroup.com/topics_2033.html
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (302), with CRLF line terminators
Hash 1b766945cd72c671b2ae7abf40e9ad8b
ce8144d75a2a463c571c39fbee4c22b208610244
35c4292e543da9034a5108ecde81a5bef9f3c10b4b85fb4d33f6c8e7c6e85a91
GET /topics_2033.html HTTP/1.1
Host: c.neodatagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
age: 5950
cache-control: max-age=7200
content-md5: O+VB56FtXpjLcv9ioTg8/Q==
content-type: text/html
date: Sun, 29 Jan 2023 02:54:15 GMT
etag: "0x8DAF971781EF9C3+gzip"
expires: Sun, 29 Jan 2023 04:54:15 GMT
last-modified: Wed, 18 Jan 2023 16:31:36 GMT
server: ECAcc (ska/F7A2)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 45aa8185-b01e-004e-1c7f-33952b000000
x-ms-version: 2014-02-14
content-length: 987
X-Firefox-Spdy: h2
cat.hbwrapper.com/
200 OK 69 kB IP
ASN #14061 DIGITALOCEAN-ASN
Hash 5e059dd1ec0d55e3530ea7c1b136a409
468b365d55677f0bc6421b5be1ac9cd091684224
c0702c58f62c5afc313396d5b5fe17fc8da3f7259e8403502e2caebf82bb278e
POST / HTTP/1.1
Host: cat.hbwrapper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 149
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 02:54:15 GMT
Server: Apache
Access-Control-Allow-Origin: https://earnme.club
Access-Control-Allow-Credentials: true
Content-Length: 15
Connection: close
Content-Type: text/html; charset=UTF-8
prebid.a-mo.net/a/c
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1281
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
cache-control: max-age=0, private, must-revalidate
date: Sun, 29 Jan 2023 02:54:15 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 14e4670813164b6608c41315c32d3bee
5c7e029c375b5265230c02880fc2ecce1c3d117e
eb1e3d7d07de142b66256d265b3b9d3dd0dccdbbc2674ba51dfd00182be452ca
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 02:54:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 07:45:27 GMT
Expires: Sat, 04 Feb 2023 07:45:26 GMT
Etag: "5c7e029c375b5265230c02880fc2ecce1c3d117e"
Cache-Control: max-age=535270,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790eaea25fc90b31-OSL
htlb.casalemedia.com/openrtb/pbjs?s=773924
200 OK 36 B URL HTTP/2 htlb.casalemedia.com/openrtb/pbjs?s=773924
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 80d51dbf50c7c0aea76a3cc04eb30287
ab618fead509e209b1f11d86f632e57964349438
fd62941ccb865c26453a01d50a82f8395ee2d69a592d72fdb6305980c59cb7f7
POST /openrtb/pbjs?s=773924 HTTP/1.1
Host: htlb.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1175
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:15 GMT
content-type: application/json
content-length: 36
cf-ray: 790eaea21bc60b4d-OSL
access-control-allow-origin: https://earnme.club
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wgwJ7IZv%2FS8nCWE9LYNifPdjSrUuDGtX08UZINHW24OzXrD9QKWtjsGYqoHDuTXmYQpYhuorGBWCE8SPHXxLwXxNRjJ6cG8G4AFXeWCTEcr0f%2FPFhe9AAQuxSSwCMZSlQLxRGzr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
digikulture-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&ch=UTF-8&res=1280x1024x24&ifr=false&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=d2a20bcf-9f4b-4619-b820-e5a4218adbe0&nocache=1674960860734&pubcid=7d5fac7e-0261-48c4-892f-2cdf5db83fda&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&aus=970x90%2C728x90&divids=ceb3c194-b78f-41eb-9529-b3b1e59acf19&aucs=%252F22181265%252Femc_300v_1&auid=556580797&aumfs=10
200 OK 79 B URL HTTP/2 digikulture-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&ch=UTF-8&res=1280x1024x24&ifr=false&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=d2a20bcf-9f4b-4619-b820-e5a4218adbe0&nocache=1674960860734&pubcid=7d5fac7e-0261-48c4-892f-2cdf5db83fda&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&aus=970x90%2C728x90&divids=ceb3c194-b78f-41eb-9529-b3b1e59acf19&aucs=%252F22181265%252Femc_300v_1&auid=556580797&aumfs=10
IP
File type JSON data\012- , ASCII text
Hash 5261b04d7ce1fc461b7be9a1eefa75d8
e39e65913c2a4931053dbe5a3482c120d2d5cd18
7eec3dba5f0a8ce716dbb3deee50eafe32f1e89961f3df545ea5139043a3f5d1
GET /w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&ch=UTF-8&res=1280x1024x24&ifr=false&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=d2a20bcf-9f4b-4619-b820-e5a4218adbe0&nocache=1674960860734&pubcid=7d5fac7e-0261-48c4-892f-2cdf5db83fda&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&aus=970x90%2C728x90&divids=ceb3c194-b78f-41eb-9529-b3b1e59acf19&aucs=%252F22181265%252Femc_300v_1&auid=556580797&aumfs=10 HTTP/1.1
Host: digikulture-d.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sun, 29 Jan 2023 02:54:15 GMT
content-type: application/json
content-length: 79
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
200 OK 146 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash d02e0ec17b2ef1a8ab5815c9bb640bfb
b0394815b1d958dc19d1189d17befbb2b4a4d22e
8f2bca76d83e5f3c55d92abfe082282a0cc68d4c154a896de7ce4f7a6989b9db
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 704
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 02:54:15 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 146
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://earnme.club
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 510a2e6a-737c-456d-9aed-42afc2c73142
Set-Cookie: icu=ChgI3uM8EAoYASABKAEw17_XngY4AUABSAEQ17_XngYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 29-Apr-2023 02:54:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=7044735139625051389; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 29-Apr-2023 02:54:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
onetag-sys.com/prebid-request
200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1401
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://earnme.club
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d82a90ac553bdf3f3d630fa7f0040395
2e5e0e5ecfade9ea6f0502768395bbe1114f8521
58fde8895b500d31e7439cb737d3a887396d9a01a9660c187f26965a25a4cdbe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5553
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:15 GMT
Last-Modified: Sun, 29 Jan 2023 01:21:42 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
200 OK 471 B IP
Hash e822d41cf422e863628f1a7826ff9f5c
98b6d2c8f0481d24a677f2474077c383922cbf93
3c9a2d5a39eaa9bf0b5c4e4d0f2bfe30559ea062e40224d10d4b3094a8e3691a
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2744
Cache-Control: max-age=132377
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:15 GMT
Etag: "63d53738-1d7"
Expires: Mon, 30 Jan 2023 15:40:32 GMT
Last-Modified: Sat, 28 Jan 2023 14:54:48 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 492adde21eba0fa897a07342bbca8d6c
3fd300d75e3f7ec403d3e2ba7e1bb7681f6d0a9e
5a3bd926b13644bce35b2ede0e182892e8e8df302133cb5b1e23b1f911bffc14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5638
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:15 GMT
Last-Modified: Sun, 29 Jan 2023 01:20:17 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 492adde21eba0fa897a07342bbca8d6c
3fd300d75e3f7ec403d3e2ba7e1bb7681f6d0a9e
5a3bd926b13644bce35b2ede0e182892e8e8df302133cb5b1e23b1f911bffc14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5638
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:15 GMT
Last-Modified: Sun, 29 Jan 2023 01:20:17 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
c2shb.pubgw.yahoo.com/bidRequest
200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:15 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:15 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294686&size_id=2&alt_size_ids=55&p_pos=atf&rp_schain=1.0,1!adapex.io,s1602,1,,,&eid_pubcid.org=7d5fac7e-0261-48c4-892f-2cdf5db83fda%5E1&rf=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_1&tg_i.gpid=%2F22181265%2Femc_300v_1&tk_flint=pbjs_lite_v7.30.0&x_source.tid=d2a20bcf-9f4b-4619-b820-e5a4218adbe0&l_pb_bid_id=208f0f3bfff694d&p_screen_res=1280x1024&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_1&slots=1&rand=0.22031800001767743
200 OK 444 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294686&size_id=2&alt_size_ids=55&p_pos=atf&rp_schain=1.0,1!adapex.io,s1602,1,,,&eid_pubcid.org=7d5fac7e-0261-48c4-892f-2cdf5db83fda%5E1&rf=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_1&tg_i.gpid=%2F22181265%2Femc_300v_1&tk_flint=pbjs_lite_v7.30.0&x_source.tid=d2a20bcf-9f4b-4619-b820-e5a4218adbe0&l_pb_bid_id=208f0f3bfff694d&p_screen_res=1280x1024&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_1&slots=1&rand=0.22031800001767743
IP
File type JSON data\012- , ASCII text, with very long lines (444), with no line terminators
Hash 57c745f647c6418fa396f84484ec869b
1332c249664ec009b9f6c0b4f2f6ed179b9ca38d
4eee5fe7e48e79d7fb51e4ffbcf68cc24329b6838297e3e8624a8e485b013850
GET /a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294686&size_id=2&alt_size_ids=55&p_pos=atf&rp_schain=1.0,1!adapex.io,s1602,1,,,&eid_pubcid.org=7d5fac7e-0261-48c4-892f-2cdf5db83fda%5E1&rf=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_1&tg_i.gpid=%2F22181265%2Femc_300v_1&tk_flint=pbjs_lite_v7.30.0&x_source.tid=d2a20bcf-9f4b-4619-b820-e5a4218adbe0&l_pb_bid_id=208f0f3bfff694d&p_screen_res=1280x1024&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_1&slots=1&rand=0.22031800001767743 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 29 Jan 2023 02:54:15 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LDGSG3J5-G-2AIR; Domain=.rubiconproject.com; Path=/; Expires=Mon, 29-Jan-2024 02:54:15 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqgHb1FE4TIjO9DtVM30fCgUUU2gzpZzyLJQPYXKZ8hdHvs5xm8c681tq9R0N6+0FT56RUKFmksN9APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 29-Jan-2024 02:54:15 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 444
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15472
Expires: Sun, 29 Jan 2023 07:12:07 GMT
Date: Sun, 29 Jan 2023 02:54:15 GMT
Connection: keep-alive
c2shb.pubgw.yahoo.com/bidRequest
200 OK 3.3 kB URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6143), with no line terminators
Hash c96eebd71fb5ae2e05e87745b83f33f2
02b27b64b7118434abb5e83e9dfcbbede1e109ff
5ee76bf993c24bec8d339f5a3e633c6cbea561d55823c13ce2209ea644ec77d5
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1250
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:15 GMT
content-type: application/json;charset=utf-8
content-length: 3254
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15472
Expires: Sun, 29 Jan 2023 07:12:07 GMT
Date: Sun, 29 Jan 2023 02:54:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15472
Expires: Sun, 29 Jan 2023 07:12:07 GMT
Date: Sun, 29 Jan 2023 02:54:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 20:46:16 GMT
age: 22079
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
200 OK 3.2 kB URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6134), with no line terminators
Hash 9db888e06f26af7637d1a5a3aa381bf8
7283b28abc86f963133a76c3ca0b7ec5d894b859
f66f62820e86cd12745f170c60d00c8bd7f3ef45856aa94dec35f90bc703e75b
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1251
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:15 GMT
content-type: application/json;charset=utf-8
content-length: 3247
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f73f114f8dc452fc0b16825570ad50c
6bb1b3db6c36e2c9d23b6cb7d1c8616eeec19575
23fd69e6ccdd2ce2b5d3d8b3f075a07cdb36efd663a4119b5dca22165e7b2090
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7f65e9-ca75-4ecb-ba7c-ae70877eaf01.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10030
x-amzn-requestid: 0c6c82b5-f91b-4468-bb25-d87d4d7dedd5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVAbgERRIAMFdcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1e116-7f17c79047447dff2de3ab67;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 02:10:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pHTs5LN29bSjD8GAXY_vstXiEQ7iy9qXsq23Pxl-GdXX16_5H5QKCQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 16:13:35 GMT
age: 38440
etag: "6bb1b3db6c36e2c9d23b6cb7d1c8616eeec19575"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3dade28b-c683-4510-bc44-0207300ccc21.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3dade28b-c683-4510-bc44-0207300ccc21.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e46615b79ad2d230e98a2b9c54f4431
db55bd978e18e595d695637183862f8c5e7da5dd
f27875ef624f602be8d93b8bc7fae062bf877fc724473613242da4e493510673
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3dade28b-c683-4510-bc44-0207300ccc21.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6211
x-amzn-requestid: 7c124c63-7bd4-44e9-93d6-24ae0fa1c523
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYvNEHZqIAMF34A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d35f20-3fa73ec93296bedf4eb4aa72;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 05:20:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kHOXDx3sSIFuoFZv5NK3vBhVFINGGWrhWi54J0s8zMO_ohX8pLQBbw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 22:11:25 GMT
age: 16970
etag: "db55bd978e18e595d695637183862f8c5e7da5dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyeEGOloAMFpzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uPJu2SzvWcfqukF9t0PKG5iK7LrTnk1Cn5nioD4MklQgDAZnbiH8Gw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 14:55:48 GMT
age: 43107
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43c4a8e963936a8064dbd2bd3c67b905
8508727c97127c98b886833af28b3470306216c2
070c29fe7c0a227029483d675eac863904ab6b291467acdf62167f4845699c21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf6aeac1-fd74-4724-86b5-f0e86d98c915.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8652
x-amzn-requestid: 5a5a883e-d7d4-4fc5-925a-3a95830c504e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVguyG7BIAMFm8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d214c4-390b59a32060e41203533c58;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 05:51:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ewSsCY4u9DwRtaj00U9JCim9tYeCgHRuIQFpdHm4ttI6L02-e44iDQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 06:42:55 GMT
age: 72680
etag: "8508727c97127c98b886833af28b3470306216c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6af6f32397882f56d14d22348e44a9f1
5a626376807e7507fa3a204c4e4e9e44aa074a37
478f32e98c0a1f0d62fa337795ca88b7927e14b684b681f7629b648bc2d709a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7417
x-amzn-requestid: 8dca6752-c548-4526-ae81-4626843ade3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYbDjGREoAMFxiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d33ee3-1c097c131b91c34b4e7df1be;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i8JJruxoRfordb6WFNf67-GLWrA_Q930x3GCCQoUmDwXrfZtBXvsZg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 03:16:34 GMT
age: 85061
etag: "5a626376807e7507fa3a204c4e4e9e44aa074a37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash 04c624d8879f883e20d8df7051843b37
0ba630a4f0865b761623030784e2b931cc6bfe1f
de8698a1e78247e0fbbe185a542c8ba7dcde748c3e84a5f636d2c6a6a10aedd1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2832
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:15 GMT
Last-Modified: Sun, 29 Jan 2023 02:07:03 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.30.0&cb=67865458791&lsavail=1
200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.30.0&cb=67865458791&lsavail=1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.30.0&cb=67865458791&lsavail=1 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 758
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:14 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://earnme.club
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=7d5fac7e-0261-48c4-892f-2cdf5db83fda&u=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&h=earnme.club&ref=https%3A%2F%2Fwww.google.com%2F
200 OK 155 B URL HTTP/2 p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=7d5fac7e-0261-48c4-892f-2cdf5db83fda&u=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&h=earnme.club&ref=https%3A%2F%2Fwww.google.com%2F
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 7311d0a3963cb87c6419b425e6fdd43d
68bd72146f202f3962677ff36dc41138b544397c
d40dd549e93b01d6321bfe0a248925135ff6f720a4b9477b1c7c068f0694c933
GET /v2/sync?pid=Q6CV1VBC&uid=7d5fac7e-0261-48c4-892f-2cdf5db83fda&u=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&h=earnme.club&ref=https%3A%2F%2Fwww.google.com%2F HTTP/1.1
Host: p2.gcprivacy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:15 GMT
content-type: application/json
content-length: 155
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
access-control-allow-methods: GET
access-control-allow-origin: https://earnme.club
access-control-max-age: 86400
set-cookie: gcid=8739174e-31dc-4a7b-b2ec-3d9b86f43901;Expires=Sat, 29 Apr 2023 02:54:15 UTC; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 5c00a6b71849e1f63887d38333830003
274723ffd4a062e1997a213ceeeab8a56ac83141
5e15ea6950fd4aa51af37519ac391c2c95cfd74ded6ac6e35432ccf68c70cb23
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 02:54:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 01:56:49 GMT
Expires: Sat, 04 Feb 2023 01:56:48 GMT
Etag: "274723ffd4a062e1997a213ceeeab8a56ac83141"
Cache-Control: max-age=514352,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790eaea4084e0b31-OSL
grid.bidswitch.net/hbjson
200 OK 48 B URL HTTP/2 grid.bidswitch.net/hbjson
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash fbd269483027bc89524a4038a0cb0f61
5c03d959a88963d54464a310bfbddaa824476fce
86581a6eb2529ead81ef195b8ed12299b9273e5fa5319c7a2bce6dfdd0642929
POST /hbjson HTTP/1.1
Host: grid.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 774
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:15 GMT
content-type: application/json
content-length: 48
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
track1.aniview.com/track?d=Firefox&cou=NO&cos=Windows&r=earnme.club&rs=earnme.club&sid=40675&t=1674960855&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=&d64=f4f183c7afd3b6e08aa77e89faad4c88&d63=f4f183c7afd3b6e08aa77e89faad4c88&aafaid=&proto=https&uid=1674960855702-978606551947-001146-004-001827&cha=0.7&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.76&cb=54138627991&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361&&ppid=62176a72a06fe80ba569d18f&nid=5e7b9048180bd02ded4b0937&pcid=6278fd47e6b0901a49776895&ncid=627a0e8f76eb182bd8758ee8&pasid=627a0ec5d3a48b4af3605f6c&e=request&cb=1674960861239&asid=62a9a257b1f7be14705f5586%2C63be800fceff40770704ac05%2C63a987aaf31103e0780c6cb4%2C62fcc8551f0d537b70642b47%2C63be7ffa5d8c2fe0ed0149ab%2C6332ef55cd0fcf1ceb506cc4%2C63720057d528eb2645079ab5%2C63a987c1780a4b73f009af75%2C62a9a29da987b3169d027596%2C63a9880fffaa1787ef0d3955%2C6332ef0a396c5d5aa40539b5&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1
200 OK 0 B URL HTTP/2 track1.aniview.com/track?d=Firefox&cou=NO&cos=Windows&r=earnme.club&rs=earnme.club&sid=40675&t=1674960855&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=&d64=f4f183c7afd3b6e08aa77e89faad4c88&d63=f4f183c7afd3b6e08aa77e89faad4c88&aafaid=&proto=https&uid=1674960855702-978606551947-001146-004-001827&cha=0.7&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.76&cb=54138627991&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361&&ppid=62176a72a06fe80ba569d18f&nid=5e7b9048180bd02ded4b0937&pcid=6278fd47e6b0901a49776895&ncid=627a0e8f76eb182bd8758ee8&pasid=627a0ec5d3a48b4af3605f6c&e=request&cb=1674960861239&asid=62a9a257b1f7be14705f5586%2C63be800fceff40770704ac05%2C63a987aaf31103e0780c6cb4%2C62fcc8551f0d537b70642b47%2C63be7ffa5d8c2fe0ed0149ab%2C6332ef55cd0fcf1ceb506cc4%2C63720057d528eb2645079ab5%2C63a987c1780a4b73f009af75%2C62a9a29da987b3169d027596%2C63a9880fffaa1787ef0d3955%2C6332ef0a396c5d5aa40539b5&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track?d=Firefox&cou=NO&cos=Windows&r=earnme.club&rs=earnme.club&sid=40675&t=1674960855&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=&d64=f4f183c7afd3b6e08aa77e89faad4c88&d63=f4f183c7afd3b6e08aa77e89faad4c88&aafaid=&proto=https&uid=1674960855702-978606551947-001146-004-001827&cha=0.7&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.76&cb=54138627991&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361&&ppid=62176a72a06fe80ba569d18f&nid=5e7b9048180bd02ded4b0937&pcid=6278fd47e6b0901a49776895&ncid=627a0e8f76eb182bd8758ee8&pasid=627a0ec5d3a48b4af3605f6c&e=request&cb=1674960861239&asid=62a9a257b1f7be14705f5586%2C63be800fceff40770704ac05%2C63a987aaf31103e0780c6cb4%2C62fcc8551f0d537b70642b47%2C63be7ffa5d8c2fe0ed0149ab%2C6332ef55cd0fcf1ceb506cc4%2C63720057d528eb2645079ab5%2C63a987c1780a4b73f009af75%2C62a9a29da987b3169d027596%2C63a9880fffaa1787ef0d3955%2C6332ef0a396c5d5aa40539b5&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1 HTTP/1.1
Host: track1.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Cookie: aniC=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:15 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/pwt/162175/7600
404 Not Found 196 B URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/162175/7600
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62962daa1b19bbcc2db10b7bfd531ea6
d64bae91091eda6a7532ebec06aa70893b79e1f8
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /AdServer/js/pwt/162175/7600 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: Apache
content-length: 196
content-type: text/html; charset=iso-8859-1
date: Sun, 29 Jan 2023 02:54:15 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.gravatar.com/avatar/ce2e698c2ff496a6f5158d5390376c88?s=40&d=mm&r=g
200 OK 983 B URL HTTP/2 secure.gravatar.com/avatar/ce2e698c2ff496a6f5158d5390376c88?s=40&d=mm&r=g
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 40x40, components 3\012- data
Hash 75dfb23da6e6730d066e698773b3fd45
3b45961e6fcf7708b89f59d28b18edc96a641016
ca775cd8ab837239f9497e8afe90403d78cb37581c0adfe4003012d24bea020e
GET /avatar/ce2e698c2ff496a6f5158d5390376c88?s=40&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 02:54:16 GMT
content-type: image/jpeg
content-length: 983
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://www.gravatar.com/avatar/ce2e698c2ff496a6f5158d5390376c88?s=40&d=mm&r=g>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="ce2e698c2ff496a6f5158d5390376c88.png"
expires: Sun, 29 Jan 2023 02:59:16 GMT
cache-control: max-age=300
x-nc: HIT arn 4
accept-ranges: bytes
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP
File type ASCII text, with very long lines (39375)
Hash dd72475fb49948f7525c90899c93ab39
77b59870027d875a6626ca69d85b4ba751ca6877
e9b943a965b4e0f90a0358f0e5fd876e680f2e47e7d48bdeb170a9720d4d34c2
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27568
date: Sun, 29 Jan 2023 02:54:16 GMT
expires: Sun, 29 Jan 2023 02:54:16 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1466 / 772 of 1000 / last-modified: 1674860937"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/fXs_L39cqkM
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/fXs_L39cqkM
IP
Hash 0a5fee56c5cf86832c196d4774bcb27c
d8f10d9ae75ce660219359a27b86558208ed931f
7faa0f29b8d7fdb02d43e99d437785681c14ca867057e0a74eff55f19154b432
POST /s/gts1d4/fXs_L39cqkM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:16 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 11163da0a9cc4caa58468b7538fe942f
b35e184afc6413e35a07b56b1370656875942dec
34841bbe495f8bea279be5c41eefbf05c17b47f23becc518cf8832dce0fbac13
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34841BBE495F8BEA279BE5C41EEFBF05C17B47F23BECC518CF8832DCE0FBAC13"
Last-Modified: Sat, 28 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6147
Expires: Sun, 29 Jan 2023 04:36:43 GMT
Date: Sun, 29 Jan 2023 02:54:16 GMT
Connection: keep-alive
at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
200 OK 56 B URL HTTP/1.1 at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
IP
File type ASCII text, with no line terminators
Hash a112ff477673a2890a12cdf273386859
56bbe57d038bcf75568321a805932ebb40e7002b
8c735d03d28da864c4b89c4b1b4e989aabc336ce77b707fc081e65bae4b5878a
GET /fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1 HTTP/1.1
Host: at.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
Content-Length: 56
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://earnme.club
Expires: Sun, 29 Jan 2023 02:54:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 29 Jan 2023 02:54:16 GMT
Connection: keep-alive
id5-sync.com/api/config/prebid
200 135 B URL HTTP/1.1 id5-sync.com/api/config/prebid
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 4eb43de05ae4ccf9197d91167f082dae
d6cd93e31f2d6bcbf9aae42e82680950a1c9ea6f
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
POST /api/config/prebid HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 121
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 29 Jan 2023 02:54:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.sectigo.com/
200 OK 471 B IP
Hash 8ef1dbe04ff3834735b0659e7ae82c62
56d86283c8861f679162e92c70bbea59f819b8dc
a41623bee3b144f94362b7351bf88236e4291f113068361be33209f550fb3373
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 02:54:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 01:42:55 GMT
Expires: Sun, 05 Feb 2023 01:42:54 GMT
Etag: "56d86283c8861f679162e92c70bbea59f819b8dc"
Cache-Control: max-age=599917,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790eaea6d95b0b31-OSL
api.rlcdn.com/api/identity/envelope?pid=1323
401 Unauthorized 19 B URL HTTP/2 api.rlcdn.com/api/identity/envelope?pid=1323
IP
Hash 63dfbd2b39fe4f536a04e7b32ada47b4
207298c4a215ad5d97d888522927910ae772ba48
26e51290d12b4fea0bb98da3ed118837b744555ba723061771ab3df30000b6b7
GET /api/identity/envelope?pid=1323 HTTP/1.1
Host: api.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 401 Unauthorized
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Sun, 29 Jan 2023 02:54:16 GMT
content-length: 19
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&src=pbjs&ver=7.30.0
200 OK 49 B URL HTTP/2 lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&src=pbjs&ver=7.30.0
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash c466bd434db29cf02793f8522fde5f3a
f39a01bb0264479dbe9a4bfb0b80ae0b3b0e8154
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
GET /v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&src=pbjs&ver=7.30.0 HTTP/1.1
Host: lexicon.33across.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: origin
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
cache-control: private, must-revalidate, max-age=28800
content-type: application/json
content-length: 49
date: Sun, 29 Jan 2023 02:54:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
200 OK 13 kB URL HTTP/2 pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
IP
File type ASCII text, with very long lines (1493)
Hash 0dece4b354fc41d0430994be26247a47
1063c9471665bb53cc9a4e89c4cf0f1e9f695f8d
71a1c1d814cc6c713b3513212be779f944e9b4002e1fb89ac36e438a1a04e4a0
GET /omsdk/releases/live/omweb-v1.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-length: 13109
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 02:09:09 GMT
expires: Sun, 29 Jan 2023 03:09:09 GMT
cache-control: public, max-age=3600
age: 2707
last-modified: Mon, 31 Oct 2022 17:24:37 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash ae8a41f5e4fe38ca91df85773bc95ef2
23e424face28a6e3046816cbbe9037f54c78e996
f626c70653a4bac1c0f4f0f68e15dbce82083f1e815f0de04d4c5a8f3d1ce025
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 29 Jan 2023 02:54:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 15041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 28 Jan 2023 22:59:33 GMT
Expires: Sun, 29 Jan 2023 22:59:33 GMT
ETag: "23e424face28a6e3046816cbbe9037f54c78e996"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1
200 OK 873 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1
IP
Hash 05d66fdce32284795d9bf9377c4eeb6a
8180867a92793a28bbf3bc01fad99de47f3ec93f
ff54c460d230e34937fcb3d134946af879fe077497eb02cc487e6ec7bbc45848
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://earnme.club
server-processing-duration-in-ticks: 1071270
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f69c5f43bf99edb53b690cb0bba51efb
e303559ff0956b6bf963b572b17da2a713ce5206
bc95b0a6b8b9a1df9c53272c4324ca1d008699b3da74110efa37ed0118c66181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/fXs_L39cqkM
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/fXs_L39cqkM
IP
Hash 0a5fee56c5cf86832c196d4774bcb27c
d8f10d9ae75ce660219359a27b86558208ed931f
7faa0f29b8d7fdb02d43e99d437785681c14ca867057e0a74eff55f19154b432
POST /s/gts1d4/fXs_L39cqkM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:16 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/instream/video/client.js
200 OK 17 kB URL HTTP/2 s0.2mdn.net/instream/video/client.js
IP
File type ASCII text, with very long lines (2156)
Hash 49295de6ccd23cf80b6418a2d209868f
42a955b4560bb22cb9b5b39577f7a691ea345018
d5a29c73c6200af2ed6918a61106e649b92098ecd476830d725ed4d2ea5a8efa
GET /instream/video/client.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 16746
date: Sun, 29 Jan 2023 02:54:16 GMT
expires: Sun, 29 Jan 2023 02:54:16 GMT
cache-control: private, max-age=900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
id.crwdcntrl.net/id
200 OK 43 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 90eeff5111bbbdce769d4130cc3cca3c
d62886c1a85d51814cb7f124761c5e6aca6d8933
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
GET /id HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:16 GMT
content-type: application/json;charset=utf-8
content-length: 43
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.22.255
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=earnme.club
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=earnme.club
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=earnme.club HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 29 Jan 2023 02:54:16 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f69c5f43bf99edb53b690cb0bba51efb
e303559ff0956b6bf963b572b17da2a713ce5206
bc95b0a6b8b9a1df9c53272c4324ca1d008699b3da74110efa37ed0118c66181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 7dc8cbc6b3e17e84579cf1a31ce63795
f831e6a0a041b6e2abe64935dec8d211d53c54fc
3f95be522567c21cd995cf89bafc62d4463ba8a5891a56efb6bc82a64d7e2b82
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163089
Date: Sun, 29 Jan 2023 02:54:16 GMT
Etag: "63d5b01d-1d7"
Expires: Tue, 31 Jan 2023 00:12:25 GMT
Last-Modified: Sat, 28 Jan 2023 23:30:37 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qa3aO5avkjURiaSP_xOfNVcqwUDoyQRbMWN6b84Ga6rT3SP4aZ9qPA==
Age: 2508
ocsp.sectigo.com/
200 OK 471 B IP
Hash 8ef1dbe04ff3834735b0659e7ae82c62
56d86283c8861f679162e92c70bbea59f819b8dc
a41623bee3b144f94362b7351bf88236e4291f113068361be33209f550fb3373
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 02:54:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 01:42:55 GMT
Expires: Sun, 05 Feb 2023 01:42:54 GMT
Etag: "56d86283c8861f679162e92c70bbea59f819b8dc"
Cache-Control: max-age=599917,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790eaea7d9ab0b31-OSL
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 29 Jan 2023 01:45:20 GMT
expires: Sun, 29 Jan 2023 03:45:20 GMT
cache-control: public, max-age=7200
age: 4136
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
idx.liadm.com/idex/prebid/any?resolve=nonId
200 OK 50 B URL HTTP/2 idx.liadm.com/idex/prebid/any?resolve=nonId
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 976f1b9c831ea6f5b6b5e822e558dc3b
6a7ffece29fdf9b49aedf44be3271a43458cafb9
18b5d13258025f1a268b104fed960f27ad9009fb3ff504d1c6e0862c7a332948
GET /idex/prebid/any?resolve=nonId HTTP/1.1
Host: idx.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:16 GMT
content-type: application/json
content-length: 50
trace-id: c32987489bf29745
vary: Origin
expires: Mon, 30 Jan 2023 02:54:16 GMT
set-cookie: lidid=80c25be3-b2da-413b-85c0-dbe2c69734fc; Max-Age=63072000; Expires=Tue, 28 Jan 2025 02:54:16 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
request-time: 2
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
X-Firefox-Spdy: h2
c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fearnme.club&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
200 OK 2.0 kB URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fearnme.club&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
IP
File type JSON data\012- , ASCII text, with very long lines (1960), with no line terminators
Hash 17bc5a6a6cd052ec3cb6afca08829022
f9e8354a014c00fea4507744fd03e14150eed35a
ae48e1202874ebd04205306f97593913e40592e5996faeaca4d7f1cbde36e688
GET /cdn/prod/config?src=600&u=https%3A%2F%2Fearnme.club&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
content-length: 1960
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Sun, 29 Jan 2023 02:54:16 GMT
server: Server
x-cache: Miss from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T3k8bvYH5K5P-7f9cWZmGiJGbX3PdPGDIoAFPULZrXhwXQVGwVNA_g==
X-Firefox-Spdy: h2
c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fearnme.club&pubid=5dff1804-8b85-4514-bcc6-4b8fb563a913
200 OK 1.3 kB URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fearnme.club&pubid=5dff1804-8b85-4514-bcc6-4b8fb563a913
IP
File type JSON data\012- , ASCII text, with very long lines (1276), with no line terminators
Hash ae434edd09ce7ee965c90d9c7c96f845
ff33cbbc88cf599da32a5f62a97824eb08ff137b
36b81d0f1727d5c783469e0badad36298cb7b6fbe0373820bec8275308e285e9
GET /cdn/prod/config?src=600&u=https%3A%2F%2Fearnme.club&pubid=5dff1804-8b85-4514-bcc6-4b8fb563a913 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
content-length: 1276
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Sun, 29 Jan 2023 02:54:15 GMT
server: Server
x-cache: Miss from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z5KrO23bBKgQ0PFmo0LVSfXZDoyJQCCFNq9pMtSAvLAiwCkQIUtFwQ==
X-Firefox-Spdy: h2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=bmVajFFUPeEBS&cb=0&ws=1280x939&v=23.123.1617&t=2000&slots=%5B%7B%22sd%22%3A%22ceb3c194-b78f-41eb-9529-b3b1e59acf19%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_1%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2Ca88a339d-a591-48f6-ba2d-eeba11351a93%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
200 OK 187 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=bmVajFFUPeEBS&cb=0&ws=1280x939&v=23.123.1617&t=2000&slots=%5B%7B%22sd%22%3A%22ceb3c194-b78f-41eb-9529-b3b1e59acf19%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_1%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2Ca88a339d-a591-48f6-ba2d-eeba11351a93%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
IP
File type ASCII text, with no line terminators
Hash 20463010a433ae3812bba989937da352
d7f7b17d1fc85ff9d9d0ba65ebbb35f7ca258e3c
926df2b4ddfd362208521eaee7cfbb27f35da3154e7ea7204b35af6dbd474dd6
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=bmVajFFUPeEBS&cb=0&ws=1280x939&v=23.123.1617&t=2000&slots=%5B%7B%22sd%22%3A%22ceb3c194-b78f-41eb-9529-b3b1e59acf19%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_1%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2Ca88a339d-a591-48f6-ba2d-eeba11351a93%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 187
server: Server
date: Sun, 29 Jan 2023 02:54:16 GMT
x-amz-rid: 4QMJBSHSHNR2Q8N82DB7
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iBOu1flVbiE6vct8x0HOeXDiDU0GFFLH0NnByrmAUWGEeKDL7WSoyw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7b279d00e3fe506fa55ae410fca0c901
c88d705cf5d6d692ec6104dcc4690c8817afebab
11f31abefac6551a99c0d4fc1fcb303b678cc50b7616d5cdb53c0a6382f024a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11F31ABEFAC6551A99C0D4FC1FCB303B678CC50B7616D5CDB53C0A6382F024A5"
Last-Modified: Sat, 28 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5998
Expires: Sun, 29 Jan 2023 04:34:15 GMT
Date: Sun, 29 Jan 2023 02:54:17 GMT
Connection: keep-alive
adservice.google.no/adsid/integrator.js?domain=earnme.club
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=earnme.club
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=earnme.club HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 29 Jan 2023 02:54:17 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lb.eu-1-id5-sync.com/lb/v1
200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 945f6de770373ab2470f3ad487483634
bf52dffdb16a471de1034e0561f0ec2923e74230
5143007c0cd45b630883d3f5e1e379d59ad1ae84084532c7c999de3706d6390e
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 29 Jan 2023 02:54:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.pki.goog/s/gts1p5/9O8VcKlZFo8
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/9O8VcKlZFo8
IP
Hash 8b9c14eef656903994be7111670778e4
376f66dc915c806939f5c1dd3f17f96523ebc71e
2b8a0aea2df31629f23aca80b05ada2f042f1f96b8becf05ead0d5a660edd020
POST /s/gts1p5/9O8VcKlZFo8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:17 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/9O8VcKlZFo8
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/9O8VcKlZFo8
IP
Hash 8b9c14eef656903994be7111670778e4
376f66dc915c806939f5c1dd3f17f96523ebc71e
2b8a0aea2df31629f23aca80b05ada2f042f1f96b8becf05ead0d5a660edd020
POST /s/gts1p5/9O8VcKlZFo8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:17 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 314 B IP
Hash 4d08df7a08aba618dc2931e09c2a9c9a
5c0e0ea828f5c769eb45c3c499fad469f20b6d7d
a4fba084caab6f397be9161b8fdf281cc7aafd588fb32d55b6ae50cc44e6b0bc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1496
Cache-Control: max-age=126425
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:17 GMT
Etag: "63d524da-13a"
Expires: Mon, 30 Jan 2023 14:01:22 GMT
Last-Modified: Sat, 28 Jan 2023 13:36:26 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 314
dnacdn.net/dna
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:17 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=FPNc4180M0RITmhlJTJCZkMwOUJGQlhaMUN2czM0cjlhcFpMcG5aMzl6M3RWc0FoZTRTRTglMkJWUFZPTyUyQll0OVJMVlE3ckk4; expires=Fri, 23 Feb 2024 02:54:17 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://earnme.club
server-processing-duration-in-ticks: 227272
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=479
200 OK 28 kB URL HTTP/2 cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=479
IP
File type ASCII text, with very long lines (55891), with no line terminators
Hash 5bb9aec15ffb53d6e940213587c09ab1
d12817894fd63be90e160b7e186a2ff0b8287352
4d4004d3970287c4000589e79d7d011900585a25399181db151d2fd3bb8804e0
GET /hadron.js?url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=479 HTTP/1.1
Host: cdn.hadronid.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:17 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"2280e2148e4ee3c06f679f8fac039778"
last-modified: Fri, 18 Nov 2022 10:57:44 GMT
x-amz-id-2: VVXSRCfn+iX3VlsEH3JPxIkNzLS6lVJG1NUOW+RC+F2OY5f3zD5nPr9+sjNuSMlIuK4KYvackFM=
x-amz-request-id: 8JRRZ9HXKGBZSDFY
cache-control: max-age=3600
cf-cache-status: HIT
age: 6158
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwyQVbOHezKzxxqGA58xYkZJSzHee07%2FXEB%2FSFY%2B%2FOCDTa1gwLVi3XezCz9uQz9nVUnENVfq9xdnyVmgG7dEikPk8AbFIQ8e1Glr394lQY4Al0wQjFE%2Fq51bdw%2FG%2B2kzPLc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790eaeae9d68b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1
200 OK 2.7 kB URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1
IP
Hash ddc94fdbfe32050ffd3da1ea7a707c11
d24a0917b5077b989b9c249483e63976706328b0
30828dc202d7338f3b6bf542eaf7ff68aa6615fd6be8ebd5401f08db024dc3fb
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://earnme.club
server-processing-duration-in-ticks: 480284
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
tra.neodatagroup.com/pv?sid=2033&rnd=1472942735431&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=7d5fac7e-0261-48c4-892f-2cdf5db83fda;pubcid;PublisherCommonId&pbs=true
302 0 B URL HTTP/1.1 tra.neodatagroup.com/pv?sid=2033&rnd=1472942735431&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=7d5fac7e-0261-48c4-892f-2cdf5db83fda;pubcid;PublisherCommonId&pbs=true
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv?sid=2033&rnd=1472942735431&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=7d5fac7e-0261-48c4-892f-2cdf5db83fda;pubcid;PublisherCommonId&pbs=true HTTP/1.1
Host: tra.neodatagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Sun, 29 Jan 2023 02:54:17 GMT
Content-Type: text/richtext;charset=UTF-8
Content-Length: 0
Connection: keep-alive
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
Access-Control-Allow-Origin: *
Set-Cookie: cProfile=AQML9uTT8AWTAAAAAAAEAAABhhAL2fgAB2RlZmF1bHQ=; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 13 Feb 2023 02:54:17 GMT;
Location: /pv?sid=2033&rnd=1472942735431&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=7d5fac7e-0261-48c4-892f-2cdf5db83fda;pubcid;PublisherCommonId&pbs=true&neoid=30bf6e4d3f00593
id5-sync.com/g/v2/579.json
200 216 B URL HTTP/1.1 id5-sync.com/g/v2/579.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 24a22bcb76387902922d1887e5d4142b
27dc8203d7a654f51b237fbbe80a3dce8f2e4036
4da52c38075a7413e35855dd71f09cfc9f1c4e21538b2b5d6934a22ce833c281
POST /g/v2/579.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 295
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 29 Jan 2023 02:54:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
200 OK 278 B IP
Hash dc5487c7a148b00188516c7de2fdd0f6
835cf3c9d7378f6193c8be4767946886563d5458
1e263f227fbccaaa9e8d559f276c4a97c2de68f7d38953a23a16916a11b9ac22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 612
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:17 GMT
Last-Modified: Sun, 29 Jan 2023 02:44:05 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash dc5487c7a148b00188516c7de2fdd0f6
835cf3c9d7378f6193c8be4767946886563d5458
1e263f227fbccaaa9e8d559f276c4a97c2de68f7d38953a23a16916a11b9ac22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 612
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:17 GMT
Last-Modified: Sun, 29 Jan 2023 02:44:05 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
pubads.g.doubleclick.net/gampad/ads?iu=%2F21833905170%2C22663323296%2Fadsolut_0.8_MCM_earnme.club_video_DU&description_url=http%3A%2F%2Fearnme.club&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=98165134960579&sdkv=h.3.553.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=1403418686&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.553.0&sid=0A38C37D-F46B-499A-BFC9-68F9C04747CC&nel=0&eid=44733246%2C44748969%2C44765701%2C44777649&url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&dt=1674960863092&cookie_enabled=1&scor=2803227941153961&ged=ve4_td1_tt1_pd1_la1000_er316.157.475.457_vi0.0.939.1268_vp100_ts0_eb24171
200 OK 113 B URL HTTP/2 pubads.g.doubleclick.net/gampad/ads?iu=%2F21833905170%2C22663323296%2Fadsolut_0.8_MCM_earnme.club_video_DU&description_url=http%3A%2F%2Fearnme.club&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=98165134960579&sdkv=h.3.553.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=1403418686&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.553.0&sid=0A38C37D-F46B-499A-BFC9-68F9C04747CC&nel=0&eid=44733246%2C44748969%2C44765701%2C44777649&url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&dt=1674960863092&cookie_enabled=1&scor=2803227941153961&ged=ve4_td1_tt1_pd1_la1000_er316.157.475.457_vi0.0.939.1268_vp100_ts0_eb24171
IP
File type XML 1.0 document text\012- XML document, ASCII text
Hash 9e5d36292a75aef07bdde5891b2e4a7b
8d69904b7df5e550f1884e06c139bd9661eb2917
92ffc3ec51e068750c23ae95041fd670aa4aa60ce3a5295ad27d2179d0780168
GET /gampad/ads?iu=%2F21833905170%2C22663323296%2Fadsolut_0.8_MCM_earnme.club_video_DU&description_url=http%3A%2F%2Fearnme.club&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=98165134960579&sdkv=h.3.553.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=1403418686&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.553.0&sid=0A38C37D-F46B-499A-BFC9-68F9C04747CC&nel=0&eid=44733246%2C44748969%2C44765701%2C44777649&url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&dt=1674960863092&cookie_enabled=1&scor=2803227941153961&ged=ve4_td1_tt1_pd1_la1000_er316.157.475.457_vi0.0.939.1268_vp100_ts0_eb24171 HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
google-lineitem-id: -2
google-creative-id: -2
google-mediationgroup-id: -2
google-mediationtag-id: -2
date: Sun, 29 Jan 2023 02:54:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/xml; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 113
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Jan-2023 03:09:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 7265cc5568bea49977d8de3c96e0f87e
bb9b299053e24b44c2dc310132b56264fda27240
f1b83673f8a9b79e3d182b19b4d89f4cb73f78862b857c608aa69248f7a64bed
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 02:54:17 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 02 Feb 2023 00:53:31 GMT
ETag: "bb9b299053e24b44c2dc310132b56264fda27240"
Last-Modified: Sun, 29 Jan 2023 00:53:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2285
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790eaeb25ed6b524-OSL
pubads.g.doubleclick.net/gampad/ads?iu=%2F21833905170%2C22663323296%2Fadsolut_1_MCM_earnme.club_video_DU&description_url=http%3A%2F%2Fearnme.club&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=553116665507503&sdkv=h.3.553.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=331226486&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.553.0&sid=0A38C37D-F46B-499A-BFC9-68F9C04747CC&nel=0&eid=44733246%2C44748969%2C44765701%2C44777649&url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&dt=1674960863059&cookie_enabled=1&scor=16354430845955&ged=ve4_td1_tt1_pd1_la1000_er316.157.475.457_vi0.0.939.1268_vp100_eb24171
200 OK 113 B URL HTTP/2 pubads.g.doubleclick.net/gampad/ads?iu=%2F21833905170%2C22663323296%2Fadsolut_1_MCM_earnme.club_video_DU&description_url=http%3A%2F%2Fearnme.club&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=553116665507503&sdkv=h.3.553.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=331226486&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.553.0&sid=0A38C37D-F46B-499A-BFC9-68F9C04747CC&nel=0&eid=44733246%2C44748969%2C44765701%2C44777649&url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&dt=1674960863059&cookie_enabled=1&scor=16354430845955&ged=ve4_td1_tt1_pd1_la1000_er316.157.475.457_vi0.0.939.1268_vp100_eb24171
IP
File type XML 1.0 document text\012- XML document, ASCII text
Hash 9e5d36292a75aef07bdde5891b2e4a7b
8d69904b7df5e550f1884e06c139bd9661eb2917
92ffc3ec51e068750c23ae95041fd670aa4aa60ce3a5295ad27d2179d0780168
GET /gampad/ads?iu=%2F21833905170%2C22663323296%2Fadsolut_1_MCM_earnme.club_video_DU&description_url=http%3A%2F%2Fearnme.club&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=553116665507503&sdkv=h.3.553.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=331226486&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.553.0&sid=0A38C37D-F46B-499A-BFC9-68F9C04747CC&nel=0&eid=44733246%2C44748969%2C44765701%2C44777649&url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&dt=1674960863059&cookie_enabled=1&scor=16354430845955&ged=ve4_td1_tt1_pd1_la1000_er316.157.475.457_vi0.0.939.1268_vp100_eb24171 HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
google-lineitem-id: -2
google-creative-id: -2
google-mediationgroup-id: -2
google-mediationtag-id: -2
date: Sun, 29 Jan 2023 02:54:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/xml; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 113
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Jan-2023 03:09:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pubads.g.doubleclick.net/gampad/ads?iu=%2F21833905170%2C22663323296%2Fadsolut_0.7_MCM_earnme.club_video_DU&description_url=http%3A%2F%2Fearnme.club&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=277328073383128&sdkv=h.3.553.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=3692581866&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.553.0&sid=0A38C37D-F46B-499A-BFC9-68F9C04747CC&nel=0&eid=44733246%2C44748969%2C44765701%2C44777649&url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&dt=1674960863157&cookie_enabled=1&scor=1556899646489224&ged=ve4_td1_tt1_pd1_la1000_er316.157.475.457_vi0.0.939.1268_vp100_ts0_eb24171
200 OK 113 B URL HTTP/2 pubads.g.doubleclick.net/gampad/ads?iu=%2F21833905170%2C22663323296%2Fadsolut_0.7_MCM_earnme.club_video_DU&description_url=http%3A%2F%2Fearnme.club&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=277328073383128&sdkv=h.3.553.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=3692581866&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.553.0&sid=0A38C37D-F46B-499A-BFC9-68F9C04747CC&nel=0&eid=44733246%2C44748969%2C44765701%2C44777649&url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&dt=1674960863157&cookie_enabled=1&scor=1556899646489224&ged=ve4_td1_tt1_pd1_la1000_er316.157.475.457_vi0.0.939.1268_vp100_ts0_eb24171
IP
File type XML 1.0 document text\012- XML document, ASCII text
Hash 9e5d36292a75aef07bdde5891b2e4a7b
8d69904b7df5e550f1884e06c139bd9661eb2917
92ffc3ec51e068750c23ae95041fd670aa4aa60ce3a5295ad27d2179d0780168
GET /gampad/ads?iu=%2F21833905170%2C22663323296%2Fadsolut_0.7_MCM_earnme.club_video_DU&description_url=http%3A%2F%2Fearnme.club&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=277328073383128&sdkv=h.3.553.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=3692581866&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.553.0&sid=0A38C37D-F46B-499A-BFC9-68F9C04747CC&nel=0&eid=44733246%2C44748969%2C44765701%2C44777649&url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&dt=1674960863157&cookie_enabled=1&scor=1556899646489224&ged=ve4_td1_tt1_pd1_la1000_er316.157.475.457_vi0.0.939.1268_vp100_ts0_eb24171 HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
google-lineitem-id: -2
google-creative-id: -2
google-mediationgroup-id: -2
google-mediationtag-id: -2
date: Sun, 29 Jan 2023 02:54:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/xml; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 113
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Jan-2023 03:09:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pubads.g.doubleclick.net/gampad/ads?iu=%2F106213651%2C22367406785%2FAM%2FAM_Vid_0.8_earnme.club_09122022&description_url=https%3A%2F%2Fearnme.club%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2420693135481906&hl=en&sdkv=h.3.553.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=3541541500&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.553.0&sid=0A38C37D-F46B-499A-BFC9-68F9C04747CC&nel=0&eid=44733246%2C44748969%2C44765701%2C44777649&url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&dt=1674960863126&cookie_enabled=1&scor=2009920740662043&ged=ve4_td1_tt1_pd1_la1000_er316.157.475.457_vi0.0.939.1268_vp100_ts0_eb24171
200 OK 113 B URL HTTP/2 pubads.g.doubleclick.net/gampad/ads?iu=%2F106213651%2C22367406785%2FAM%2FAM_Vid_0.8_earnme.club_09122022&description_url=https%3A%2F%2Fearnme.club%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2420693135481906&hl=en&sdkv=h.3.553.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=3541541500&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.553.0&sid=0A38C37D-F46B-499A-BFC9-68F9C04747CC&nel=0&eid=44733246%2C44748969%2C44765701%2C44777649&url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&dt=1674960863126&cookie_enabled=1&scor=2009920740662043&ged=ve4_td1_tt1_pd1_la1000_er316.157.475.457_vi0.0.939.1268_vp100_ts0_eb24171
IP
File type XML 1.0 document text\012- XML document, ASCII text
Hash 9e5d36292a75aef07bdde5891b2e4a7b
8d69904b7df5e550f1884e06c139bd9661eb2917
92ffc3ec51e068750c23ae95041fd670aa4aa60ce3a5295ad27d2179d0780168
GET /gampad/ads?iu=%2F106213651%2C22367406785%2FAM%2FAM_Vid_0.8_earnme.club_09122022&description_url=https%3A%2F%2Fearnme.club%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2420693135481906&hl=en&sdkv=h.3.553.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=3541541500&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.553.0&sid=0A38C37D-F46B-499A-BFC9-68F9C04747CC&nel=0&eid=44733246%2C44748969%2C44765701%2C44777649&url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&dt=1674960863126&cookie_enabled=1&scor=2009920740662043&ged=ve4_td1_tt1_pd1_la1000_er316.157.475.457_vi0.0.939.1268_vp100_ts0_eb24171 HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
google-lineitem-id: -2
google-creative-id: -2
google-mediationgroup-id: -2
google-mediationtag-id: -2
date: Sun, 29 Jan 2023 02:54:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/xml; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 113
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Jan-2023 03:09:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
secure.adnxs.com/getuid?https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=$UID&rt=img&rnd=1472942735431
307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=$UID&rt=img&rnd=1472942735431
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=$UID&rt=img&rnd=1472942735431 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 02:54:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Ftracker.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DAPN%26eid%3D%24UID%26rt%3Dimg%26rnd%3D1472942735431
AN-X-Request-Uuid: cd679c11-558c-402f-b78a-8c830eacefab
Set-Cookie: uuid2=5893264804540519646; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 29-Apr-2023 02:54:17 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1472942735431
200 OK 1.6 kB URL HTTP/1.1 pixel.mathtag.com/sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1472942735431
IP
Hash 6451353f30ab8e894945bb4b1eb7a9f0
7d23bf89900f78896eeb6ac5013d20da61aecc5f
637364e4ff0031fb9e596cccc5759573de6d915609fc86cdf8e456fcf7d71452
GET /sync/js?sync=auto&mt_exid=10082&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1472942735431 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1567
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master ord-pixel-x33 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sun, 29 Jan 2023 02:54:16 GMT
Date: Sun, 29 Jan 2023 02:54:18 GMT
Connection: keep-alive
Set-Cookie: uuid=809863d5-dfda-4a00-94a4-4c7916a9702f; domain=.mathtag.com; path=/; expires=Mon, 26-Feb-2024 02:54:18 GMT; SameSite=None; Secure
tra.neodatagroup.com/pv?sid=2033&rnd=1472942735431&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=7d5fac7e-0261-48c4-892f-2cdf5db83fda;pubcid;PublisherCommonId&pbs=true&neoid=30bf6e4d3f00593
200 214 B URL HTTP/1.1 tra.neodatagroup.com/pv?sid=2033&rnd=1472942735431&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=7d5fac7e-0261-48c4-892f-2cdf5db83fda;pubcid;PublisherCommonId&pbs=true&neoid=30bf6e4d3f00593
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with no line terminators
Hash 325cb5047b1ddadef35bbdfc08912e1a
742b3b8a860f2c9847fb25192b12c104fdefa557
5f01ba770a480c785c47e8aeff78bdfe6124686f31337563b1e662265cd74f14
GET /pv?sid=2033&rnd=1472942735431&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&cb=window._exaudiadapex.setNeoIdLastSync(%27@@neo_user_id@@%27);&ids=7d5fac7e-0261-48c4-892f-2cdf5db83fda;pubcid;PublisherCommonId&pbs=true&neoid=30bf6e4d3f00593 HTTP/1.1
Host: tra.neodatagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Cookie: cProfile=AQML9uTT8AWTAAAAAAAEAAABhhAL2fgAB2RlZmF1bHQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Sun, 29 Jan 2023 02:54:18 GMT
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
Access-Control-Allow-Origin: *
Set-Cookie: cP=ARMDC/bk0/AFkwAAAAABqfbu; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 29 Jan 2024 02:54:17 GMT;
tr=loCAwICAgdoANDMwYmY2ZTRkM2YwMDU5M183ZDVmYWM3ZS0wMjYxLTQ4YzQtODkyZi0yY2RmNWRiODNmZGHOY9Xf2g==; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 29 Jan 2024 02:54:18 GMT;
tr=loCAwICAgdoANDMwYmY2ZTRkM2YwMDU5M183ZDVmYWM3ZS0wMjYxLTQ4YzQtODkyZi0yY2RmNWRiODNmZGHOY9Xf2g==; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 29 Jan 2024 02:54:18 GMT;
tr=loCAwICAgdoANDMwYmY2ZTRkM2YwMDU5M183ZDVmYWM3ZS0wMjYxLTQ4YzQtODkyZi0yY2RmNWRiODNmZGHOY9Xf2g==; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 29 Jan 2024 02:54:18 GMT;
cOptout=0|yocToken:8_tV18l_nooTUHlvz01B6GumV4Y; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 29 Jan 2024 02:54:18 GMT;
vary: accept-encoding
Content-Encoding: gzip
pubads.g.doubleclick.net/gampad/ads?iu=%2F21833905170%2C22663323296%2Fadsolut_0.6_MCM_earnme.club_video_DU&description_url=http%3A%2F%2Fearnme.club&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=979069994480664&sdkv=h.3.553.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=2159200472&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.553.0&sid=0A38C37D-F46B-499A-BFC9-68F9C04747CC&nel=0&eid=44733246%2C44748969%2C44765701%2C44777649&url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&dt=1674960863183&cookie_enabled=1&scor=409052946898218&ged=ve4_td1_tt1_pd1_la1000_er316.157.475.457_vi0.0.939.1268_vp100_ts0_eb24171
200 OK 17 kB URL HTTP/2 pubads.g.doubleclick.net/gampad/ads?iu=%2F21833905170%2C22663323296%2Fadsolut_0.6_MCM_earnme.club_video_DU&description_url=http%3A%2F%2Fearnme.club&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=979069994480664&sdkv=h.3.553.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=2159200472&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.553.0&sid=0A38C37D-F46B-499A-BFC9-68F9C04747CC&nel=0&eid=44733246%2C44748969%2C44765701%2C44777649&url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&dt=1674960863183&cookie_enabled=1&scor=409052946898218&ged=ve4_td1_tt1_pd1_la1000_er316.157.475.457_vi0.0.939.1268_vp100_ts0_eb24171
IP
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (21155)
Hash 0cce8dd02c6c78245089a9c5f8613594
e031889742f93e8b5273845aec19d27034246d83
3e01afd18cfb1eb92b0f124a7074f932ccd65009255a62fcf07e58250ccd873c
GET /gampad/ads?iu=%2F21833905170%2C22663323296%2Fadsolut_0.6_MCM_earnme.club_video_DU&description_url=http%3A%2F%2Fearnme.club&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=979069994480664&sdkv=h.3.553.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=445&ptt=20&adk=2159200472&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.553.0&sid=0A38C37D-F46B-499A-BFC9-68F9C04747CC&nel=0&eid=44733246%2C44748969%2C44765701%2C44777649&url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&dt=1674960863183&cookie_enabled=1&scor=409052946898218&ged=ve4_td1_tt1_pd1_la1000_er316.157.475.457_vi0.0.939.1268_vp100_ts0_eb24171 HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
google-lineitem-id: -1
google-creative-id: -1
date: Sun, 29 Jan 2023 02:54:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/xml; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 17391
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Jan-2023 03:09:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_n-LoopMe_n-onetag_n-MediaNet_an-db5_sovrn
302 Found 0 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_n-LoopMe_n-onetag_n-MediaNet_an-db5_sovrn
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_n-LoopMe_n-onetag_n-MediaNet_an-db5_sovrn HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Sun, 29 Jan 2023 02:54:18 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: EJ2TFCHT7PPGW7RCEE3P
Set-Cookie: ad-id=A-PE__edVUaLmpo1gD49wxU|t; Domain=.amazon-adsystem.com; Expires=Sun, 01-Oct-2023 02:54:18 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_n-LoopMe_n-onetag_n-MediaNet_an-db5_sovrn&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
match.adsrvr.org/track/cmf/generic?ttd_pid=neodata&ttd_tpi=1
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=neodata&ttd_tpi=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=neodata&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:18 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
cms.analytics.yahoo.com/cms?partner_id=NDATA&rt=img&rnd=1472942735431
302 Found 369 B URL HTTP/2 cms.analytics.yahoo.com/cms?partner_id=NDATA&rt=img&rnd=1472942735431
IP
ASN #34010 Yahoo! UK Services Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 79be2824051a018fe0720078ec40c0e5
83d3b11bd1949a27ba078f2f4acba699053c9fd4
d2b6dba894bacc6897b81b4234fcd6b0db383322a7ddf3d968249ea38328d52c
GET /cms?partner_id=NDATA&rt=img&rnd=1472942735431 HTTP/1.1
Host: cms.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 29 Jan 2023 02:54:18 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0110.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
cache-control: no-store
location: https://ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=1472942735431
content-type: text/html
content-language: en
set-cookie: A1=d=AQABBNrf1WMCEBhl-MV8vhl75gDEaSlrLBA&S=AQAAAhCdG71ooFNI9-31bx3HDo4; Expires=Mon, 29 Jan 2024 08:54:18 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=Lax; Secure; HttpOnly
A3=d=AQABBNrf1WMCEBhl-MV8vhl75gDEaSlrLBA&S=AQAAAhCdG71ooFNI9-31bx3HDo4; Expires=Mon, 29 Jan 2024 08:54:18 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
A1S=d=AQABBNrf1WMCEBhl-MV8vhl75gDEaSlrLBA&S=AQAAAhCdG71ooFNI9-31bx3HDo4&j=GDPR; Domain=.yahoo.com; Path=/; SameSite=Lax; Secure
B=10b3b55htbnuq&b=3&s=er; Expires=Mon, 29 Jan 2024 08:54:18 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/
content-length: 369
X-Firefox-Spdy: h2
aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_n-LoopMe_n-onetag_n-MediaNet_an-db5_sovrn&dcc=t
200 OK 64 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_n-LoopMe_n-onetag_n-MediaNet_an-db5_sovrn&dcc=t
IP
File type HTML document, ASCII text
Hash be99f9f8ced5e5eb1f9721d861712f89
4291ee98f7ce20471796ec89961abb1acb2af1d8
f17fe415b91a13ea86b93344389e18c996384323ca3c2f4267b18c96b8314a12
GET /s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_n-LoopMe_n-onetag_n-MediaNet_an-db5_sovrn&dcc=t HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Sun, 29 Jan 2023 02:54:18 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 64
Connection: keep-alive
x-amz-rid: N6SHE5250J1GCBZ54TK1
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
pixel.mathtag.com/sync/iframe?mt_uuid=809863d5-dfda-4a00-94a4-4c7916a9702f&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1472942735431&mt_exid=10082&source=mathtag
200 OK 965 B URL HTTP/1.1 pixel.mathtag.com/sync/iframe?mt_uuid=809863d5-dfda-4a00-94a4-4c7916a9702f&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1472942735431&mt_exid=10082&source=mathtag
IP
File type HTML document text\012- HTML document, ASCII text
Hash e5da0465308885412b01f8c1b6567a57
1f785a79082f468c9f351295ff32ff0936413ed4
d681982ea8d7fe2a1e38acb01449db935178651a2108b6bf6bbe8178bb2596d8
GET /sync/iframe?mt_uuid=809863d5-dfda-4a00-94a4-4c7916a9702f&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1472942735431&mt_exid=10082&source=mathtag HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master iad-pixel-x22 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sun, 29 Jan 2023 02:54:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 965
Date: Sun, 29 Jan 2023 02:54:18 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 278 B IP
Hash f39e2eab310911e9a01621527188214f
a1694ff943ec1278a38e7aa4349fd87d9e5e3681
3fd17551190475cb44742bb3b7e301babade1a6718caf99d21a4c082584553ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4817
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:18 GMT
Last-Modified: Sun, 29 Jan 2023 01:34:01 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 1a04a6090affb2a93ebda80a7f25893e
3d016d595fa330117c78e986f6fee615eb49b900
cbc6e249bf28e7a17df5f9c7d8c678b94a76429655ce3f8582f1a8edb1d3398a
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 29 Jan 2023 02:54:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 15041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 28 Jan 2023 23:34:25 GMT
Expires: Sun, 29 Jan 2023 23:34:25 GMT
ETag: "3d016d595fa330117c78e986f6fee615eb49b900"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
lb.eu-1-id5-sync.com/lb/v1
200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 01b25273ce6d8b9b18b34d06e7984ffe
033196ce58c97ecb204ef41d0e9cfefa7c8e890e
14a17a6068cee8b91f20efd0565ffb74b016b2bbc008a4eb49a9f43dba230e95
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 29 Jan 2023 02:54:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
track1.aniview.com/track?d=Firefox&cou=NO&cos=Windows&r=earnme.club&rs=earnme.club&sid=40675&t=1674960855&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=&d64=f4f183c7afd3b6e08aa77e89faad4c88&d63=f4f183c7afd3b6e08aa77e89faad4c88&aafaid=&proto=https&uid=1674960855702-978606551947-001146-004-001827&cha=0.7&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.76&cb=54138627991&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361
200 OK 0 B URL HTTP/2 track1.aniview.com/track?d=Firefox&cou=NO&cos=Windows&r=earnme.club&rs=earnme.club&sid=40675&t=1674960855&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=&d64=f4f183c7afd3b6e08aa77e89faad4c88&d63=f4f183c7afd3b6e08aa77e89faad4c88&aafaid=&proto=https&uid=1674960855702-978606551947-001146-004-001827&cha=0.7&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.76&cb=54138627991&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /track?d=Firefox&cou=NO&cos=Windows&r=earnme.club&rs=earnme.club&sid=40675&t=1674960855&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=&d64=f4f183c7afd3b6e08aa77e89faad4c88&d63=f4f183c7afd3b6e08aa77e89faad4c88&aafaid=&proto=https&uid=1674960855702-978606551947-001146-004-001827&cha=0.7&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.76&cb=54138627991&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361 HTTP/1.1
Host: track1.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 3631
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Cookie: aniC=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:18 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Ftracker.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DAPN%26eid%3D%24UID%26rt%3Dimg%26rnd%3D1472942735431
302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Ftracker.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DAPN%26eid%3D%24UID%26rt%3Dimg%26rnd%3D1472942735431
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Ftracker.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DAPN%26eid%3D%24UID%26rt%3Dimg%26rnd%3D1472942735431 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 02:54:18 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=0&rt=img&rnd=1472942735431
AN-X-Request-Uuid: 72a20bb5-33c4-4ed4-b2c5-5633a9861d6b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=479&sync=0&domain=earnme.club&url=https://earnme.club/airtel-starts-5g-trial/
200 OK 167 B URL HTTP/2 id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=479&sync=0&domain=earnme.club&url=https://earnme.club/airtel-starts-5g-trial/
IP
File type JSON data\012- , ASCII text
Hash f548416aa6cc7eefbf9933c41306136e
18a27ce6dd6ba433e80e6ed3f4b42eb51c513bfa
03ff203610b9ba7ec47306f6acf5c6ef1d9304a60687f4f22e86a04a7bd61ffc
GET /v1/hadron.json?_it=amazon&partner_id=479&sync=0&domain=earnme.club&url=https://earnme.club/airtel-starts-5g-trial/ HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:18 GMT
content-type: application/json
cache-control: public,max-age=30
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
vary: Origin
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 790eaeb229230b59-OSL
X-Firefox-Spdy: h2
bcp.crwdcntrl.net/6/map
200 OK 60 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 08e9422a98ca5678201515186ebe413e
bfba29ed34068c4ae8cda6e353cd2f2b821d0c2b
b56ec53067bd21fb768673c6be2759098348be0bd013721a5466b71e0561d7ba
POST /6/map HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 50
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:18 GMT
content-type: application/json;charset=utf-8
content-length: 60
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.16.17
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
lb.eu-1-id5-sync.com/lb/v1
200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 40b022554ef5923b634cebb13ba032bb
dfa943d5495752e3c5c6de624e35de292f6962e1
6aa27a1fe75a8017bd987ef49a57f7c4de5d0528eb6983163b85a040d25e900d
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 29 Jan 2023 02:54:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
200 OK 313 B IP
Hash 16079991629b5f277cf7fd803c583f4f
6526913d5033fc6262f3648a8aeb5c6875b19578
9732808d0b5e570381b2f610518abae0eb9de852f65952c5919a116fe3a20600
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3914
Cache-Control: max-age=146166
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:18 GMT
Etag: "63d56886-139"
Expires: Mon, 30 Jan 2023 19:30:24 GMT
Last-Modified: Sat, 28 Jan 2023 18:25:10 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
lbs.eu-1-id5-sync.com/lbs/v1
200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 2687d0ed62b15d07cb9b74b0a9df035c
9fb099150d2bba49972cb7658db3e8ec26d30f65
c683e4467f17746bcf5eac9c00048e27b874acf94357430516d2946b96e9b8b1
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 29 Jan 2023 02:54:18 GMT
access-control-allow-origin: https://earnme.club
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
200 OK 0 B URL HTTP/1.1 pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comp/img?mt_id=99&ns=xx&bcdv=0 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master ord-pixel-x53 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sun, 29 Jan 2023 02:54:17 GMT
Date: Sun, 29 Jan 2023 02:54:18 GMT
Connection: keep-alive
Set-Cookie: uuid=5b8e63d5-dfda-4a00-95f0-0f655ac4dbcc; domain=.mathtag.com; path=/; expires=Mon, 26-Feb-2024 02:54:18 GMT; SameSite=None; Secure
lbs.eu-1-id5-sync.com/lbs/v1
200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 6efc2e5c2bdec8ef399528ec229a52e4
3215940fbe98b55faaa0edb04c6842797668a085
14667d491c1a32c294b93e3f10363b271398526c428a404377ee9d184106f4a8
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 29 Jan 2023 02:54:18 GMT
access-control-allow-origin: https://earnme.club
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
200 OK 471 B IP
Hash b643015e7a91817c9be1f84884720383
a33027ba5ca88a9837faabf208f765411b175b1f
16805245da364a693269abf44d7862d35203feae0decb0cda3f18fc01d8a7af9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4959
Cache-Control: max-age=135644
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:18 GMT
Etag: "63d53b57-1d7"
Expires: Mon, 30 Jan 2023 16:35:02 GMT
Last-Modified: Sat, 28 Jan 2023 15:12:23 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=1472942735431
302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=1472942735431
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58681/cms?partner_id=NDATA&rt=img&rnd=1472942735431 HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 29 Jan 2023 02:54:18 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=1472942735431&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBNrf1WMCELXrKsV8MaeRxYU5h9Gkf1kFEgEBAQEx12PfYwAAAAAA_eMAAA&S=AQAAAg9fHhrPK21Lgj7shC04_9w; Expires=Mon, 29 Jan 2024 08:54:18 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
id5-sync.com/g/v2/1262.json
200 216 B URL HTTP/1.1 id5-sync.com/g/v2/1262.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 750485345ae1725fca8818a9f1f1b99b
789d529251d12ff9a59ed5ed607da825311cf0f9
bccd4499e35e4a09c756f61a29db4d34efc0579751cebb23b359f0d8a31404c9
POST /g/v2/1262.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 29 Jan 2023 02:54:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 622fef0135648b055d1691ae97508eff
535c21115ccc50934d06c70e153df6ae542f1b5c
a66508fe21cab04638a3988ee90babe52167f0399a5440e329cf397182c813b4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
id5-sync.com/g/v2/579.json
200 216 B URL HTTP/1.1 id5-sync.com/g/v2/579.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash b022b2a01c87a045c9a4114fa4f8989d
b91364b86c632d2987e1745dc0fa658ddac1f286
a569b65c9b2b07ec2410949211f70dc61d88a8023345caa14e261e1798e88eb0
POST /g/v2/579.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 488
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 29 Jan 2023 02:54:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
tpc.googlesyndication.com/sodar/sodar2.js
200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 29 Jan 2023 02:54:18 GMT
expires: Sun, 29 Jan 2023 02:54:18 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pixel.mathtag.com/misc/img?mop_seq=0:1&mt_cb=909232&mop_top=
200 OK 43 B URL HTTP/1.1 pixel.mathtag.com/misc/img?mop_seq=0:1&mt_cb=909232&mop_top=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /misc/img?mop_seq=0:1&mt_cb=909232&mop_top= HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=809863d5-dfda-4a00-94a4-4c7916a9702f&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1472942735431&mt_exid=10082&source=mathtag
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master iad-pixel-x5 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sun, 29 Jan 2023 02:54:17 GMT
Date: Sun, 29 Jan 2023 02:54:18 GMT
Connection: keep-alive
Set-Cookie: uuid=a30863d5-dfdb-4300-8707-44e47826a963; domain=.mathtag.com; path=/; expires=Mon, 26-Feb-2024 02:54:19 GMT; SameSite=None; Secure
mt_mop=; domain=.mathtag.com; path=/; expires=Tue, 28-Feb-2023 02:54:19 GMT; SameSite=None; Secure
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bc7c4f207ec97cacb1eedd94d2f6b371
5f0948a39435ace8bacc4ac5fb3df19045908e42
bfb24fe4a1cb45a068b0a6432b03c20d00ea178aabea23498f2d1f0273bf6e1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/7al4yaFK76Pd2Wz1nFtmR6H0vfarUyrbxKu8EjGBSDm9WffNpfCyC4bJzm3g9KXpBGgEfB4iqw=s48-c-k-c0x00ffffff-no-rj
200 OK 1.4 kB URL HTTP/2 yt3.ggpht.com/7al4yaFK76Pd2Wz1nFtmR6H0vfarUyrbxKu8EjGBSDm9WffNpfCyC4bJzm3g9KXpBGgEfB4iqw=s48-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash ccbef0e4955cc64ec7e92d8b3dca8c7f
3a423bcb8ee3a4db8ceae48381588bf6aaa989e6
4377a982eace4d770299678a8e3ca27d742cb2ce61e278a8fce6d1996840906e
GET /7al4yaFK76Pd2Wz1nFtmR6H0vfarUyrbxKu8EjGBSDm9WffNpfCyC4bJzm3g9KXpBGgEfB4iqw=s48-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1377
x-xss-protection: 0
date: Sun, 29 Jan 2023 02:34:03 GMT
expires: Sat, 28 Jan 2023 02:13:00 GMT
cache-control: public, max-age=86400, no-transform
age: 1215
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/interaction/?ai=CVxCW2d_VY9uMM5vv6gS2u6yADaHu1NNuocT1tPUQsJAfEAEgptz-dmDDhICAmBigAfHy_s8DyAEF4AIAqAMBmAQAqgSHAk_QopK_FJq92v5dcU8u742n-snZEDIT-WJZlTAU1ywCZt3pkCxE7V_DYscOxMlv83BNM-WPkmKiDxigGAqBsuHj1HoraREX9mWRuswQtFdu8kQouSejwBZBXNs-ofyhyA2h5lgrAhSPNjLXr2KPVEipi8D30dd9Jlnk-CA_PbGFoet5cqL9rRtdB3QsMdhmSOwNpDiRrg4J9lsiV5bSFOldz1YWJG7uLYHdHGFU_vQ2huy67ad5cYBZmmAu6QKEoIXjggcOgtd7hyDCtxFdFyvLsX3xVG1wuKkzju5e_fr3DrmbbxRdKan2qFQVWqoqJGKdVXEqtN93UQCg8HOXqjckI-oeQFkDwATokpPBiwTgBAGgBlSAB_eMgTCoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBIIiOGAEBABGB0yA6qCAToCgECaCRtodHRwczovL3VuYnJlYWthYmxlLmR1ZGEuY2-xCUwQ_1pZ2PCwgAoDyAsB0AsO4AsBuAwBmg0BDtgTDdAVAeIWAggB-BYBgBcB&sigh=lhocxRxJktc&label=show_ad&sdkv=h.3.553.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4MTI3MzczOTgwOTIMNjM1MjcyNTQ2NDg3QMECUiMQDyUAAAxCKAE6C2lCNDY1YUlxbW93Qglnb29nbGVhZHNQABgB
200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/interaction/?ai=CVxCW2d_VY9uMM5vv6gS2u6yADaHu1NNuocT1tPUQsJAfEAEgptz-dmDDhICAmBigAfHy_s8DyAEF4AIAqAMBmAQAqgSHAk_QopK_FJq92v5dcU8u742n-snZEDIT-WJZlTAU1ywCZt3pkCxE7V_DYscOxMlv83BNM-WPkmKiDxigGAqBsuHj1HoraREX9mWRuswQtFdu8kQouSejwBZBXNs-ofyhyA2h5lgrAhSPNjLXr2KPVEipi8D30dd9Jlnk-CA_PbGFoet5cqL9rRtdB3QsMdhmSOwNpDiRrg4J9lsiV5bSFOldz1YWJG7uLYHdHGFU_vQ2huy67ad5cYBZmmAu6QKEoIXjggcOgtd7hyDCtxFdFyvLsX3xVG1wuKkzju5e_fr3DrmbbxRdKan2qFQVWqoqJGKdVXEqtN93UQCg8HOXqjckI-oeQFkDwATokpPBiwTgBAGgBlSAB_eMgTCoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBIIiOGAEBABGB0yA6qCAToCgECaCRtodHRwczovL3VuYnJlYWthYmxlLmR1ZGEuY2-xCUwQ_1pZ2PCwgAoDyAsB0AsO4AsBuAwBmg0BDtgTDdAVAeIWAggB-BYBgBcB&sigh=lhocxRxJktc&label=show_ad&sdkv=h.3.553.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4MTI3MzczOTgwOTIMNjM1MjcyNTQ2NDg3QMECUiMQDyUAAAxCKAE6C2lCNDY1YUlxbW93Qglnb29nbGVhZHNQABgB
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/interaction/?ai=CVxCW2d_VY9uMM5vv6gS2u6yADaHu1NNuocT1tPUQsJAfEAEgptz-dmDDhICAmBigAfHy_s8DyAEF4AIAqAMBmAQAqgSHAk_QopK_FJq92v5dcU8u742n-snZEDIT-WJZlTAU1ywCZt3pkCxE7V_DYscOxMlv83BNM-WPkmKiDxigGAqBsuHj1HoraREX9mWRuswQtFdu8kQouSejwBZBXNs-ofyhyA2h5lgrAhSPNjLXr2KPVEipi8D30dd9Jlnk-CA_PbGFoet5cqL9rRtdB3QsMdhmSOwNpDiRrg4J9lsiV5bSFOldz1YWJG7uLYHdHGFU_vQ2huy67ad5cYBZmmAu6QKEoIXjggcOgtd7hyDCtxFdFyvLsX3xVG1wuKkzju5e_fr3DrmbbxRdKan2qFQVWqoqJGKdVXEqtN93UQCg8HOXqjckI-oeQFkDwATokpPBiwTgBAGgBlSAB_eMgTCoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBIIiOGAEBABGB0yA6qCAToCgECaCRtodHRwczovL3VuYnJlYWthYmxlLmR1ZGEuY2-xCUwQ_1pZ2PCwgAoDyAsB0AsO4AsBuAwBmg0BDtgTDdAVAeIWAggB-BYBgBcB&sigh=lhocxRxJktc&label=show_ad&sdkv=h.3.553.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDU4MTI3MzczOTgwOTIMNjM1MjcyNTQ2NDg3QMECUiMQDyUAAAxCKAE6C2lCNDY1YUlxbW93Qglnb29nbGVhZHNQABgB HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 02:54:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
access-control-allow-origin: *
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Jan-2023 03:09:18 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bc7c4f207ec97cacb1eedd94d2f6b371
5f0948a39435ace8bacc4ac5fb3df19045908e42
bfb24fe4a1cb45a068b0a6432b03c20d00ea178aabea23498f2d1f0273bf6e1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=479&sync=0&domain=earnme.club&url=https://earnme.club/airtel-starts-5g-trial/
200 OK 538 B URL HTTP/2 id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=479&sync=0&domain=earnme.club&url=https://earnme.club/airtel-starts-5g-trial/
IP
Hash 9285b4c1dbdec92ac2ea41e283c85e26
dca695333b2d67df8a62bee0245c0f47ec98cbe6
7d15f9bcb0cd87b936df5d8bcc88eadb68f4fde6f250044f904e05865ff46370
OPTIONS /v1/hadron.json?_it=amazon&partner_id=479&sync=0&domain=earnme.club&url=https://earnme.club/airtel-starts-5g-trial/ HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:17 GMT
content-type: application/json
cache-control: public,max-age=30
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
vary: Origin
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 790eaeb0d8e10b59-OSL
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 6ff908d9ed575f14d4ba420f6afeedd3
d7249ed3ee6edd7d354dccc1b1977082788afb4f
3d056f4d37269f0e0849d1e6ea26df7702def13150c16972c3b3eb0cf3f26b5c
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 29 Jan 2023 02:54:19 GMT
date: Sun, 29 Jan 2023 02:54:19 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-SBwk2e6AfVCbkr6BJLJAKg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=1472942735431&google_error=3
200 1 B URL HTTP/1.1 tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=1472942735431&google_error=3
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /cm?pv=dbm&sid=1&rt=img&rnd=1472942735431&google_error=3 HTTP/1.1
Host: tracker.neodatagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Cookie: cProfile=AQML9uTT8AWTAAAAAAAEAAABhhAL2fgAB2RlZmF1bHQ=; cP=ARMDC/bk0/AFkwAAAAABqfbu; tr=loCAwICAgdoANDMwYmY2ZTRkM2YwMDU5M183ZDVmYWM3ZS0wMjYxLTQ4YzQtODkyZi0yY2RmNWRiODNmZGHOY9Xf2g==; cOptout=0|yocToken:8_tV18l_nooTUHlvz01B6GumV4Y
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Sun, 29 Jan 2023 02:54:19 GMT
Content-Type: image/gif;charset=UTF-8
Content-Length: 1
Connection: keep-alive
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
Access-Control-Allow-Origin: *
Set-Cookie: cP=ARMDC/bk0/AFkwAAAAABqfbu; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 29 Jan 2024 02:54:19 GMT;
tr=loCAwIGjREJNAICB2gA0MzBiZjZlNGQzZjAwNTkzXzdkNWZhYzdlLTAyNjEtNDhjNC04OTJmLTJjZGY1ZGI4M2ZkYc5j1d/a; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 29 Jan 2024 02:54:19 GMT;
tr=loCAwIGjREJNzmPXMVuAgdoANDMwYmY2ZTRkM2YwMDU5M183ZDVmYWM3ZS0wMjYxLTQ4YzQtODkyZi0yY2RmNWRiODNmZGHOY9Xf2g==; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 29 Jan 2024 02:54:19 GMT;
ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=1472942735431&verify=true
204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58681/cms?partner_id=NDATA&rt=img&rnd=1472942735431&verify=true
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58681/cms?partner_id=NDATA&rt=img&rnd=1472942735431&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 29 Jan 2023 02:54:19 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBNvf1WMCEM6TwSGInidS4xBhfLB9aOkFEgEBAQEx12PfYwAAAAAA_eMAAA&S=AQAAAq6H5yKWUEJVXWkkFMO722s; Expires=Mon, 29 Jan 2024 08:54:19 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=0&rt=img&rnd=1472942735431
200 1 B URL HTTP/1.1 tracker.neodatagroup.com/cm?sid=1&pv=APN&eid=0&rt=img&rnd=1472942735431
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /cm?sid=1&pv=APN&eid=0&rt=img&rnd=1472942735431 HTTP/1.1
Host: tracker.neodatagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Cookie: cProfile=AQML9uTT8AWTAAAAAAAEAAABhhAL2fgAB2RlZmF1bHQ=; cP=ARMDC/bk0/AFkwAAAAABqfbu; tr=loCAwICAgdoANDMwYmY2ZTRkM2YwMDU5M183ZDVmYWM3ZS0wMjYxLTQ4YzQtODkyZi0yY2RmNWRiODNmZGHOY9Xf2g==; cOptout=0|yocToken:8_tV18l_nooTUHlvz01B6GumV4Y
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Sun, 29 Jan 2023 02:54:19 GMT
Content-Type: image/gif;charset=UTF-8
Content-Length: 1
Connection: keep-alive
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
Access-Control-Allow-Origin: *
Set-Cookie: cP=ARMDC/bk0/AFkwAAAAABqfbu; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 29 Jan 2024 02:54:19 GMT;
tr=loCAwIGjQVBOAICC2gA0MzBiZjZlNGQzZjAwNTkzXzdkNWZhYzdlLTAyNjEtNDhjNC04OTJmLTJjZGY1ZGI4M2ZkYc5j1d/asTMwYmY2ZTRkM2YwMDU5M18wzmPV39s=; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 29 Jan 2024 02:54:19 GMT;
tr=loCAwIGjQVBOAICC2gA0MzBiZjZlNGQzZjAwNTkzXzdkNWZhYzdlLTAyNjEtNDhjNC04OTJmLTJjZGY1ZGI4M2ZkYc5j1d/asTMwYmY2ZTRkM2YwMDU5M18wzmPV39s=; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 29 Jan 2024 02:54:19 GMT;
tr=loCAwIGjQVBOAICC2gA0MzBiZjZlNGQzZjAwNTkzXzdkNWZhYzdlLTAyNjEtNDhjNC04OTJmLTJjZGY1ZGI4M2ZkYc5j1d/asTMwYmY2ZTRkM2YwMDU5M18wzmPV39s=; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 29 Jan 2024 02:54:19 GMT;
tr=loCAwIGjQVBOzmPXMVuAgtoANDMwYmY2ZTRkM2YwMDU5M183ZDVmYWM3ZS0wMjYxLTQ4YzQtODkyZi0yY2RmNWRiODNmZGHOY9Xf2rEzMGJmNmU0ZDNmMDA1OTNfMM5j1d/b; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 29 Jan 2024 02:54:19 GMT;
csi.gstatic.com/csi?v=2&s=ima&puid=2~ldgsg9sz&c=2230896905045&slotId=1115448452522.5&qqid=CJvdxrfj6_wCFZu3mgodth0L0A&gqid=2d_VY4GcMcSV6wTZv4uwBw&fb=ima_html5-lima&sdkv=h.3.553.0&mrd=6&aab=0&itv=1&met.4=ghmsh_s.ldgsg9t6
204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=ima&puid=2~ldgsg9sz&c=2230896905045&slotId=1115448452522.5&qqid=CJvdxrfj6_wCFZu3mgodth0L0A&gqid=2d_VY4GcMcSV6wTZv4uwBw&fb=ima_html5-lima&sdkv=h.3.553.0&mrd=6&aab=0&itv=1&met.4=ghmsh_s.ldgsg9t6
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=2~ldgsg9sz&c=2230896905045&slotId=1115448452522.5&qqid=CJvdxrfj6_wCFZu3mgodth0L0A&gqid=2d_VY4GcMcSV6wTZv4uwBw&fb=ima_html5-lima&sdkv=h.3.553.0&mrd=6&aab=0&itv=1&met.4=ghmsh_s.ldgsg9t6 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Sun, 29 Jan 2023 02:54:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=ima&puid=1~ldgsg8ww&c=2230896905045&slotId=1115448452522.5&qqid=CJvdxrfj6_wCFZu3mgodth0L0A&gqid=2d_VY4GcMcSV6wTZv4uwBw&fb=ima_html5-lima&sdkv=h.3.553.0&mrd=6&aab=0&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44733246%2C44748969%2C44765701%2C44777649&met.4=ghmsh_s.ldgsg9q0~ghmsh_s.ldgsg9q4&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=CtWRAgW5ipiJdvuK
204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=ima&puid=1~ldgsg8ww&c=2230896905045&slotId=1115448452522.5&qqid=CJvdxrfj6_wCFZu3mgodth0L0A&gqid=2d_VY4GcMcSV6wTZv4uwBw&fb=ima_html5-lima&sdkv=h.3.553.0&mrd=6&aab=0&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44733246%2C44748969%2C44765701%2C44777649&met.4=ghmsh_s.ldgsg9q0~ghmsh_s.ldgsg9q4&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=CtWRAgW5ipiJdvuK
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=ima&puid=1~ldgsg8ww&c=2230896905045&slotId=1115448452522.5&qqid=CJvdxrfj6_wCFZu3mgodth0L0A&gqid=2d_VY4GcMcSV6wTZv4uwBw&fb=ima_html5-lima&sdkv=h.3.553.0&mrd=6&aab=0&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44733246%2C44748969%2C44765701%2C44777649&met.4=ghmsh_s.ldgsg9q0~ghmsh_s.ldgsg9q4&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=CtWRAgW5ipiJdvuK HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Sun, 29 Jan 2023 02:54:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 684f5cb5916f66d21a074674325ad19b
face881654edc5c4b3492b9e71a57df05b7074b6
1ce49c4affad983bbbccc831856d32861ef0909333382709c84fc851ebc6d9f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1674989657&ei=2d_VY_qLPJSSyAWErIOACQ&ip=91.90.42.154&id=881e3ae5a22a9a8c&itag=22&source=youtube&requiressl=yes&mh=fw&mm=31&mn=sn-capm-vnae&ms=au&mv=m&mvi=2&pl=21&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=35.665&lmt=1674768145197539&mt=1674960556&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgGJ0iDrZw3L7rTUWR269BKOLeze8r_UAgf-ROVibYnoICIBfr3kz2gl6qeq-16xqY5Fbo-VZoLGq2jlZdBSmw40VT&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPbXShZ2QiJOnBBBXDm-R3J3-TCi_b7HCjMmC-0DSkwoAiEAgBTM7jCDkp05N7GUd3k0a5gppBcR5z3PYmBBsqScEcc=&cpn=CtWRAgW5ipiJdvuK
206 Partial Content 1.8 MB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1674989657&ei=2d_VY_qLPJSSyAWErIOACQ&ip=91.90.42.154&id=881e3ae5a22a9a8c&itag=22&source=youtube&requiressl=yes&mh=fw&mm=31&mn=sn-capm-vnae&ms=au&mv=m&mvi=2&pl=21&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=35.665&lmt=1674768145197539&mt=1674960556&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgGJ0iDrZw3L7rTUWR269BKOLeze8r_UAgf-ROVibYnoICIBfr3kz2gl6qeq-16xqY5Fbo-VZoLGq2jlZdBSmw40VT&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPbXShZ2QiJOnBBBXDm-R3J3-TCi_b7HCjMmC-0DSkwoAiEAgBTM7jCDkp05N7GUd3k0a5gppBcR5z3PYmBBsqScEcc=&cpn=CtWRAgW5ipiJdvuK
IP
ASN #50304 Blix Solutions AS
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size 1.8 MB (1801093 bytes)
Hash b014d369b7589782dc9d5215d06d8dd6
73a223c9b7c3686f9e4bd58897297affa98e42f7
999e87984bc60f08e01a1b4850f9e491068564b4952a3aee9dc783c668a5078a
GET /videoplayback?expire=1674989657&ei=2d_VY_qLPJSSyAWErIOACQ&ip=91.90.42.154&id=881e3ae5a22a9a8c&itag=22&source=youtube&requiressl=yes&mh=fw&mm=31&mn=sn-capm-vnae&ms=au&mv=m&mvi=2&pl=21&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=35.665&lmt=1674768145197539&mt=1674960556&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgGJ0iDrZw3L7rTUWR269BKOLeze8r_UAgf-ROVibYnoICIBfr3kz2gl6qeq-16xqY5Fbo-VZoLGq2jlZdBSmw40VT&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPbXShZ2QiJOnBBBXDm-R3J3-TCi_b7HCjMmC-0DSkwoAiEAgBTM7jCDkp05N7GUd3k0a5gppBcR5z3PYmBBsqScEcc=&cpn=CtWRAgW5ipiJdvuK HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Last-Modified: Thu, 26 Jan 2023 21:22:25 GMT
Content-Type: video/mp4
Date: Sun, 29 Jan 2023 02:54:19 GMT
Expires: Sun, 29 Jan 2023 02:54:19 GMT
Cache-Control: private, max-age=28498
Content-Range: bytes 0-1801092/1801093
Accept-Ranges: bytes
Content-Length: 1801093
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 684f5cb5916f66d21a074674325ad19b
face881654edc5c4b3492b9e71a57df05b7074b6
1ce49c4affad983bbbccc831856d32861ef0909333382709c84fc851ebc6d9f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.prod.uidapi.com/uid2SecureSignal.js
200 OK 1.9 kB URL HTTP/1.1 cdn.prod.uidapi.com/uid2SecureSignal.js
IP
File type ASCII text, with very long lines (1859), with no line terminators
Hash aded621b17723f487b3c9d0e43cf2f94
90fbec381aa4a6ae2a2bb37eb082291432a1ab18
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
GET /uid2SecureSignal.js HTTP/1.1
Host: cdn.prod.uidapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1859
Connection: keep-alive
Date: Sat, 28 Jan 2023 04:07:48 GMT
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
ETag: "aded621b17723f487b3c9d0e43cf2f94"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 20sNuzzEWYXCfs_TThbW03AusgHeBtJ2JuTyfuqyXuUUuSZSHoFgIg==
Age: 81992
ocsp.pki.goog/s/gts1d4/U9Z1AR6Ft-g
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/U9Z1AR6Ft-g
IP
Hash fe0db92823624dfc3b4cb2b8329c5ab2
deb14232325bb9560608bedb77abdb6f6081f0ed
4e9420da593c65b953a7c36cd756dffa51595bb2466ee7be41aff4180bd7fdf4
POST /s/gts1d4/U9Z1AR6Ft-g HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash efada10d2d3b1c0348542f4385bb0125
f7a73a926024caff1886422c930c6816192293d6
109aa85aa5895922a8c042bee431609d2c514ee08547cc0f4cbd96de9060b04f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oa.openxcdn.net/esp.js
200 OK 7.9 kB IP
File type ASCII text, with very long lines (24615), with no line terminators
Hash df5542b88bc0e368c6999754a5b9e2ba
54f17142faeb7c882fee3bf67d537733e75e43ae
b82da9703a35c5436f9e47711f5b95d5357f02d590cb39dba99355b9b073561f
GET /esp.js HTTP/1.1
Host: oa.openxcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvwMGFffHYQy8sTedcRnmfr30vomrx37NAP7bZvkKaQgR0ioehNSqlXKXkSFNMXK3psRf9hnClXiAB1o-nr_AZlPA
x-goog-generation: 1622140251693895
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 7927
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 7927
server: UploadServer
date: Wed, 18 Jan 2023 06:43:33 GMT
expires: Thu, 18 Jan 2024 06:43:33 GMT
cache-control: no-transform
last-modified: Thu, 27 May 2021 18:30:51 GMT
etag: "df5542b88bc0e368c6999754a5b9e2ba"
content-type: application/javascript
age: 936646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash efada10d2d3b1c0348542f4385bb0125
f7a73a926024caff1886422c930c6816192293d6
109aa85aa5895922a8c042bee431609d2c514ee08547cc0f4cbd96de9060b04f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash efada10d2d3b1c0348542f4385bb0125
f7a73a926024caff1886422c930c6816192293d6
109aa85aa5895922a8c042bee431609d2c514ee08547cc0f4cbd96de9060b04f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash efada10d2d3b1c0348542f4385bb0125
f7a73a926024caff1886422c930c6816192293d6
109aa85aa5895922a8c042bee431609d2c514ee08547cc0f4cbd96de9060b04f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012301112346000/amp4ads-v0.mjs
200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/amp4ads-v0.mjs
IP
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash 27cf438fb43d91ae188ec660779545d6
8b9a4cafe884163806af638d24d38b3d3ebc9a4b
fbad1bda779d108b137b7ef98564a9538f866d3c20208c5c3f59f30be33e43ad
GET /rtv/012301112346000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61771
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:05 GMT
expires: Tue, 23 Jan 2024 18:11:05 GMT
cache-control: public, max-age=31536000
etag: "004684fcaffa7679"
content-type: text/javascript; charset=UTF-8
age: 463394
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301112346000/v0/amp-form-0.1.mjs
200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-form-0.1.mjs
IP
File type Unicode text, UTF-8 text, with very long lines (41068)
Hash dac0049d10fef1c315153ac07254ffda
6282a0a8727d76cb0fe8267c7f1aac6646302ebc
e7d78a90fc0d890bd6da55f94658d31a587cca0247d81364b7a39a7f142772d1
GET /rtv/012301112346000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12955
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:08 GMT
expires: Tue, 23 Jan 2024 18:11:08 GMT
cache-control: public, max-age=31536000
etag: "ba03cd6134fdf15c"
content-type: text/javascript; charset=UTF-8
age: 463391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301112346000/v0/amp-analytics-0.1.mjs
200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-analytics-0.1.mjs
IP
File type ASCII text, with very long lines (65534)
Hash 7c4e76629bf5f57043e927954d19a19d
a144b16ad4d7168628eaed4f4b26e00a8f4364e3
310354d1c8f1db61fdfb182e107c8eb8a2e7986d1f4e95a2664df2cbdc1f7ccf
GET /rtv/012301112346000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28839
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:05 GMT
expires: Tue, 23 Jan 2024 18:11:05 GMT
cache-control: public, max-age=31536000
etag: "22d781f17bba60c1"
content-type: text/javascript; charset=UTF-8
age: 463394
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301112346000/v0/amp-ad-exit-0.1.mjs
200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-ad-exit-0.1.mjs
IP
File type ASCII text, with very long lines (14751)
Hash 8d4f7148a157a31d69df198119f15f6c
869d2edb3409f82d8da8690b3b6c7c4212466bf1
9e17a0f37428d7db29cea9973f978d4716aaa7581c2480e9c337efcc84def4bf
GET /rtv/012301112346000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5217
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:05 GMT
expires: Tue, 23 Jan 2024 18:11:05 GMT
cache-control: public, max-age=31536000
etag: "cee5c64b71634b65"
content-type: text/javascript; charset=UTF-8
age: 463394
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301112346000/v0/amp-fit-text-0.1.mjs
200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-fit-text-0.1.mjs
IP
File type ASCII text, with very long lines (5021)
Hash 7fe5c160dceb250b352d5e11b7586036
0903f40a74a5805f6391a371509369de8e2e1c50
eaec033417fdbf02ec62fc0bf45d0bee3538e3e1722660a312cbe3e4dd60068f
GET /rtv/012301112346000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1907
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:08 GMT
expires: Tue, 23 Jan 2024 18:11:08 GMT
cache-control: public, max-age=31536000
etag: "5788572ff662ddbc"
content-type: text/javascript; charset=UTF-8
age: 463391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/vFK9qEKFQSs
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/vFK9qEKFQSs
IP
Hash 5836a772775fdc2c8863bfa3031b962b
322804367519bdecdc6e3649d453ac3d6b2e75a2
ea7c91d88d1692038c9a4dbfccba6546c9a88ae0f760638aa74cc518a8ede92d
POST /s/gts1d4/vFK9qEKFQSs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
200 OK 1.3 kB URL HTTP/2 invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
IP
File type ASCII text, with very long lines (1178)
Hash f5bc066f146e3dbb049aa6c86c7012e6
efa97d857c263b3b3672e2ffa630af6e2625d84b
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
GET /encrypted-signals/encrypted-tag-g.js HTTP/1.1
Host: invstatic101.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtluU889h1tQJysbs59Vv7U-fL1VWrlkDlDW2zjg2m1tAQIhpBB4Rc8LBfKUYGRLcAO2NmxliuPBm24YhJgb1DiLJXy15ig
vary: X-Goog-Allowed-Resources
x-goog-generation: 1659113709880056
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1258
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1258
server: UploadServer
via: 1.1 google
date: Sun, 29 Jan 2023 01:56:03 GMT
expires: Sun, 29 Jan 2023 02:56:03 GMT
cache-control: public, max-age=3600
age: 3496
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash efada10d2d3b1c0348542f4385bb0125
f7a73a926024caff1886422c930c6816192293d6
109aa85aa5895922a8c042bee431609d2c514ee08547cc0f4cbd96de9060b04f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/U9Z1AR6Ft-g
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/U9Z1AR6Ft-g
IP
Hash fe0db92823624dfc3b4cb2b8329c5ab2
deb14232325bb9560608bedb77abdb6f6081f0ed
4e9420da593c65b953a7c36cd756dffa51595bb2466ee7be41aff4180bd7fdf4
POST /s/gts1d4/U9Z1AR6Ft-g HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/vFK9qEKFQSs
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/vFK9qEKFQSs
IP
Hash 5836a772775fdc2c8863bfa3031b962b
322804367519bdecdc6e3649d453ac3d6b2e75a2
ea7c91d88d1692038c9a4dbfccba6546c9a88ae0f760638aa74cc518a8ede92d
POST /s/gts1d4/vFK9qEKFQSs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/xn041pq5aCQ
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/xn041pq5aCQ
IP
Hash c1e374160b702cde2336c6147e620ef1
ff65b9416dd7acc9eabf2e6e05529df69c4ec373
a58c417edfb2322096c541662d8291d3c07f353db76eb5b5f7953dd647c6c9c2
POST /s/gts1d4/xn041pq5aCQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:20 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/xn041pq5aCQ
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/xn041pq5aCQ
IP
Hash c1e374160b702cde2336c6147e620ef1
ff65b9416dd7acc9eabf2e6e05529df69c4ec373
a58c417edfb2322096c541662d8291d3c07f353db76eb5b5f7953dd647c6c9c2
POST /s/gts1d4/xn041pq5aCQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:20 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.criteo.net/js/ld/publishertag.ids.js
200 OK 13 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.ids.js
IP
Hash 06e5c21d059a16a386702c28989365c0
c429aad1a740799e734f20ae8572b6bd84c4307a
4258974055366354508bb9dec299291ee57e605966ba2587bb000ba11f97433a
GET /js/ld/publishertag.ids.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 02:54:19 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
etag: W/"63c74972-9c1f"
expires: Mon, 30 Jan 2023 02:54:19 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
esp.rtbhouse.com/encrypt
200 OK 265 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash f6577504d03bde56bf52dd8865e991e2
5cc0c713b288928c3c2afdec876214d519561f52
2fa03bfe4031d775e85af9ad54f0d6271c48046174060d4addcb73048268a931
POST /encrypt HTTP/1.1
Host: esp.rtbhouse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Content-Type: application/json
Origin: https://earnme.club
Content-Length: 202
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-cloud-trace-context: df5e55c43742d55a44ce1ee153c05cf8
date: Sun, 29 Jan 2023 02:54:20 GMT
server: Google Frontend
content-length: 265
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
id5-sync.com/api/esp/increment?counter=no-config
204 0 B URL HTTP/1.1 id5-sync.com/api/esp/increment?counter=no-config
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/esp/increment?counter=no-config HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
date: Sun, 29 Jan 2023 02:54:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.pki.goog/s/gts1d4/xn041pq5aCQ
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/xn041pq5aCQ
IP
Hash c1e374160b702cde2336c6147e620ef1
ff65b9416dd7acc9eabf2e6e05529df69c4ec373
a58c417edfb2322096c541662d8291d3c07f353db76eb5b5f7953dd647c6c9c2
POST /s/gts1d4/xn041pq5aCQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:20 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bcp.crwdcntrl.net/6/map
200 OK 60 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 49320d8ea2735e967ddfbe10208a3bec
8d0702d97f3d8eb8ef19570da5c5794134b90a95
608501d93ff19ac46c8e546b810fb18f14901e2d83391cd537c9bf3e778a5d1a
POST /6/map HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 50
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:20 GMT
content-type: application/json;charset=utf-8
content-length: 60
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.7.207
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
oajs.openx.net/esp?url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&rid=esp
200 OK 2 B URL HTTP/2 oajs.openx.net/esp?url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&rid=esp
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /esp?url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&rid=esp HTTP/1.1
Host: oajs.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: https://earnme.club
vary: Origin
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 2
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
date: Sun, 29 Jan 2023 02:54:20 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tra.neodatagroup.com/cm?sid=1&pv=MEDIAMATH&eid=809863d5-dfda-4a00-94a4-4c7916a9702f&rt=img&rnd=1472942735431
200 1 B URL HTTP/1.1 tra.neodatagroup.com/cm?sid=1&pv=MEDIAMATH&eid=809863d5-dfda-4a00-94a4-4c7916a9702f&rt=img&rnd=1472942735431
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /cm?sid=1&pv=MEDIAMATH&eid=809863d5-dfda-4a00-94a4-4c7916a9702f&rt=img&rnd=1472942735431 HTTP/1.1
Host: tra.neodatagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pixel.mathtag.com/
Cookie: cProfile=AQML9uTT8AWTAAAAAAAEAAABhhAL2fgAB2RlZmF1bHQ=; cP=ARMDC/bk0/AFkwAAAAABqfbu; tr=loCAwIGjQVBOzmPXMVuAgtoANDMwYmY2ZTRkM2YwMDU5M183ZDVmYWM3ZS0wMjYxLTQ4YzQtODkyZi0yY2RmNWRiODNmZGHOY9Xf2rEzMGJmNmU0ZDNmMDA1OTNfMM5j1d/b; cOptout=0|yocToken:8_tV18l_nooTUHlvz01B6GumV4Y
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Sun, 29 Jan 2023 02:54:20 GMT
Content-Type: image/gif;charset=UTF-8
Content-Length: 1
Connection: keep-alive
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
Access-Control-Allow-Origin: *
Set-Cookie: cP=ARMDC/bk0/AFkwAAAAABqfbu; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 29 Jan 2024 02:54:20 GMT;
tr=loCAwIKjQVBOzmPXMVupTUVESUFNQVRIAICD2gA0MzBiZjZlNGQzZjAwNTkzXzdkNWZhYzdlLTAyNjEtNDhjNC04OTJmLTJjZGY1ZGI4M2ZkYc5j1d/a2gA0MzBiZjZlNGQzZjAwNTkzXzgwOTg2M2Q1LWRmZGEtNGEwMC05NGE0LTRjNzkxNmE5NzAyZs5j1d/csTMwYmY2ZTRkM2YwMDU5M18wzmPV39s=; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 29 Jan 2024 02:54:20 GMT;
tr=loCAwIKjQVBOzmPXMVupTUVESUFNQVRIAICD2gA0MzBiZjZlNGQzZjAwNTkzXzdkNWZhYzdlLTAyNjEtNDhjNC04OTJmLTJjZGY1ZGI4M2ZkYc5j1d/a2gA0MzBiZjZlNGQzZjAwNTkzXzgwOTg2M2Q1LWRmZGEtNGEwMC05NGE0LTRjNzkxNmE5NzAyZs5j1d/csTMwYmY2ZTRkM2YwMDU5M18wzmPV39s=; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 29 Jan 2024 02:54:20 GMT;
tr=loCAwIKjQVBOzmPXMVupTUVESUFNQVRIAICD2gA0MzBiZjZlNGQzZjAwNTkzXzdkNWZhYzdlLTAyNjEtNDhjNC04OTJmLTJjZGY1ZGI4M2ZkYc5j1d/a2gA0MzBiZjZlNGQzZjAwNTkzXzgwOTg2M2Q1LWRmZGEtNGEwMC05NGE0LTRjNzkxNmE5NzAyZs5j1d/csTMwYmY2ZTRkM2YwMDU5M18wzmPV39s=; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 29 Jan 2024 02:54:20 GMT;
tr=loCAwIKjQVBOzmPXMVupTUVESUFNQVRIzmPXMVyAg9oANDMwYmY2ZTRkM2YwMDU5M183ZDVmYWM3ZS0wMjYxLTQ4YzQtODkyZi0yY2RmNWRiODNmZGHOY9Xf2toANDMwYmY2ZTRkM2YwMDU5M184MDk4NjNkNS1kZmRhLTRhMDAtOTRhNC00Yzc5MTZhOTcwMmbOY9Xf3LEzMGJmNmU0ZDNmMDA1OTNfMM5j1d/b; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 29 Jan 2024 02:54:20 GMT;
pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
200 OK 0 B URL HTTP/1.1 pixel.mathtag.com/comp/img?mt_id=99&ns=xx&bcdv=0
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /comp/img?mt_id=99&ns=xx&bcdv=0 HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=809863d5-dfda-4a00-94a4-4c7916a9702f&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1472942735431&mt_exid=10082&source=mathtag
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 0
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master iad-pixel-x32 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sun, 29 Jan 2023 02:54:19 GMT
Date: Sun, 29 Jan 2023 02:54:20 GMT
Connection: keep-alive
Set-Cookie: uuid=c95063d5-dfdd-4700-8c75-6dc199977a93; domain=.mathtag.com; path=/; expires=Mon, 26-Feb-2024 02:54:21 GMT; SameSite=None; Secure
pixel.mathtag.com/misc/img?mop_seq=1:1&mt_cb=275072&check=809863d5-dfda-4a00-94a4-4c7916a9702f&mop_top=
200 OK 43 B URL HTTP/1.1 pixel.mathtag.com/misc/img?mop_seq=1:1&mt_cb=275072&check=809863d5-dfda-4a00-94a4-4c7916a9702f&mop_top=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /misc/img?mop_seq=1:1&mt_cb=275072&check=809863d5-dfda-4a00-94a4-4c7916a9702f&mop_top= HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=809863d5-dfda-4a00-94a4-4c7916a9702f&no_iframe=1&exsync=https%3A%2F%2Ftra.neodatagroup.com%2Fcm%3Fsid%3D1%26pv%3DMEDIAMATH%26eid%3D%5BMM_UUID%5D%26rt%3Dimg%26rnd%3D1472942735431&mt_exid=10082&source=mathtag
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Access-Control-Allow-Origin: *
Server: MT3 404 ce67235 master iad-pixel-x23 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sun, 29 Jan 2023 02:54:19 GMT
Date: Sun, 29 Jan 2023 02:54:20 GMT
Connection: keep-alive
Set-Cookie: uuid=961d63d5-dfdd-4500-9b29-b18106814386; domain=.mathtag.com; path=/; expires=Mon, 26-Feb-2024 02:54:21 GMT; SameSite=None; Secure
mt_mop=; domain=.mathtag.com; path=/; expires=Tue, 28-Feb-2023 02:54:21 GMT; SameSite=None; Secure
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earnme.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 13:09:06 GMT
expires: Wed, 24 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 395114
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earnme.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 285626
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earnme.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 14:34:21 GMT
expires: Fri, 26 Jan 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 217199
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash da40ebc1ae6d3de86e13abca47ba2bbf
57807e65ab95c8019b2c319ffb6f1bffa25f593f
1c03e955299e72ea55b9e3318b9f4b29004b8222e9ae8a9cedabbd177146db5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6398
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:21 GMT
Last-Modified: Sun, 29 Jan 2023 01:07:43 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
200 OK 314 B IP
Hash da40ebc1ae6d3de86e13abca47ba2bbf
57807e65ab95c8019b2c319ffb6f1bffa25f593f
1c03e955299e72ea55b9e3318b9f4b29004b8222e9ae8a9cedabbd177146db5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6398
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 02:54:21 GMT
Last-Modified: Sun, 29 Jan 2023 01:07:43 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 314
www.youronlinechoices.com/wp-content/plugins/optout/callback/?status=nocookie&token=8_tV18l_nooTUHlvz01B6GumV4Y
200 OK 811 B URL HTTP/2 www.youronlinechoices.com/wp-content/plugins/optout/callback/?status=nocookie&token=8_tV18l_nooTUHlvz01B6GumV4Y
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document, ASCII text
Hash e87e7579bc0c1cfe1adf66e247060f5d
593852d8b761df535170e7be76e0d572d78997bc
ac428e3e258ef6b3750f2bdd44ee6b70226c08f6cda784230b6637d18e1d2827
GET /wp-content/plugins/optout/callback/?status=nocookie&token=8_tV18l_nooTUHlvz01B6GumV4Y HTTP/1.1
Host: www.youronlinechoices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx-rc
date: Sun, 29 Jan 2023 02:54:18 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=631138519; includeSubDomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1;, 1; mode=block
x-content-type-options: nosniff, nosniff
content-encoding: br
X-Firefox-Spdy: h2
cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182811&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gMbdytxiGHN0qbGlomiNP0&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396449270&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=941132557856&turl=https://earnme.club/&DVP_PP_BUNDLE_ID=
200 OK 1.9 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182811&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gMbdytxiGHN0qbGlomiNP0&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396449270&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=941132557856&turl=https://earnme.club/&DVP_PP_BUNDLE_ID=
IP
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text, with very long lines (536)
Hash 87b6182d03ee779aa68e37632f67656e
fac511e36df5215ae95ad7d03c4984e5ffcb7f6e
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
GET /dvbs_src.js?ctx=1828362&cmp=115750&plc=5182811&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gMbdytxiGHN0qbGlomiNP0&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396449270&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=941132557856&turl=https://earnme.club/&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://046fcae78617becce7dbb5625f09d892.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-GUploader-UploadID: ADPycds6p1jm1dM37ZrGE7degj1PHtVHSCOhkWg3tNxtDa8jls04Qf_pWilJX59SK2PF90mCXMWOvLDiSS4yJ4B9Ex0-uw
Cache-Control: max-age=86400
Expires: Wed, 18 Jan 2023 15:48:02 GMT
Last-Modified: Tue, 10 Jan 2023 11:02:09 GMT
ETag: "87b6182d03ee779aa68e37632f67656e"
x-goog-generation: 1673348529482061
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1922
x-goog-meta-pipeline-id: 742670731
x-goog-meta-previous-generation-number: 1673253614982549
Content-Type: application/javascript
x-goog-hash: crc32c=lOOx4w==, md5=h7YYLQPud5qmjjdjL2dlbg==
x-goog-storage-class: STANDARD
Accept-Ranges: bytes
Content-Length: 1922
Server: UploadServer
Date: Sun, 29 Jan 2023 02:54:21 GMT
Connection: keep-alive
cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gMbdytxiGHN0qbGlomiNP0&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396449270&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=941132557856&turl=https://earnme.club/&DVP_PP_BUNDLE_ID=
200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gMbdytxiGHN0qbGlomiNP0&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396449270&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=941132557856&turl=https://earnme.club/&DVP_PP_BUNDLE_ID=
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (8016)
Hash c130b6fbb443e8aedc3088d6e002cb18
993b47a1da2bfb78ef33b7fce7d2a8ef034033da
b37b66a9b9a7b0f362460c1efb62f50e14052b9f374654a94d85b4261e7111a4
GET /dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gMbdytxiGHN0qbGlomiNP0&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170491623&DVP_DBM_4=396449270&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=941132557856&turl=https://earnme.club/&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://046fcae78617becce7dbb5625f09d892.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 24 Jan 2023 16:47:29 GMT
Accept-Ranges: bytes
ETag: "80a6ac8b1330d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3337
Date: Sun, 29 Jan 2023 02:54:21 GMT
Connection: keep-alive
gem.gbc.criteo.com/newidsd
200 OK 4.8 kB URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (15783), with no line terminators
Hash aae5cfb07d0fff953189050e257cdcdb
1e5cc496c96568edf4861d48080357ae679d0486
70e76f7362fcb238ddc85b5fa519b59746d78b327e5619038925573cde0ea650
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:20 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 120868
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
200 OK 666 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP
File type JSON data\012- , ASCII text
Hash 6f039f8666f20f5ab6d3e65f8d05a557
8028e0b482a94247715b6bf3ae2e4da15233c03e
28d9d6e07a72c568a5513f3e9d8bfcaee6939025ca0b9bc046522fb6a8cdc3fd
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:21 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 119306
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=FirefoxSyncframe&so=3&topUrl=earnme.club&bundle=NyiOtl80Q3BPTVljUjVzZE5nWEkzJTJGJTJCaG1DRzVPdFZsOFV2T3YwJTJGekZwTmhOaFQxVG5tQ3c5U0J4SjgyeWE0VDNyNDBxYyUyRlM1VXZlZFhqTzY0azElMkZBRjdCOFFITHRtWUoxNllDR1dzbmpMelJiQmpPNjQ1T1hCdVlVY2JmOFNYUkN0SW4&info=-7GghF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czM0cjlhcFpMcG5aMzl6M3RWc0FoZTRCYkZ4NjI1ejdxWDROU2Jxbjg5JTJCZQ&idsd=691011201,1271854641&cw=1&lsw=1
200 OK 14 kB URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=earnme.club&sn=FirefoxSyncframe&so=3&topUrl=earnme.club&bundle=NyiOtl80Q3BPTVljUjVzZE5nWEkzJTJGJTJCaG1DRzVPdFZsOFV2T3YwJTJGekZwTmhOaFQxVG5tQ3c5U0J4SjgyeWE0VDNyNDBxYyUyRlM1VXZlZFhqTzY0azElMkZBRjdCOFFITHRtWUoxNllDR1dzbmpMelJiQmpPNjQ1T1hCdVlVY2JmOFNYUkN0SW4&info=-7GghF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czM0cjlhcFpMcG5aMzl6M3RWc0FoZTRCYkZ4NjI1ejdxWDROU2Jxbjg5JTJCZQ&idsd=691011201,1271854641&cw=1&lsw=1
IP
File type JSON data\012- C++ source, ASCII text, with very long lines (1688)
Hash 443e6ab72c20afc0375d7c2dc2dea8da
4bf0edd0ae1357459d5c72643575559d0521864c
086adc2f64f96dc1bf5750e5241f1ebb7758f7fab1d3204c438076dca7e1e4f9
GET /sid/json?origin=publishertag&domain=earnme.club&sn=FirefoxSyncframe&so=3&topUrl=earnme.club&bundle=NyiOtl80Q3BPTVljUjVzZE5nWEkzJTJGJTJCaG1DRzVPdFZsOFV2T3YwJTJGekZwTmhOaFQxVG5tQ3c5U0J4SjgyeWE0VDNyNDBxYyUyRlM1VXZlZFhqTzY0azElMkZBRjdCOFFITHRtWUoxNllDR1dzbmpMelJiQmpPNjQ1T1hCdVlVY2JmOFNYUkN0SW4&info=-7GghF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czM0cjlhcFpMcG5aMzl6M3RWc0FoZTRCYkZ4NjI1ejdxWDROU2Jxbjg5JTJCZQ&idsd=691011201,1271854641&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:21 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 976315
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
200 OK 205 B URL HTTP/2 www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
IP
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 4087858e2c9db9aa8f6a840aedcfb533
d1ffe861da6bd0e95fd1a365b0c3d3ceb6cd58a3
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
GET /images/icons/material/system/2x/feedback_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://046fcae78617becce7dbb5625f09d892.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 06:50:06 GMT
expires: Sun, 28 Jan 2024 06:50:06 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 72255
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
200 OK 604 B URL HTTP/2 www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
IP
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 7bd42e5a35b5fb3ff852d6ea9191ca83
8a141eb392a05a2dea3dcd83b97940ef70a81ebc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
GET /images/icons/material/system/2x/settings_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://046fcae78617becce7dbb5625f09d892.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 13:30:57 GMT
expires: Thu, 25 Jan 2024 13:30:57 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 307404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
b.sharethrough.com/butler?type=s2s-win&arid=9308aa78-2615-4aca-9989-53917d74dea3
200 OK 95 B URL HTTP/2 b.sharethrough.com/butler?type=s2s-win&arid=9308aa78-2615-4aca-9989-53917d74dea3
IP
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /butler?type=s2s-win&arid=9308aa78-2615-4aca-9989-53917d74dea3 HTTP/1.1
Host: b.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://046fcae78617becce7dbb5625f09d892.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 95
last-modified: Mon, 21 Nov 2022 23:10:09 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 28 Jan 2023 10:21:02 GMT
etag: "71a50dbba44c78128b221b7df7bb51f1"
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: F4b8r5gEg0tE90vxttAoCOO4fforWJkNTCgmkvJ5-XoUYmCHfjoWsQ==
age: 59601
X-Firefox-Spdy: h2
cdn.doubleverify.com/dvbs_src_internal117.js
200 OK 19 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src_internal117.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2636), with CRLF, LF line terminators
Hash cf93b15de9d1c76c1bc6fdaee5382496
26e52f0a242bff375cc54d8d33a1a416d89e2813
c290ae68279e0685c13650d1534a0cd86997420399bb67288046e61b13defb53
GET /dvbs_src_internal117.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://046fcae78617becce7dbb5625f09d892.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080000
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Accept-Ranges: bytes
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 18840
Date: Sun, 29 Jan 2023 02:54:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ff5857c-39d4-4978-9668-8754096c365b.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ff5857c-39d4-4978-9668-8754096c365b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17da02bed84fa533c12b4e833f54ec69
e0862b84c3b449722536d8c7d1373af6ad32b7c5
742b05f0d88b86d1890bca55d3cbbd4a746546ab969b866bc4f69f4e2bc8ae38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ff5857c-39d4-4978-9668-8754096c365b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8995
x-amzn-requestid: 136f34c6-7348-4543-811e-4ecfd8ee8f5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSRqKGhKoAMFjQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0c974-7e3f6da23d02323a5c8d86c9;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:17:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uHooyYgYAw370dVKj8BIZUbq9012nnwKsT6cyRAMD1yNWrc8PFuhHA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 15:59:17 GMT
age: 39305
etag: "e0862b84c3b449722536d8c7d1373af6ad32b7c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
native.sharethrough.com/assets/sfp.js
200 OK 0 B URL HTTP/2 native.sharethrough.com/assets/sfp.js
IP
GET /assets/sfp.js HTTP/1.1
Host: native.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://046fcae78617becce7dbb5625f09d892.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 20:14:49 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 01:58:47 GMT
cache-control: public, max-age=3600
expires: Thu, 26 Jan 2023 21:14:48 GMT
etag: W/"c0e178ccd0b8142062f28ed252fba17c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: adQTWLkxkn8gvFHXd3PJOTuHcuye2GFXeLLhjNsAs9WWsBzI3o9KMg==
age: 3336
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
IP
GET /syncframe?origin=publishertag&topUrl=earnme.club HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:17 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=f42c99ca-b24d-41cc-8f04-e802b64a015c; expires=Fri, 23 Feb 2024 02:54:18 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 650625
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
earnme.club/airtel-starts-5g-trial/
200 OK 0 B URL HTTP/2 earnme.club/airtel-starts-5g-trial/
IP
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Malware
GET /airtel-starts-5g-trial/ HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
x-pingback: https://earnme.club/xmlrpc.php
link: <https://earnme.club/wp-json/>; rel="https://api.w.org/", <https://earnme.club/wp-json/wp/v2/posts/247>; rel="alternate"; type="application/json", <https://earnme.club/?p=247>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 02:54:14 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
c.amazon-adsystem.com/aax2/apstag.js
200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 29 Jan 2023 02:24:37 GMT
last-modified: Wed, 25 Jan 2023 21:28:25 GMT
etag: W/"8a6d0f2d51de2b80e524e04684f71215"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront), 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-P1
x-amz-cf-id: rRGmWXft6lNkdct1dQMogF7UUZwEEGewv-1mz_1n2xsFGijtMX0a6A==
age: 1779
X-Firefox-Spdy: h2
tags.crwdcntrl.net/lt/c/16576/sync.min.js
200 OK 0 B URL HTTP/2 tags.crwdcntrl.net/lt/c/16576/sync.min.js
IP
GET /lt/c/16576/sync.min.js HTTP/1.1
Host: tags.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
date: Sat, 28 Jan 2023 15:35:23 GMT
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
x-amz-server-side-encryption: AES256
cache-control: max-age: 86400
server: AmazonS3
content-encoding: gzip
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9jWNlNUWcImrZDhEbKqLMuzHnWi1PSON8o1wyJFWsMX3Y6ggF4arzA==
age: 40735
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 02:54:18 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
etag: W/"63c74972-162fb"
expires: Mon, 30 Jan 2023 02:54:18 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/esp.js
200 OK 0 B URL HTTP/2 cdn.id5-sync.com/api/1.0/esp.js
IP
GET /api/1.0/esp.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:19 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: FVMlFSmcD0Wn/+rph/xJPSMD8h1xLItGxMiFojs1e+J1f7LO28QsQCtM5wu1mlkwy4pwPQtZ0SQ=
x-amz-request-id: H5PSQWN45SZ0RJ5Q
last-modified: Wed, 18 Jan 2023 10:47:58 GMT
etag: W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 3275
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 790eaebd78afb4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.adapex.io/hb/aaw.emc.js
200 OK 0 B URL HTTP/2 cdn.adapex.io/hb/aaw.emc.js
IP
GET /hb/aaw.emc.js HTTP/1.1
Host: cdn.adapex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:14 GMT
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 09:14:34 GMT
vary: Accept-Encoding
etag: W/"63cfa17a-8f127"
expires: Sun, 29 Jan 2023 10:11:38 GMT
cache-control: public, max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuGCaZ752yxcfOTFFeyxI688tphIIDUt3Pm9g3ok118iEUaG8bcIizU0wkdLmak377d04c8t58%2F36lSOLzHY5%2BOnqqCXv4o35C%2F205m54LxGdOeXGFOaatMqC83k7B3I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790eae9c8e2f0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
server: AmazonS3
content-encoding: gzip
date: Sat, 28 Jan 2023 03:23:10 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: phazksP_GF8U-TKVSmBi_x-RckwZX4t8Tdy1j5O0aIMLN0DLyIEh-Q==
age: 84667
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CUQWX43D
200 OK 0 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CUQWX43D
IP
POST /rtb/prebid?cid=8CUQWX43D HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2433
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 02:54:15 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Sun, 29 Jan 2023 02:54:15 GMT
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
go1.aniview.com/api/adserver/tag/?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f&AV_VIDEOURL=https%3A%2F%2Fstreaming.playstream.media%2Fstorage%2Fvideos%2Fa9c9391d-dd16-4cb6-9319-5dd9559fe22d%2Findex.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&AV_CHANNELID=6278fd47e6b0901a49776895&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=earnme.club&AV_DADPOS=1&AV_TAG=62790805abc41c4450002684&AV_TEMPLATE=6278f4f0a7dd573d85421cad&d36=6.2.76&responsive=1&sver=4&avtoken=860708&omv=1.0.1&clsid=bc7c9daf-2023-473a-aee8-65aee266c64c&rando=43&AV_WIDTH=640&AV_HEIGHT=361&AV_DNT=0&cb=1674960860711&wfc=1
200 OK 0 B URL HTTP/2 go1.aniview.com/api/adserver/tag/?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f&AV_VIDEOURL=https%3A%2F%2Fstreaming.playstream.media%2Fstorage%2Fvideos%2Fa9c9391d-dd16-4cb6-9319-5dd9559fe22d%2Findex.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&AV_CHANNELID=6278fd47e6b0901a49776895&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=earnme.club&AV_DADPOS=1&AV_TAG=62790805abc41c4450002684&AV_TEMPLATE=6278f4f0a7dd573d85421cad&d36=6.2.76&responsive=1&sver=4&avtoken=860708&omv=1.0.1&clsid=bc7c9daf-2023-473a-aee8-65aee266c64c&rando=43&AV_WIDTH=640&AV_HEIGHT=361&AV_DNT=0&cb=1674960860711&wfc=1
IP
GET /api/adserver/tag/?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f&AV_VIDEOURL=https%3A%2F%2Fstreaming.playstream.media%2Fstorage%2Fvideos%2Fa9c9391d-dd16-4cb6-9319-5dd9559fe22d%2Findex.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&AV_CHANNELID=6278fd47e6b0901a49776895&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=earnme.club&AV_DADPOS=1&AV_TAG=62790805abc41c4450002684&AV_TEMPLATE=6278f4f0a7dd573d85421cad&d36=6.2.76&responsive=1&sver=4&avtoken=860708&omv=1.0.1&clsid=bc7c9daf-2023-473a-aee8-65aee266c64c&rando=43&AV_WIDTH=640&AV_HEIGHT=361&AV_DNT=0&cb=1674960860711&wfc=1 HTTP/1.1
Host: go1.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:15 GMT
content-type: application/json
vary: Accept-Encoding
set-cookie: aniC=1674960855702-978606551947-001146-004-001827; Expires=Sat, 18-Feb-23 02:54:15 GMT; Max-Age=1728000; Domain=aniview.com; Path=/; Secure; HttpOnly; SameSite=None
aniC=; Expires=Sat, 18-Feb-23 02:54:15 GMT; Max-Age=1728000; Domain=aniview.com; Path=/; Secure; HttpOnly; SameSite=None
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
access-control-max-age: 1728000
x-bamboo-c-s: BYPASS
x-bamboo-c-skfe: 1
x-bamboo-c-skst: 1
expires: Tue, 17 Jan 2023 13:07:35 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
tags.crwdcntrl.net/lt/c/16589/sync.min.js
200 OK 0 B URL HTTP/2 tags.crwdcntrl.net/lt/c/16589/sync.min.js
IP
GET /lt/c/16589/sync.min.js HTTP/1.1
Host: tags.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 05 Jan 2023 20:08:05 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sat, 28 Jan 2023 15:35:23 GMT
cache-control: max-age: 86400
etag: W/"87ee016ad429d1c83712b8d81ccb3c59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sPnU37I8dXUMu3TPvguLsWDSGKYG3F-q8mpAgXQWyNIt4q7qQHsnig==
age: 40737
X-Firefox-Spdy: h2
cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=405
200 OK 0 B URL HTTP/2 cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=405
IP
GET /hadron.js?url=https%3A%2F%2Fearnme.club%2Fairtel-starts-5g-trial%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=405 HTTP/1.1
Host: cdn.hadronid.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:17 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"2280e2148e4ee3c06f679f8fac039778"
last-modified: Fri, 18 Nov 2022 10:57:44 GMT
x-amz-id-2: VVXSRCfn+iX3VlsEH3JPxIkNzLS6lVJG1NUOW+RC+F2OY5f3zD5nPr9+sjNuSMlIuK4KYvackFM=
x-amz-request-id: 8JRRZ9HXKGBZSDFY
cache-control: max-age=3600
cf-cache-status: HIT
age: 6158
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6ZInjhtCUZ1efPWH9iThNZ%2BIXcwgnyRs3nRn5yR%2BgKfGOOd1yA0JqyDM3Stl%2B392BisbV71hL0nf8PGNvDtMj7Pyja74NDNRhmOoRE0Pu0jSMdYkUQ4SlRi71H9Znfo3G8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790eaeae1d2cb515-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/id5-api.js
200 OK 0 B URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:17 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: CO+cPK9MlXQ+Pp7rzr8UBe9jXf3QVRyCEIXUUj0WHfDV3zQVrjcz3bOmEOU9iBqkaS9ucJx5v/0=
x-amz-request-id: H722FXZ7MH4EZWKX
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 2661
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 790eaeaf2b00b4f9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.132.js
200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.132.js
IP
GET /js/ld/publishertag.prebid.132.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 02:54:18 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Mon, 30 Jan 2023 02:54:18 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
a.ad.gt/api/v1/u/matches/479?_it=amazon
200 OK 0 B URL HTTP/2 a.ad.gt/api/v1/u/matches/479?_it=amazon
IP
GET /api/v1/u/matches/479?_it=amazon HTTP/1.1
Host: a.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:18 GMT
content-type: application/javascript
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Sun, 29 Jan 2023 02:48:19 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 790eaeb46d780b69-OSL
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 0 B IP
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=FPNc4180M0RITmhlJTJCZkMwOUJGQlhaMUN2czM0cjlhcFpMcG5aMzl6M3RWc0FoZTRTRTglMkJWUFZPTyUyQll0OVJMVlE3ckk4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 02:54:19 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=-7GghF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czM0cjlhcFpMcG5aMzl6M3RWc0FoZTRCYkZ4NjI1ejdxWDROU2Jxbjg5JTJCZQ; expires=Fri, 23 Feb 2024 02:54:20 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 243797
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
157.90.71.190
104.22.53.86
216.239.32.36
178.250.6.186
20.73.234.141
23.195.255.234
212.82.100.182
93.184.220.29