link.tnlink.in/dlsMod77
157.90.71.190301 Moved Permanently 707 B IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET /dlsMod77 HTTP/1.1
Host: link.tnlink.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 14 Jan 2023 07:28:55 GMT
location: https://link.tnlink.in/dlsMod77
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8b4f1afb0e830b797238d34ab9254aa
e011acef3d05c959a65205d53b651ecd18a889fe
f7ceff5b4fda083c7449b7298c232224cf48a632dcb87233b646790de207d49c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7CEFF5B4FDA083C7449B7298C232224CF48A632DCB87233B646790DE207D49C"
Last-Modified: Thu, 12 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9409
Expires: Sat, 14 Jan 2023 10:05:44 GMT
Date: Sat, 14 Jan 2023 07:28:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0643dc6b6fed33b3537160b6bb77bcbf
aa43bd1fbb30d2219f3285c1ee4991ffb33562c5
f137438e30e0d69cba77ca2eb736687873e4a9c06cf88d23c6d55ea930fde09f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F137438E30E0D69CBA77CA2EB736687873E4A9C06CF88D23C6D55EA930FDE09F"
Last-Modified: Sat, 14 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10773
Expires: Sat, 14 Jan 2023 10:28:28 GMT
Date: Sat, 14 Jan 2023 07:28:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 14 Jan 2023 06:42:01 GMT
content-type: application/json
age: 2814
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 64765d3d978fd74d7bc47d55d4f097cf
92eb3f0d55ba99be28105c0b28ef7dd456817f1f
761aab02513e7a0ec55ea59109e88b39cbd4e17df0cd2035aa37a4693f22d1f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "761AAB02513E7A0EC55EA59109E88B39CBD4E17DF0CD2035AA37A4693F22D1F3"
Last-Modified: Thu, 12 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19455
Expires: Sat, 14 Jan 2023 12:53:10 GMT
Date: Sat, 14 Jan 2023 07:28:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1rsTGlLCRQHQN3mh7v9CVBQGdvdYozX5GQNyBYcmGjVjmqW1PCLn7ShGk5uHUzHBCf1tz6KO8WQ=
x-amz-request-id: R57B7RQCGXRBKSTK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 14 Jan 2023 06:54:50 GMT
age: 2045
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
link.tnlink.in/dlsMod77
157.90.71.190302 Found 683 B IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 6371befc85069a96b0cb3c52e754a55a
de3def799f60ce2a16721687937ffb2a3f9bd3ae
db6f3663ecb5b124f3c02ce15691739fe69888b7ed6112f03062489470517f77
Analyzer Verdict Alert fortinet Malware
GET /dlsMod77 HTTP/1.1
Host: link.tnlink.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
content-type: text/html
content-length: 683
date: Sat, 14 Jan 2023 07:28:55 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: http://earnme.club/safe2.php?link=dlsMod77
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:28:55 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
earnme.club/safe2.php?link=dlsMod77
157.90.71.190200 OK 449 B URL HTTP/1.1 earnme.club/safe2.php?link=dlsMod77
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 077c7421249bc8addc71e579048334e4
185303b03aed40a21c5c536c7ccba547f3dcb197
5d6d377717c24e034b865f954fa3445f851f0bf214b54a20a7ddbd19c43b8f1a
Analyzer Verdict Alert fortinet Malware
GET /safe2.php?link=dlsMod77 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: tp2=dlsMod77; expires=Sat, 14-Jan-2023 07:31:55 GMT; Max-Age=180
content-type: text/html; charset=UTF-8
content-length: 449
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 14 Jan 2023 07:28:55 GMT
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 815f1a1e0adac55b38019d2af17b9bbe
6e04467e75f83b4a692cf6716b5b564274a487c7
6d8326d418f56d57221790353c7b220088d63c133901e0b500accb5e420811db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 14 Jan 2023 07:17:25 GMT
age: 691
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
earnme.club/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
157.90.71.190200 OK 12 kB URL HTTP/2 earnme.club/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/nord-n1-from-oneplus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 21 Jan 2023 07:28:56 GMT
content-type: text/css
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Sat, 14 Jan 2023 07:28:56 GMT
X-Firefox-Spdy: h2
earnme.club/wp-includes/css/classic-themes.min.css?ver=1
157.90.71.190200 OK 144 B URL HTTP/2 earnme.club/wp-includes/css/classic-themes.min.css?ver=1
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
Hash fcbd239f30d9a6dd1f3637f291143d37
2871bf7d98af3f43e42f7fa32808048e7134fabf
c2f98e9d71f782b7a3266cd337c61ae6c8dcbb7203669c07852aa2ab65ab6144
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/nord-n1-from-oneplus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 21 Jan 2023 07:28:56 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 144
date: Sat, 14 Jan 2023 07:28:56 GMT
X-Firefox-Spdy: h2
earnme.club/nord-n1-from-oneplus/
157.90.71.190200 OK 28 kB URL HTTP/2 earnme.club/nord-n1-from-oneplus/
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 58bca0346f73bffbf850f0e39a2ee8e8
660aeb29844b798c1aae6fde0eff581213b9414e
a20ccfd179fef25741e880f403c9d422d84a68033b29f0be6c5ec16a3b93602a
Analyzer Verdict Alert fortinet Malware
GET /nord-n1-from-oneplus/ HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
x-pingback: https://earnme.club/xmlrpc.php
link: <https://earnme.club/wp-json/>; rel="https://api.w.org/", <https://earnme.club/wp-json/wp/v2/posts/65>; rel="alternate"; type="application/json", <https://earnme.club/?p=65>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Jan 2023 07:28:56 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b84b0d217176aa4c3074ddc7574aa981
de36340f296ceaca5d0eb1c6f464bb2908c2b15f
5d0750ffd4012e0cd3866ddc74e9a5515511a770a173c588679eb57fc174bc22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4465
Cache-Control: max-age=149287
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:56 GMT
Etag: "63c1ec6e-118"
Expires: Mon, 16 Jan 2023 00:57:03 GMT
Last-Modified: Fri, 13 Jan 2023 23:42:38 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
earnme.club/wp-content/themes/bloggingpro/js/javascript-plugin-min.js?ver=1.3.4
157.90.71.190200 OK 15 kB URL HTTP/2 earnme.club/wp-content/themes/bloggingpro/js/javascript-plugin-min.js?ver=1.3.4
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (31911)
Hash cb7a12e88fefedfcdfb84aa5bdcd0074
6d5487ae9d1f8e4ee55a3a0248dee3374584cd32
f36e64985ba539851c169648463e2d00218a412165f5267eaaf160d1aaf657d1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bloggingpro/js/javascript-plugin-min.js?ver=1.3.4 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/nord-n1-from-oneplus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 21 Jan 2023 07:28:56 GMT
content-type: application/javascript
last-modified: Sun, 01 Jan 2023 07:20:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14838
date: Sat, 14 Jan 2023 07:28:56 GMT
X-Firefox-Spdy: h2
earnme.club/wp-content/themes/bloggingpro/js/infinite-scroll-custom.js?ver=1.3.4
157.90.71.190200 OK 6.7 kB URL HTTP/2 earnme.club/wp-content/themes/bloggingpro/js/infinite-scroll-custom.js?ver=1.3.4
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (17739)
Hash 7751a79a4b05c1d9a91f1ca0e71d4d54
fc548c276847e84b0e4bb0e792558fe1932717d0
b2d26d65f099aceb4a4dd06690065bee25dd5adc3ca5ffddf019185e2e13ae5e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bloggingpro/js/infinite-scroll-custom.js?ver=1.3.4 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/nord-n1-from-oneplus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 21 Jan 2023 07:28:56 GMT
content-type: application/javascript
last-modified: Sun, 01 Jan 2023 07:20:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6749
date: Sat, 14 Jan 2023 07:28:56 GMT
X-Firefox-Spdy: h2
earnme.club/wp-content/themes/bloggingpro/js/customscript.js?ver=1.3.4
157.90.71.190200 OK 1.8 kB URL HTTP/2 earnme.club/wp-content/themes/bloggingpro/js/customscript.js?ver=1.3.4
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (385)
Hash d1901b59e132e910c7503c6104fd558b
611f7b99fffe08605e4c5fdeee02141f6316ae8a
5cf7206ecfb818b82e1651f753a695786b3ad25c14270f6d1b61c33b7ecf7f41
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bloggingpro/js/customscript.js?ver=1.3.4 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/nord-n1-from-oneplus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 21 Jan 2023 07:28:56 GMT
content-type: application/javascript
last-modified: Sun, 01 Jan 2023 07:20:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1843
date: Sat, 14 Jan 2023 07:28:56 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c16b1530bbcd3d9226362c0a6100f014
a49685aa2869a3674bc4c8fc58acd47f655c2111
ff063e27670433897ba82fdf8048fc228587ab2f01c21e2970f03b3df9093539
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
earnme.club/wp-includes/js/comment-reply.min.js?ver=6.1.1
157.90.71.190200 OK 1.2 kB URL HTTP/2 earnme.club/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2946)
Hash 7d8acf37582bf5212cbf4e31105de2ac
19581f31ceed66b11804eb6a2b3d00d43f73f071
d48d28cdb9d3dd8b812129663e5cc8b373b67629e2e65988d2b274960f7b847f
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/nord-n1-from-oneplus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 21 Jan 2023 07:28:56 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1228
date: Sat, 14 Jan 2023 07:28:56 GMT
X-Firefox-Spdy: h2
earnme.club/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
157.90.71.190200 OK 4.6 kB URL HTTP/2 earnme.club/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/nord-n1-from-oneplus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 21 Jan 2023 07:28:56 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Sat, 14 Jan 2023 07:28:56 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1e3535cab3c1ac295b1412126a9325c
d1bdf1b8663817ae34b6182db29d6b20666779e7
90c4ecd4b0782647fd78110b5bacfb73d2b05aae4de789a90318574407dfb565
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5074
Cache-Control: max-age=97344
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:56 GMT
Etag: "63c11f26-1d7"
Expires: Sun, 15 Jan 2023 10:31:20 GMT
Last-Modified: Fri, 13 Jan 2023 09:06:46 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LY1N2M6E7Y
IP 142.250.74.168:0
File type ASCII text, with very long lines (20080)
Hash 7b5b069a5d2c28023a3913ae608ef912
badbbbb552eb9cb4cf7cc13df6261d72b36d79cd
fc5a09bb5f9b122eaaf25ad5ad0563ca44f3d12f69988e76a980e4fe5e115938
GET /gtag/js?id=G-LY1N2M6E7Y HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 14 Jan 2023 07:28:56 GMT
expires: Sat, 14 Jan 2023 07:28:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77378
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b84b0d217176aa4c3074ddc7574aa981
de36340f296ceaca5d0eb1c6f464bb2908c2b15f
5d0750ffd4012e0cd3866ddc74e9a5515511a770a173c588679eb57fc174bc22
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4465
Cache-Control: max-age=149287
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:56 GMT
Etag: "63c1ec6e-118"
Expires: Mon, 16 Jan 2023 00:57:03 GMT
Last-Modified: Fri, 13 Jan 2023 23:42:38 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5628887325331ad3d660f7208e1995c
9e4bf04468a7aed126488ccb5552a8e02610f6dd
5cd181d6728fc5f0f4d88407b97af61db39c5a38feebdeb2c21335cf4402fca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c16b1530bbcd3d9226362c0a6100f014
a49685aa2869a3674bc4c8fc58acd47f655c2111
ff063e27670433897ba82fdf8048fc228587ab2f01c21e2970f03b3df9093539
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Hash 4610010f425c140b99c88b6819ce1c02
a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earnme.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 08:00:18 GMT
expires: Fri, 12 Jan 2024 08:00:18 GMT
cache-control: public, max-age=31536000
age: 170918
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earnme.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 11 Jan 2023 19:28:49 GMT
expires: Thu, 11 Jan 2024 19:28:49 GMT
cache-control: public, max-age=31536000
age: 216007
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df489559868985b8815baa1cfaaff191
cb804ae84a7d8c2b6580c97caa484cfb515c1435
ecfca9383aa4ff0bc88dc975918610d1406ac9198e68d26a731a589b073b3ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
flashnetic.com/c/ao0y4krv21gsuol1v4o82.json
54.230.111.77200 OK 1.5 kB URL HTTP/2 flashnetic.com/c/ao0y4krv21gsuol1v4o82.json
IP 54.230.111.77:0
File type JSON data\012- , ASCII text, with very long lines (1549), with no line terminators
Hash 1165eba4e9339ec6a75e2840289faa43
db56c86b19395e001685ec547ca62be13cf8065c
ad032d1cf528ab452328c93f4e286e5034be1a9e5c74da91d2828d6a50caa6c9
GET /c/ao0y4krv21gsuol1v4o82.json HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 1549
date: Fri, 13 Jan 2023 11:05:51 GMT
last-modified: Thu, 10 Nov 2022 12:56:57 GMT
etag: "1165eba4e9339ec6a75e2840289faa43"
x-amz-version-id: Acn7r8ZMd7YG6M0YfdycNmVJVXl9rg7Z
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: duXiyB1SD0tPV0T9E98NfOuAk2-GHj84paPmMDp1yNr0-j1yEj406g==
age: 73386
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 16fdc7481eb2bf489762b6b6ad440216
8ba97c0fac5d5edf8ae49bccb0ec2ba8e251f646
465edacc998277376411200c9d9e30fdc1290717d1c5857ff226e73a33bfd516
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.190.211.117101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.190.211.117:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0H3sERWVCQFXe1bxHk73aw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QKEN1iyUefvUjh5oV/HBqx75OC0=
player.avplayer.com/script/2/v/avcplayer.js
23.36.79.32200 OK 61 kB URL HTTP/2 player.avplayer.com/script/2/v/avcplayer.js
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9dff0335699f04080269947f40c366ae
8447df4f8b168d9c506630f96ef95002c2c6eb28
157b5912ad26a879f38d0dafb1fce2def6df3168a08f991d6203463375fa32fc
GET /script/2/v/avcplayer.js HTTP/1.1
Host: player.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
etag: "9dff0335699f04080269947f40c366ae"
x-guploader-uploadid: ADPycdtu-4lkKnewYrLZAQ6C3FYocqKyAEpTHAcTl1fhfCPCh7vxR-IJqbD_5jBst3P2Kl4LF2YOsUpbgaREFcUSdQ
server: UploadServer
x-goog-generation: 1646327924579580
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 61326
content-type: application/javascript
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=DITkQg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 61326
cache-control: public, max-age=300
expires: Sat, 14 Jan 2023 07:33:56 GMT
date: Sat, 14 Jan 2023 07:28:56 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (39363)
Hash f6b146b54f07816c16799db241428574
80a94f54559ac1be75b7baab1aa5e5f6d0fcf23f
9752e138aa88d344160a90b68b5cdb984acb46f062a91a0d70a1a5f3d43252b9
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27583
date: Sat, 14 Jan 2023 07:28:56 GMT
expires: Sat, 14 Jan 2023 07:28:56 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1451 / 590 of 1000 / last-modified: 1673651232"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 16fdc7481eb2bf489762b6b6ad440216
8ba97c0fac5d5edf8ae49bccb0ec2ba8e251f646
465edacc998277376411200c9d9e30fdc1290717d1c5857ff226e73a33bfd516
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
151.101.129.229200 OK 794 B URL HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
IP 151.101.129.229:0
File type JSON data\012- , ASCII text, with very long lines (1597), with no line terminators
Hash c30b514eea523ce43ea5f5813494fde5
a987139e5c20afba7ce99228e59d8ec29dc0f3b4
b6631edb6b0076f71f8b09fbf726a88e099bdeef27aa3d1223656b72401412f0
GET /gh/prebid/currency-file@1/latest.json HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1586
x-jsd-version-type: version
etag: W/"63d-9L54YkgK3o5GuxWdK5oFnmMutYE"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 14 Jan 2023 07:28:56 GMT
age: 12485
x-served-by: cache-fra-eddf8230021-FRA, cache-bma1660-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 794
X-Firefox-Spdy: h2
c.amazon-adsystem.com/aax2/apstag.js
143.204.46.73200 OK 47 kB URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP 143.204.46.73:0
Hash 60e782fa9882ca6c1a3cda89cad70ef5
07730489a66e29cead01dc7b94f5ad5d28400492
bd0847c76d22bec036f9c903d38e52a31d2a8aff15b1603c50d75f9fee6ad019
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 14 Jan 2023 07:28:44 GMT
last-modified: Thu, 12 Jan 2023 17:04:05 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront), 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
etag: W/"2c63b04870c0736f1905578b2fde091d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-C1
x-amz-cf-id: Xitkxb8_d0YKAcSwgxPXBeodQsQ5zjPhlOUkt2pFD0qe7Skk8K6NwA==
age: 13
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 992b09b606f201543904f21c48bfbbd4
34fb3b1cfd649c4981c62f9d85cb2b7ad7df77c2
5bf65db2fc347d0a5d6e714237a989466f1efedb7c654da2699730c0ed6434e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5BF65DB2FC347D0A5D6E714237A989466F1EFEDB7C654DA2699730C0ED6434E4"
Last-Modified: Fri, 13 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5318
Expires: Sat, 14 Jan 2023 08:57:35 GMT
Date: Sat, 14 Jan 2023 07:28:57 GMT
Connection: keep-alive
player.avplayer.com/script/2/2.55/libs/hls.min.js
23.36.79.32200 OK 72 kB URL HTTP/2 player.avplayer.com/script/2/2.55/libs/hls.min.js
IP 23.36.79.32:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 7888b98658e8cef4a98786556ccdab66
d52a58a8e2463dba71947783a8485dcd023100d1
ea7bca216f10e44bd3b4febb9f5a6e6e2f72059b55441e2823ceb3a2be03e161
GET /script/2/2.55/libs/hls.min.js HTTP/1.1
Host: player.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 10 Jan 2021 14:52:52 GMT
etag: "7888b98658e8cef4a98786556ccdab66"
x-guploader-uploadid: ADPycdvb01YBBQDWpLAX_FuV-7DSoxLYAzI5YTOUillnczoaCnX1-6OEkBGHdpMa0ucqpIwdSEU02m8DzzX8XijUDkQ
x-goog-generation: 1610290372874389
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 71831
content-type: application/javascript
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=vMWMIg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 71831
server: UploadServer
cache-control: public, max-age=300
expires: Sat, 14 Jan 2023 07:33:57 GMT
date: Sat, 14 Jan 2023 07:28:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 1a9fe21d3233a2426b41f2b06ee6d134
3f7cdec8f03198427d13eb47a0e2699a5cbb183b
1a738fac2201932e2e59d2e1e0a92f2d7979c89196698829c4096b960c908564
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=92432
Date: Sat, 14 Jan 2023 07:28:57 GMT
Etag: "63c11984-1d7"
Expires: Sun, 15 Jan 2023 09:09:29 GMT
Last-Modified: Fri, 13 Jan 2023 08:42:44 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: B078Z8Yhe0Ed1mNgpD6W3Xaab9CZdYg40Y1YsI_8UkcisqzSAMNdOw==
Age: 1605
cat2.hbwrapper.com/
68.183.18.251200 OK 15 B IP 68.183.18.251:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash 0f0479874bf6f4a7281099b15df27c27
55a490e280d48996e564d00492437eb17faadd28
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
POST / HTTP/1.1
Host: cat2.hbwrapper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 147
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 07:28:57 GMT
Server: Apache
Access-Control-Allow-Origin: https://earnme.club
Access-Control-Allow-Credentials: true
Content-Length: 15
Connection: close
Content-Type: text/html; charset=UTF-8
track1.aniview.com/track?pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&cb=1673681320403&r=earnme.club&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d65=&d66=7&e=playerLoaded&str=viewable
18.205.57.11200 OK 0 B URL HTTP/2 track1.aniview.com/track?pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&cb=1673681320403&r=earnme.club&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d65=&d66=7&e=playerLoaded&str=viewable
IP 18.205.57.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track?pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&cb=1673681320403&r=earnme.club&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d65=&d66=7&e=playerLoaded&str=viewable HTTP/1.1
Host: track1.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:57 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a13547ff978bb04462f681ee9b51a755
bc9f47a47abfb1e3197a98b04c8c24a2056bad5c
ea947783cbd89380990716993d01c2fd19984697cb8f370c344a7ca2f3452aa1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA947783CBD89380990716993D01C2FD19984697CB8F370C344A7CA2F3452AA1"
Last-Modified: Thu, 12 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16532
Expires: Sat, 14 Jan 2023 12:04:29 GMT
Date: Sat, 14 Jan 2023 07:28:57 GMT
Connection: keep-alive
cdn.playstream.media/logo.png
138.199.37.227200 OK 1.3 kB URL HTTP/2 cdn.playstream.media/logo.png
IP 138.199.37.227:0
ASN #60068 Datacamp Limited
File type PNG image data, 32 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash b0fb81e9e278d867bb73f8a6cde236f2
ca10201696f69919ff9541bb549de2d0b065eb8e
875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b
GET /logo.png HTTP/1.1
Host: cdn.playstream.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:57 GMT
content-type: image/png
content-length: 1265
server: BunnyCDN-DE1-860
cdn-pullzone: 1027527
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 19 Jan 2021 07:48:16 GMT
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 11/21/2022 14:10:19
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 6a570924801d295acf8cdba668e765b3
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f
23.38.201.105200 OK 118 kB URL HTTP/2 player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f
IP 23.38.201.105:0
File type Unicode text, UTF-8 text, with very long lines (44568), with LF, NEL line terminators
Size 118 kB (118513 bytes)
Hash 111082cbe6af4a9938fb7f0ac75e9988
9965e3984cdfe80bd59c552a7adb5a34b55ed6fd
0fa3e052c2cd5169fee79ab84e5449d132c8cdf4080a3a2d8a12336d38ae1775
GET /script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f HTTP/1.1
Host: player.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtA3eNJoEJqDbNUH-070gCFyEVS4AvDz8oKZ6ASEZmdtUf0o-SBFKe_loHc2eDhfHjdc2fBG2JJbDYPxrc7-XahmeTLkfpS
last-modified: Wed, 11 Jan 2023 12:37:01 GMT
etag: "111082cbe6af4a9938fb7f0ac75e9988"
x-goog-generation: 1673440621255658
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 118513
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=C7nmVQ==, md5=ERCCy+avSpk4+38Kx16ZiA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 118513
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
cache-control: public, max-age=600
expires: Sat, 14 Jan 2023 07:38:57 GMT
date: Sat, 14 Jan 2023 07:28:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash f5b746e637845addf988ba0ea8b72b5e
f8b59f962b53b6a61c612c3bbf12e6f70ba93cdd
a1c80bb5c0e6e1d52a2e7adf85ec5cb4ebd0e6ee05ab1f07ff04f3d5743841b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5256
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:57 GMT
Last-Modified: Sat, 14 Jan 2023 06:01:21 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
region1.google-analytics.com/g/collect?v=2&tid=G-LY1N2M6E7Y>m=2oe1a1&_p=1257152109&cid=365534255.1673681321&ul=en-us&sr=1280x1024&_s=1&sid=1673681320&sct=1&seg=0&dl=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=NORD%20N1%20from%20ONEPLUS%20%E2%80%93%20Tech%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-LY1N2M6E7Y>m=2oe1a1&_p=1257152109&cid=365534255.1673681321&ul=en-us&sr=1280x1024&_s=1&sid=1673681320&sct=1&seg=0&dl=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=NORD%20N1%20from%20ONEPLUS%20%E2%80%93%20Tech%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LY1N2M6E7Y>m=2oe1a1&_p=1257152109&cid=365534255.1673681321&ul=en-us&sr=1280x1024&_s=1&sid=1673681320&sct=1&seg=0&dl=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=NORD%20N1%20from%20ONEPLUS%20%E2%80%93%20Tech%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://earnme.club
date: Sat, 14 Jan 2023 07:28:57 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c.neodatagroup.com/adapex.js
152.199.21.175200 OK 9.0 kB URL HTTP/2 c.neodatagroup.com/adapex.js
IP 152.199.21.175:0
File type ASCII text, with very long lines (1134)
Hash 8602b796117f94af40ee5415f4bb65a3
492ba2ad4438b5089c4e38c5a21b98ef00525fd3
454c67da3d26ab3635924b62a436784998d3be2df208d7e8484bd46837df7f65
GET /adapex.js HTTP/1.1
Host: c.neodatagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
age: 3421
cache-control: max-age=7200
content-md5: OIr+Ki+Hl0Wt1GYJISUy4g==
content-type: text/javascript
date: Sat, 14 Jan 2023 07:28:57 GMT
etag: "0x8DAEE606325EA36+gzip"
expires: Sat, 14 Jan 2023 09:28:57 GMT
last-modified: Wed, 04 Jan 2023 14:31:37 GMT
server: ECAcc (ska/F757)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 44b18cc3-601e-002a-4fe1-27258b000000
x-ms-version: 2014-02-14
content-length: 9023
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=xiwdew&e=1376561620077
54.230.111.77200 OK 134 kB URL HTTP/2 flashnetic.com/r/p.html?f=xiwdew&e=1376561620077
IP 54.230.111.77:0
File type HTML document, ASCII text, with CRLF line terminators
Size 134 kB (134537 bytes)
Hash a2fab957f343fcecd282e632249d0056
02b702466469da25822e0050acd370a3e06063a5
2dda62eacb12cfd99bfaa8f468edc9778e0b37dba7ccdb35641682f1de50abbe
GET /r/p.html?f=xiwdew&e=1376561620077 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: br
date: Sat, 14 Jan 2023 00:47:00 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MoqXOGpoQ48mAfCum9bNf5a5V2Ax5XJFfuiAxa2Vb__KbBxqWdUwkQ==
age: 24118
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=100&e=cpll&cb=1673681320790
54.80.246.179200 OK 0 B URL HTTP/2 track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=100&e=cpll&cb=1673681320790
IP 54.80.246.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=100&e=cpll&cb=1673681320790 HTTP/1.1
Host: track1.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:57 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
track1.aniview.com/track?r=earnme.club&sn=&ic=0&tgt=0&app=&wi=640&he=361&test=&d36=6.2.73&apppkg=&fv=1&proto=https&clsid=487b6a98-2147-4c63-a30e-913b7a12eacb&rando=73&pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&e=inventory&vi=100&cb=1673681321230
18.205.57.11200 OK 0 B URL HTTP/2 track1.aniview.com/track?r=earnme.club&sn=&ic=0&tgt=0&app=&wi=640&he=361&test=&d36=6.2.73&apppkg=&fv=1&proto=https&clsid=487b6a98-2147-4c63-a30e-913b7a12eacb&rando=73&pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&e=inventory&vi=100&cb=1673681321230
IP 18.205.57.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track?r=earnme.club&sn=&ic=0&tgt=0&app=&wi=640&he=361&test=&d36=6.2.73&apppkg=&fv=1&proto=https&clsid=487b6a98-2147-4c63-a30e-913b7a12eacb&rando=73&pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&e=inventory&vi=100&cb=1673681321230 HTTP/1.1
Host: track1.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:57 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ec748ffc7af0db1630122e52a5fa162a
0d44582521bbb65f1f3cc4ff8575a82e95bbe9d3
697ec3fa74a8b28e98638cdc6e0f7450d020ec88f3507d215fda89dea509766e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4103
Cache-Control: max-age=106474
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:57 GMT
Etag: "63c1469c-139"
Expires: Sun, 15 Jan 2023 13:03:31 GMT
Last-Modified: Fri, 13 Jan 2023 11:55:08 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 48ec77af74af96b2a99323c634844a59
5ae1072472055ca18235330360823c664e9522d1
a040dea9f07b1130dd66067f390698e05fa41f84ca567d79f6429c1daa930446
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3008
Cache-Control: max-age=149650
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:57 GMT
Etag: "63c1f38b-1d7"
Expires: Mon, 16 Jan 2023 01:03:07 GMT
Last-Modified: Sat, 14 Jan 2023 00:12:59 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
flashnetic.com/r/p.html?f=thhirhjcr&e=1376561620077
54.230.111.77200 OK 2.2 kB URL HTTP/2 flashnetic.com/r/p.html?f=thhirhjcr&e=1376561620077
IP 54.230.111.77:0
File type HTML document, ASCII text, with CRLF line terminators
Hash e4d223d0c556ed17c6b7defef4355308
8b1a1e3f5b3b33cb3b9b8b6a8cf6716c76e46ebf
e57765b8c765d63db7dec08e099fa959ec701330957669de24720dc17a1407c2
GET /r/p.html?f=thhirhjcr&e=1376561620077 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: br
date: Sat, 14 Jan 2023 00:47:00 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G4gYs77vOvnNGvqj0M4ljdmIkXUh9E9NqdFlph00aK4Ud8n-8wuQgg==
age: 24118
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=qwnmoubde&e=1376561620077
54.230.111.77200 OK 2.2 kB URL HTTP/2 flashnetic.com/r/p.html?f=qwnmoubde&e=1376561620077
IP 54.230.111.77:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 21a12ce447802744535827963fa4d963
284c3b90f761b9dc8fcdfe6150f946dc031d41a4
1c65caa73a74a6d72cd10272ca19024382013afd0d9e32ed85c624b37daee5be
GET /r/p.html?f=qwnmoubde&e=1376561620077 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: br
date: Sat, 14 Jan 2023 00:47:00 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7Td330Y6DiA7ojoL2fDtsypdDDWF10POnVXmAYn-rlqw6ZoYYrsgbg==
age: 24118
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 172e8bf0fc2cce754de2d289cc89be0e
083c7b3656a5374cd37d51e1dc1bb4850d25a624
10a85af4cb725a7d378e3fa12cd96648da09d53255bd579042c4795bc52d1f03
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5679
Cache-Control: max-age=159521
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:57 GMT
Etag: "63c20fab-1d7"
Expires: Mon, 16 Jan 2023 03:47:38 GMT
Last-Modified: Sat, 14 Jan 2023 02:12:59 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.28.0&cb=98118127157&lsavail=1
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.28.0&cb=98118127157&lsavail=1
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.28.0&cb=98118127157&lsavail=1 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1295
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:57 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://earnme.club
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 32b4235c94b77c53ed6886da3a1623cb
fdc2413e113b7affff29cd0cd128d9e2bd00976d
263c37c723e9068fdf6654dd91390d18b80233cfade1d3c63a526dc6024dcefc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3115
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:57 GMT
Last-Modified: Sat, 14 Jan 2023 06:37:02 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
p.gcprivacy.com/t/gcid_s.min.js
54.230.111.25200 OK 9.5 kB URL HTTP/2 p.gcprivacy.com/t/gcid_s.min.js
IP 54.230.111.25:0
File type Unicode text, UTF-8 text, with very long lines (9498)
Hash dac6676675972d00f4ec994de0578005
4b0a99773e109d54cf705ac198930869069e3de6
8548fa5f198e18b0feca552d0f369f4c9fc15b9990ef9d28ab2fc556f3e8153e
GET /t/gcid_s.min.js HTTP/1.1
Host: p.gcprivacy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 9500
date: Sat, 14 Jan 2023 00:50:19 GMT
last-modified: Fri, 06 Jan 2023 15:37:53 GMT
etag: "dac6676675972d00f4ec994de0578005"
x-amz-server-side-encryption: AES256
x-amz-version-id: sbZKwqqxtvM50Otwl3WJaXFYTCAIgKPH
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ND1BODZZ3AyG8B7gc-xiGBgmMixJ1c-7xqgDLKO1WYisPU0dstyOBQ==
age: 23919
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 32b4235c94b77c53ed6886da3a1623cb
fdc2413e113b7affff29cd0cd128d9e2bd00976d
263c37c723e9068fdf6654dd91390d18b80233cfade1d3c63a526dc6024dcefc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3115
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:57 GMT
Last-Modified: Sat, 14 Jan 2023 06:37:02 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 527
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:28:57 GMT
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 262 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash af0c23aaedc72cb20d2140f0eeb0eb8c
936647319efe7e75687944d58e45f8963441dda5
2b51b1b3fceb75d4bce0635839ee609c36d77462511ef6065928697c2ab1e7a3
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1021
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 07:28:57 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 262
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://earnme.club
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 8b0f8cf9-0089-4351-8866-5835353cfd16
Set-Cookie: icu=ChgI3uM8EAoYASABKAEwubOJngY4AUABSAEQubOJngYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:57 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=2534958645186952015; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:57 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 977e8b760a0cf7463b0d752df7fcbc06
53ca59d879b9a11a30cab28b11f9ddaf5c707d41
572a2d857a3b010f2a2e3f3e100467f5851453419651ee1f81977824a71c3b73
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5925
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:57 GMT
Last-Modified: Sat, 14 Jan 2023 05:50:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 9e401e6d58864863237a7430b20e3dfe
b302d934ffc4609b6445d7a5cf21d87ef1cd68d9
003b776b32166e9fe09d14b70018a4e2f296af83f0216fabab1e22582363be7d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6151
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:57 GMT
Last-Modified: Sat, 14 Jan 2023 05:46:26 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
flashnetic.com/r/p.html?f=jxgdjc&e=1376561620077
54.230.111.77200 OK 2.1 kB URL HTTP/2 flashnetic.com/r/p.html?f=jxgdjc&e=1376561620077
IP 54.230.111.77:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 33607599e89fe1e7a3aa53fa572e96ac
d7faca1ef345322978f55772ce1ca56956b5ae03
fa02a19793b4291daa5011694749b029a298a5fab9453940e60de603d2dbdd2c
GET /r/p.html?f=jxgdjc&e=1376561620077 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: br
date: Sat, 14 Jan 2023 00:47:00 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1J9gnezZYGLgn-z32T0QlUMbqoFMaEXGJmWS8UqFCS2hEdzZ_wNCUA==
age: 24118
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9d89cd854fb4b694bf2180c5789a33ed
a60cc7951b73616d774bf61dd0da1d22496f2382
19a602fcc9a1558e444cf5eb64f597d77df38097121a48f81a8003597196bfae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6023
Cache-Control: max-age=136795
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:57 GMT
Etag: "63c1b58d-1d7"
Expires: Sun, 15 Jan 2023 21:28:52 GMT
Last-Modified: Fri, 13 Jan 2023 19:48:29 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
onetag-sys.com/prebid-request
51.89.9.253200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP 51.89.9.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1939
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://earnme.club
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=iezgwh&e=1376561620077
54.230.111.77200 OK 2.5 kB URL HTTP/2 flashnetic.com/r/p.html?f=iezgwh&e=1376561620077
IP 54.230.111.77:0
File type HTML document, ASCII text, with CRLF line terminators
Hash ee222d83a018f712da194a9b7a30dfd0
2ebfba1eb852119303da898b74af639e64045a52
5a91523a2cba36c9180b7f7c5680c3806f5e0a0b11f6d3cdee1c1f35f6829145
GET /r/p.html?f=iezgwh&e=1376561620077 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: br
date: Sat, 14 Jan 2023 00:47:00 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3qzLUjIWx_fOu0y4J_ToP6fapWn9sr0tvUfQ__nlpUVXXo0nLM1dSw==
age: 24118
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
digikulture-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ch=UTF-8&res=1280x1024x24&ifr=false&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=ebeea060-aaed-410c-9dbb-cefadda984b8%2C7278078b-3fcf-4605-8bd1-101f0587463d&nocache=1673681321362&pubcid=81fa6524-ba19-4759-be75-71f7c9928ecd&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&aus=970x90%2C728x90%7C300x250%2C336x280&divids=0937ab0c-6f06-4d58-ae7a-910f65bf2ed8%2Cb45f1aa5-7f06-44fb-a71c-4d683bcd82d2&aucs=%252F22181265%252Femc_300v_1%2C%252F22181265%252Femc_300v_2&auid=556580797%2C556580798&aumfs=10%2C10
34.98.64.218200 OK 79 B URL HTTP/2 digikulture-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ch=UTF-8&res=1280x1024x24&ifr=false&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=ebeea060-aaed-410c-9dbb-cefadda984b8%2C7278078b-3fcf-4605-8bd1-101f0587463d&nocache=1673681321362&pubcid=81fa6524-ba19-4759-be75-71f7c9928ecd&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&aus=970x90%2C728x90%7C300x250%2C336x280&divids=0937ab0c-6f06-4d58-ae7a-910f65bf2ed8%2Cb45f1aa5-7f06-44fb-a71c-4d683bcd82d2&aucs=%252F22181265%252Femc_300v_1%2C%252F22181265%252Femc_300v_2&auid=556580797%2C556580798&aumfs=10%2C10
IP 34.98.64.218:0
File type JSON data\012- , ASCII text
Hash 2036ea8baec4f058aa9f99acd84c09e9
576e6a1cde192b3dc6e540e1acc344dcac4b96f6
213b8cac70959beb0231f656f2bd6f821626d5d4727a568ac1aae8be77c2256d
GET /w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ch=UTF-8&res=1280x1024x24&ifr=false&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=ebeea060-aaed-410c-9dbb-cefadda984b8%2C7278078b-3fcf-4605-8bd1-101f0587463d&nocache=1673681321362&pubcid=81fa6524-ba19-4759-be75-71f7c9928ecd&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&aus=970x90%2C728x90%7C300x250%2C336x280&divids=0937ab0c-6f06-4d58-ae7a-910f65bf2ed8%2Cb45f1aa5-7f06-44fb-a71c-4d683bcd82d2&aucs=%252F22181265%252Femc_300v_1%2C%252F22181265%252Femc_300v_2&auid=556580797%2C556580798&aumfs=10%2C10 HTTP/1.1
Host: digikulture-d.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sat, 14 Jan 2023 07:28:57 GMT
content-type: application/json
content-length: 79
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 61a036e5e9039e9a47cbaf925d97a845
0149af7af3812cc46cf5bbd19eb90b9bd3854064
3ecd56f044829eb5c257e131fbd60481d210a365eea7af90421bc4c4cfe10265
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3ECD56F044829EB5C257E131FBD60481D210A365EEA7AF90421BC4C4CFE10265"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15909
Expires: Sat, 14 Jan 2023 11:54:06 GMT
Date: Sat, 14 Jan 2023 07:28:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash ac89dfe11834ddecde1c0619eea354e2
b4e3133221ad75a08dc10df0a147feff4740cdeb
39854f295d895a426c3199074eba369b4202b2437ae014d7887a520a41ebe494
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2207
Cache-Control: max-age=118955
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:57 GMT
Etag: "63c17ec5-13a"
Expires: Sun, 15 Jan 2023 16:31:32 GMT
Last-Modified: Fri, 13 Jan 2023 15:54:45 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F21671350435%2C22687820958%2F300x250-earnme.club&tk_flint=pbjs_lite_v7.19.0&x_source.tid=66d2a673-7765-4f03-9221-91948bdc3a9d&l_pb_bid_id=2a0548fd655b158&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8295217923661866
69.173.144.140200 OK 417 B URL HTTP/1.1 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F21671350435%2C22687820958%2F300x250-earnme.club&tk_flint=pbjs_lite_v7.19.0&x_source.tid=66d2a673-7765-4f03-9221-91948bdc3a9d&l_pb_bid_id=2a0548fd655b158&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8295217923661866
IP 69.173.144.140:0
File type JSON data\012- , ASCII text, with very long lines (417), with no line terminators
Hash 8c12e1a3d0a3b03ef55cdfb1d3b12763
d6a38888f5b27adba3c3c8f846927a1e5a5278c1
4acef4bbfd0d1aa4c4ba3d621ae5ad62ea2b3ef5e28d1544ef94d45c170846d8
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F21671350435%2C22687820958%2F300x250-earnme.club&tk_flint=pbjs_lite_v7.19.0&x_source.tid=66d2a673-7765-4f03-9221-91948bdc3a9d&l_pb_bid_id=2a0548fd655b158&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8295217923661866 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Sat, 14 Jan 2023 07:28:57 GMT
Content-Type: application/json
Content-Length: 417
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://earnme.club
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=LCVMNLCY-4-7SOX; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:57 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB1Q/pd/Lh7V+e9DtVM30fCgLyeqvALYT7l75NifU4+EnXvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:57 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash ac89dfe11834ddecde1c0619eea354e2
b4e3133221ad75a08dc10df0a147feff4740cdeb
39854f295d895a426c3199074eba369b4202b2437ae014d7887a520a41ebe494
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2207
Cache-Control: max-age=118955
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:57 GMT
Etag: "63c17ec5-13a"
Expires: Sun, 15 Jan 2023 16:31:32 GMT
Last-Modified: Fri, 13 Jan 2023 15:54:45 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 46505a833e63c008fa8bc11eac22d18b
4c13ee34298533240c39b76e3b2c2bfe33755e2b
33d6973aca9ae676d34f8eb37c1582741a74f5fb20bdddc46c2df1aa83666685
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4703
Cache-Control: max-age=94843
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:57 GMT
Etag: "63c116d5-1d7"
Expires: Sun, 15 Jan 2023 09:49:40 GMT
Last-Modified: Fri, 13 Jan 2023 08:31:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
flashnetic.com/r/p.html?f=neupeol&e=1376561620077
54.230.111.77200 OK 2.1 kB URL HTTP/2 flashnetic.com/r/p.html?f=neupeol&e=1376561620077
IP 54.230.111.77:0
File type HTML document, ASCII text, with CRLF line terminators
Hash b3a5d9f2c42a18853b04d7241a8c52dd
07534e5695871f5b97859cb9785caeb5a6ea52dd
32e6b321e7b72016383eb2b791d1a82a33ca6146e1a57a4616cc4454c0d47521
GET /r/p.html?f=neupeol&e=1376561620077 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: br
date: Sat, 14 Jan 2023 00:47:00 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dYXdiBjBvrSXq7FiVE9urD3qxfU5WTea3HzWTjAr_ep1ralzuBBTVA==
age: 24118
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 46505a833e63c008fa8bc11eac22d18b
4c13ee34298533240c39b76e3b2c2bfe33755e2b
33d6973aca9ae676d34f8eb37c1582741a74f5fb20bdddc46c2df1aa83666685
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4666
Cache-Control: max-age=94806
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:57 GMT
Etag: "63c116d5-1d7"
Expires: Sun, 15 Jan 2023 09:49:03 GMT
Last-Modified: Fri, 13 Jan 2023 08:31:17 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 46505a833e63c008fa8bc11eac22d18b
4c13ee34298533240c39b76e3b2c2bfe33755e2b
33d6973aca9ae676d34f8eb37c1582741a74f5fb20bdddc46c2df1aa83666685
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4703
Cache-Control: max-age=94843
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:57 GMT
Etag: "63c116d5-1d7"
Expires: Sun, 15 Jan 2023 09:49:40 GMT
Last-Modified: Fri, 13 Jan 2023 08:31:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 392
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:57 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 46505a833e63c008fa8bc11eac22d18b
4c13ee34298533240c39b76e3b2c2bfe33755e2b
33d6973aca9ae676d34f8eb37c1582741a74f5fb20bdddc46c2df1aa83666685
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4666
Cache-Control: max-age=94806
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:57 GMT
Etag: "63c116d5-1d7"
Expires: Sun, 15 Jan 2023 09:49:03 GMT
Last-Modified: Fri, 13 Jan 2023 08:31:17 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
c2shb.pubgw.yahoo.com/bidRequest
52.28.203.152200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 52.28.203.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:57 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
52.28.203.152200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 52.28.203.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:57 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 977e8b760a0cf7463b0d752df7fcbc06
53ca59d879b9a11a30cab28b11f9ddaf5c707d41
572a2d857a3b010f2a2e3f3e100467f5851453419651ee1f81977824a71c3b73
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4889
Cache-Control: max-age=118040
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:57 GMT
Etag: "63c170b8-1d7"
Expires: Sun, 15 Jan 2023 16:16:17 GMT
Last-Modified: Fri, 13 Jan 2023 14:54:48 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
c2shb.pubgw.yahoo.com/bidRequest
52.28.203.152200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 52.28.203.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:57 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash b9ad3ddd1a1e32136f4d013874e61370
11ec210d81286b25030f6b7a1663010814798c7e
54287de2bac489ddd38d6f67c3ca6fbe7a85c557cc99d6be5bb354afe6aa9f18
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 07:28:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 10 Jan 2023 19:45:28 GMT
Expires: Tue, 17 Jan 2023 19:45:27 GMT
Etag: "11ec210d81286b25030f6b7a1663010814798c7e"
Cache-Control: max-age=302789,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7894a8693cb1b512-OSL
c2shb.pubgw.yahoo.com/bidRequest
52.28.203.152200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 52.28.203.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:57 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
52.28.203.152200 OK 66 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 52.28.203.152:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e4d8ea32800c0fc2b4839afb7df34316
14722bc50cd76a9e54a3fad2000a2cd14065f0ee
b2a6105c7dd9b161a5a51e2e3efb6e200bd43e27b23a26f24f1896e8c9f90e2e
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1251
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:57 GMT
content-type: application/json;charset=utf-8
content-length: 66
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
age: 0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e0504df44312ac2e4362e0d13517da52
12c7681b0fb82f0e1556750ad314d0454e524197
88611ff21e1a897eff69af874fdf97593bfba8c8a9957ba738654e1b950fb778
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 07:28:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 01:56:50 GMT
Expires: Sat, 21 Jan 2023 01:56:49 GMT
Etag: "12c7681b0fb82f0e1556750ad314d0454e524197"
Cache-Control: max-age=584270,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7894a86a6a01b4fd-OSL
flashnetic.com/r/p.html?f=ahigmah&e=1376561620077
54.230.111.77200 OK 2.7 kB URL HTTP/2 flashnetic.com/r/p.html?f=ahigmah&e=1376561620077
IP 54.230.111.77:0
File type HTML document, ASCII text, with CRLF line terminators
Hash fce83f5791a8289f69d9e2e199cd7b7f
39e09298de3062c75588583e265375696496a62e
bc7ad9a5f4fe9fdf769481e95c74361ca0bf9d890846bea0c81e8778a93868f6
GET /r/p.html?f=ahigmah&e=1376561620077 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: br
date: Sat, 14 Jan 2023 00:47:00 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WYoV7C4ajmGCW7BkiLmH1Ux-mvIgMFJGwE72JgPogOVLIlUZdVmJkA==
age: 24118
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
52.28.203.152200 OK 66 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 52.28.203.152:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b5e4e0b5fbac92f75b7ee122650645f5
52bee426116d3ed3741d81ee6995b9bc48feb8d6
0702e72dab8a3b174c9d6151d7dce25e3575185d3b6038c9992b453ac2a7be50
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1251
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:58 GMT
content-type: application/json;charset=utf-8
content-length: 66
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
age: 1
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
52.28.203.152200 OK 66 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 52.28.203.152:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2ef849d9b8bc77b5a20cee37cf5c65cc
5776163b213c33083cc73b8a7ffc5173d5f1833a
392b4ef53655f86a31eeeef7266dd4c45977388439bc76420304c10af1b647b0
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1248
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:58 GMT
content-type: application/json;charset=utf-8
content-length: 66
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
52.28.203.152200 OK 66 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 52.28.203.152:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6449be85141c18d47f98a62ad86fc6c6
e583a3f4ac5fe11e1371d8025bab2e0b35b9d366
4dbaf7e8aa1a5cd44f7f43f6c5660e069290c5697330f00662ec87f4a6151b0c
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1249
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:58 GMT
content-type: application/json;charset=utf-8
content-length: 66
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
age: 1
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=mvcuvgzw&e=1376561620077
54.230.111.77200 OK 2.5 kB URL HTTP/2 flashnetic.com/r/p.html?f=mvcuvgzw&e=1376561620077
IP 54.230.111.77:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 86362da8f6ffe390710d1fd1921696dc
4bcf971d3ae1f54afb977bdb7208f97f617aedc2
ba9e6202faa73c6428e1dbe6a7586a73a191fc5f122a8ce48a841f6c67c12c47
GET /r/p.html?f=mvcuvgzw&e=1376561620077 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: br
date: Sat, 14 Jan 2023 00:47:00 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OmgzKRsAZiZALE_zKv2DFITWmSdOWXji8e5whja2zxCevP3SBOA4SQ==
age: 24118
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
grid.bidswitch.net/hbjson
35.156.77.249200 OK 50 B URL HTTP/2 grid.bidswitch.net/hbjson
IP 35.156.77.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fb053d971e5c8d7c77a7160da9363d45
2ff0df825bda06cb949fb46505611f872800b092
2af533ea8c9a6af895b555525a1c9659ea168bad2190b0367e023b42a9f48a3c
POST /hbjson HTTP/1.1
Host: grid.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1123
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:58 GMT
content-type: application/json
content-length: 50
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4067
Expires: Sat, 14 Jan 2023 08:36:45 GMT
Date: Sat, 14 Jan 2023 07:28:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4067
Expires: Sat, 14 Jan 2023 08:36:45 GMT
Date: Sat, 14 Jan 2023 07:28:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4067
Expires: Sat, 14 Jan 2023 08:36:45 GMT
Date: Sat, 14 Jan 2023 07:28:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 256e39696ba05f2324bbc49b2a396115
e1cf8b15abd0a20eb1218be517c03459514a59e0
d576a66e6b39751bdbc7b662454d37866b75efef1aa51761daba61783d755bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D576A66E6B39751BDBC7B662454D37866B75EFEF1AA51761DABA61783D755BC9"
Last-Modified: Thu, 12 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4067
Expires: Sat, 14 Jan 2023 08:36:45 GMT
Date: Sat, 14 Jan 2023 07:28:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d24ea1f095f492934a1f1c63f5d8590c
dade37148c9b9a941f93a8535d8ddc5de3952623
2d8e3f90eb347eb3479a6c5d20a1c2ca6a0560f335a6c6800948db2640e4c878
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F917985a1-aa8d-4c0a-860c-0b16c203387e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8181
x-amzn-requestid: 7ada8fbd-58e6-4433-a532-b4a4ef93ac9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0paH-OIAMFg5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce3c-582529522dbb67ee728484f8;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AHjOmYxva5avyA3gt9DvYLas_B2ACimer5QRQOi919HDtSjnKq22lw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:36:45 GMT
age: 35533
etag: "dade37148c9b9a941f93a8535d8ddc5de3952623"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F750e055f-1243-4c70-87b9-582708543ae4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F750e055f-1243-4c70-87b9-582708543ae4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0da64df67061f18811c06143292c4d5c
866288df55737a8e66ea1c0d460f72e0c9367173
611b58debf4cf0425e401878ff8fcd06ed9551b638520711e146e23c8b34575d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F750e055f-1243-4c70-87b9-582708543ae4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10337
x-amzn-requestid: d76c1d2b-78b3-40fd-bf51-39151337ea0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etN87GJ3IAMFqqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1f6b8-21f54dee09a33f1e5cd20e79;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 00:26:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: PCN3LvHgc5rPRghKY4yGj9PD6jOHUj7eWz7Ir7L1wda7LLbmUgNO_Q==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 04:07:30 GMT
age: 12088
etag: "866288df55737a8e66ea1c0d460f72e0c9367173"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
go1.aniview.com/api/adserver/tag/?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f&AV_VIDEOURL=https%3A%2F%2Fstreaming.playstream.media%2Fstorage%2Fvideos%2F6ffc001c-8a14-49dc-9e6f-3cb4071f5112%2Findex.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&AV_CHANNELID=6278fd47e6b0901a49776895&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=earnme.club&AV_DADPOS=1&AV_TAG=62790805abc41c4450002684&AV_TEMPLATE=6278f4f0a7dd573d85421cad&d36=6.2.73&responsive=1&sver=4&avtoken=321225&omv=1.0.1&clsid=487b6a98-2147-4c63-a30e-913b7a12eacb&rando=73&AV_WIDTH=640&AV_HEIGHT=361&AV_DNT=0&cb=1673681321231&wfc=1
34.233.111.211200 OK 7.0 kB URL HTTP/2 go1.aniview.com/api/adserver/tag/?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f&AV_VIDEOURL=https%3A%2F%2Fstreaming.playstream.media%2Fstorage%2Fvideos%2F6ffc001c-8a14-49dc-9e6f-3cb4071f5112%2Findex.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&AV_CHANNELID=6278fd47e6b0901a49776895&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=earnme.club&AV_DADPOS=1&AV_TAG=62790805abc41c4450002684&AV_TEMPLATE=6278f4f0a7dd573d85421cad&d36=6.2.73&responsive=1&sver=4&avtoken=321225&omv=1.0.1&clsid=487b6a98-2147-4c63-a30e-913b7a12eacb&rando=73&AV_WIDTH=640&AV_HEIGHT=361&AV_DNT=0&cb=1673681321231&wfc=1
IP 34.233.111.211:0
Hash 139f766fd15c1c0af6c5013cd55af9c8
340c7f4c0af6a8bca5ce6accb65fba7ff55c68c5
933f794179a3574b9c101915c174c3d63e57b19661d4b18132d1813e6bc0c042
GET /api/adserver/tag/?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f&AV_VIDEOURL=https%3A%2F%2Fstreaming.playstream.media%2Fstorage%2Fvideos%2F6ffc001c-8a14-49dc-9e6f-3cb4071f5112%2Findex.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&AV_CHANNELID=6278fd47e6b0901a49776895&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=earnme.club&AV_DADPOS=1&AV_TAG=62790805abc41c4450002684&AV_TEMPLATE=6278f4f0a7dd573d85421cad&d36=6.2.73&responsive=1&sver=4&avtoken=321225&omv=1.0.1&clsid=487b6a98-2147-4c63-a30e-913b7a12eacb&rando=73&AV_WIDTH=640&AV_HEIGHT=361&AV_DNT=0&cb=1673681321231&wfc=1 HTTP/1.1
Host: go1.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:57 GMT
content-type: application/json
vary: Accept-Encoding
set-cookie: aniC=1673681337925-933275861637-008655-010-006409; Expires=Fri, 03-Feb-23 07:28:57 GMT; Max-Age=1728000; Domain=aniview.com; Path=/; Secure; HttpOnly; SameSite=None
aniC=; Expires=Fri, 03-Feb-23 07:28:57 GMT; Max-Age=1728000; Domain=aniview.com; Path=/; Secure; HttpOnly; SameSite=None
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
expires: Mon, 02 Jan 2023 17:42:17 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JRzc2Mcl4EasyH6_1kFh7sr-57f1HNDu-YN8YptDe_kcTET9x8P9LA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 14:03:21 GMT
age: 62737
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44dfed94-1e38-4105-8fc7-5ab0ae001cdd.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44dfed94-1e38-4105-8fc7-5ab0ae001cdd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6df192c1053dbe9de29f29608e76dabe
b4a13de14cfeca5113726f4e08cf25285bcc35c8
c55be5facddfb5d5e3147ec009300761b1e60ac8c8f2ec066c9c91ef4832a02a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44dfed94-1e38-4105-8fc7-5ab0ae001cdd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7466
x-amzn-requestid: 9c471b0d-4db5-4571-9913-0c372594a239
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: enAczGcZoAMFZ0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bf7ab8-249769bd788217df7c2b35d6;Sampled=0
x-amzn-remapped-date: Thu, 12 Jan 2023 03:12:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wVx0mfwLJHF2SuJ1IXeMa147-LKz97Yb1BBte9P1o3-tu_9yI5Fv9w==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 03:32:03 GMT
age: 14215
etag: "b4a13de14cfeca5113726f4e08cf25285bcc35c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5201aa-c0a6-43a3-b371-9091b021b171.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5201aa-c0a6-43a3-b371-9091b021b171.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6f9fd45fe3dfe1bc0ee610925c385d
4ab08950008a4ab0a52091bb6f186c12814276e9
3dab6a58e53155e44117fbd9d40c4f38a7586efe1e69db1a064d2bbc5bbf185a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab5201aa-c0a6-43a3-b371-9091b021b171.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8681
x-amzn-requestid: 1060e7e7-3864-4ce5-b0aa-cfe24bb1a21a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: es0qdGvqoAMF57g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c1ce42-3cf8e4535d417e6f5142f23d;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 21:33:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fn6fJcMooAv0V8MKuIM5EMGIEBijeoPBv5VWPtEz0j7LbfLoWw_soA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 13 Jan 2023 21:49:01 GMT
age: 34797
etag: "4ab08950008a4ab0a52091bb6f186c12814276e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=81fa6524-ba19-4759-be75-71f7c9928ecd&u=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&h=earnme.club&ref=https%3A%2F%2Fwww.google.com%2F
3.234.22.15200 OK 155 B URL HTTP/2 p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=81fa6524-ba19-4759-be75-71f7c9928ecd&u=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&h=earnme.club&ref=https%3A%2F%2Fwww.google.com%2F
IP 3.234.22.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash cffcf0f3edffa6582a161759c6bc3b34
bfcbe1ef9bbd2912fdb99cb2786b60e78d4dd74a
fb66d3423090074c9afca882dc52ac08a6048c0207d5daaffba9654f5cfffe85
GET /v2/sync?pid=Q6CV1VBC&uid=81fa6524-ba19-4759-be75-71f7c9928ecd&u=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&h=earnme.club&ref=https%3A%2F%2Fwww.google.com%2F HTTP/1.1
Host: p2.gcprivacy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:58 GMT
content-type: application/json
content-length: 155
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
access-control-allow-methods: GET
access-control-allow-origin: https://earnme.club
access-control-max-age: 86400
set-cookie: gcid=6c03127b-80b6-4f5d-be7c-e61d0e42f5fa;Expires=Fri, 14 Apr 2023 07:28:58 UTC; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
secure.gravatar.com/avatar/ce2e698c2ff496a6f5158d5390376c88?s=40&d=mm&r=g
192.0.73.2200 OK 983 B URL HTTP/2 secure.gravatar.com/avatar/ce2e698c2ff496a6f5158d5390376c88?s=40&d=mm&r=g
IP 192.0.73.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 40x40, components 3\012- data
Hash 75dfb23da6e6730d066e698773b3fd45
3b45961e6fcf7708b89f59d28b18edc96a641016
ca775cd8ab837239f9497e8afe90403d78cb37581c0adfe4003012d24bea020e
GET /avatar/ce2e698c2ff496a6f5158d5390376c88?s=40&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:28:58 GMT
content-type: image/jpeg
content-length: 983
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://www.gravatar.com/avatar/ce2e698c2ff496a6f5158d5390376c88?s=40&d=mm&r=g>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="ce2e698c2ff496a6f5158d5390376c88.png"
expires: Sat, 14 Jan 2023 07:33:58 GMT
cache-control: max-age=300
x-nc: HIT arn 4
accept-ranges: bytes
X-Firefox-Spdy: h2
c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fearnme.club&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
143.204.46.73200 OK 2.0 kB URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fearnme.club&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
IP 143.204.46.73:0
File type JSON data\012- , ASCII text, with very long lines (1960), with no line terminators
Hash 17bc5a6a6cd052ec3cb6afca08829022
f9e8354a014c00fea4507744fd03e14150eed35a
ae48e1202874ebd04205306f97593913e40592e5996faeaca4d7f1cbde36e688
GET /cdn/prod/config?src=600&u=https%3A%2F%2Fearnme.club&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
content-length: 1960
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Sat, 14 Jan 2023 07:28:58 GMT
server: Server
x-cache: Miss from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iMANXXOOYDGeC9GP3SG_Elz5v_zSayUyI4bOns-4qfgN39lSDL0PvQ==
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/pwt/157742/7600
2.18.172.200301 Moved Permanently 261 B URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/157742/7600
IP 2.18.172.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 062136e3a621e033fe962c1b279eec4c
d38b6ab78d6b6ccf1cc926379e426c9780c90eb2
c0ab28cf312ba7e04fdeabf8173ca9e1809281aa9fde276981842e71020c2c41
GET /AdServer/js/pwt/157742/7600 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: Apache
location: https://ads.pubmatic.com/AdServer/js/pwt/157742/7600/
content-length: 261
content-type: text/html; charset=iso-8859-1
cache-control: max-age=96630
expires: Sun, 15 Jan 2023 10:19:28 GMT
date: Sat, 14 Jan 2023 07:28:58 GMT
X-Firefox-Spdy: h2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=wyBKGDRc3A2Kc&cb=0&ws=1280x939&v=23.105.2110&t=2000&slots=%5B%7B%22sd%22%3A%220937ab0c-6f06-4d58-ae7a-910f65bf2ed8%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_1%22%7D%2C%7B%22sd%22%3A%22b45f1aa5-7f06-44fb-a71c-4d683bcd82d2%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_2%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
54.230.241.131200 OK 191 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=wyBKGDRc3A2Kc&cb=0&ws=1280x939&v=23.105.2110&t=2000&slots=%5B%7B%22sd%22%3A%220937ab0c-6f06-4d58-ae7a-910f65bf2ed8%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_1%22%7D%2C%7B%22sd%22%3A%22b45f1aa5-7f06-44fb-a71c-4d683bcd82d2%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_2%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
IP 54.230.241.131:0
File type ASCII text, with no line terminators
Hash e052ef4180ff6374cab02385a283f8d1
5ede963598254d47659db157c28156b428f1f615
c78544693548249dd7d9e907618f4710f09b6366af5b482bc05e2453b9086a15
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=wyBKGDRc3A2Kc&cb=0&ws=1280x939&v=23.105.2110&t=2000&slots=%5B%7B%22sd%22%3A%220937ab0c-6f06-4d58-ae7a-910f65bf2ed8%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_1%22%7D%2C%7B%22sd%22%3A%22b45f1aa5-7f06-44fb-a71c-4d683bcd82d2%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_2%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 191
server: Server
date: Sat, 14 Jan 2023 07:28:58 GMT
x-amz-rid: X9GZTAHWJK7DMXT195ED
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GyubBsFzQGZiQwDk3ZzpPk_19l-IjFqh-_HgSKhU7oPL6UQEK16_kw==
X-Firefox-Spdy: h2
track1.aniview.com/track?d=Firefox&cou=NO&cos=Windows&r=earnme.club&rs=earnme.club&sid=54195&t=1673681337&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=&d64=ef4d2f1a6a5fbcb3fd68b58380f58481&d63=ef4d2f1a6a5fbcb3fd68b58380f58481&aafaid=&proto=https&uid=1673681337925-933275861637-008655-010-006409&cha=0.7&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.73&cb=30332209821&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361&&ppid=62176a72a06fe80ba569d18f&nid=5e7b9048180bd02ded4b0937&pcid=6278fd47e6b0901a49776895&ncid=627a0e8f76eb182bd8758ee8&pasid=627a0ec5d3a48b4af3605f6c&e=request&cb=1673681322111&asid=63a987aaf31103e0780c6cb4%2C63a987c1780a4b73f009af75%2C62a9a26be8c62b7a753672a4%2C62fcc8551f0d537b70642b47%2C63720057d528eb2645079ab5%2C6332ef55cd0fcf1ceb506cc4%2C63be7ffa5d8c2fe0ed0149ab%2C62a9a257b1f7be14705f5586%2C62a9a3044f8b3f11bf3a5058%2C63be800fceff40770704ac05%2C62a9a2daf85a765d16158238&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1
18.205.57.11200 OK 0 B URL HTTP/2 track1.aniview.com/track?d=Firefox&cou=NO&cos=Windows&r=earnme.club&rs=earnme.club&sid=54195&t=1673681337&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=&d64=ef4d2f1a6a5fbcb3fd68b58380f58481&d63=ef4d2f1a6a5fbcb3fd68b58380f58481&aafaid=&proto=https&uid=1673681337925-933275861637-008655-010-006409&cha=0.7&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.73&cb=30332209821&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361&&ppid=62176a72a06fe80ba569d18f&nid=5e7b9048180bd02ded4b0937&pcid=6278fd47e6b0901a49776895&ncid=627a0e8f76eb182bd8758ee8&pasid=627a0ec5d3a48b4af3605f6c&e=request&cb=1673681322111&asid=63a987aaf31103e0780c6cb4%2C63a987c1780a4b73f009af75%2C62a9a26be8c62b7a753672a4%2C62fcc8551f0d537b70642b47%2C63720057d528eb2645079ab5%2C6332ef55cd0fcf1ceb506cc4%2C63be7ffa5d8c2fe0ed0149ab%2C62a9a257b1f7be14705f5586%2C62a9a3044f8b3f11bf3a5058%2C63be800fceff40770704ac05%2C62a9a2daf85a765d16158238&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1
IP 18.205.57.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track?d=Firefox&cou=NO&cos=Windows&r=earnme.club&rs=earnme.club&sid=54195&t=1673681337&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=&d64=ef4d2f1a6a5fbcb3fd68b58380f58481&d63=ef4d2f1a6a5fbcb3fd68b58380f58481&aafaid=&proto=https&uid=1673681337925-933275861637-008655-010-006409&cha=0.7&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.73&cb=30332209821&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361&&ppid=62176a72a06fe80ba569d18f&nid=5e7b9048180bd02ded4b0937&pcid=6278fd47e6b0901a49776895&ncid=627a0e8f76eb182bd8758ee8&pasid=627a0ec5d3a48b4af3605f6c&e=request&cb=1673681322111&asid=63a987aaf31103e0780c6cb4%2C63a987c1780a4b73f009af75%2C62a9a26be8c62b7a753672a4%2C62fcc8551f0d537b70642b47%2C63720057d528eb2645079ab5%2C6332ef55cd0fcf1ceb506cc4%2C63be7ffa5d8c2fe0ed0149ab%2C62a9a257b1f7be14705f5586%2C62a9a3044f8b3f11bf3a5058%2C63be800fceff40770704ac05%2C62a9a2daf85a765d16158238&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1 HTTP/1.1
Host: track1.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Cookie: aniC=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:58 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f96f3b88eebd362c0208a60d27e28068
f244f8dfbc2677fbddcf0024ff7cf343e24205bb
9b3586a498232da2b246b2bd158d7fd75eb9b4ac00ed750bbe670f1b54fe0f2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 815f1a1e0adac55b38019d2af17b9bbe
6e04467e75f83b4a692cf6716b5b564274a487c7
6d8326d418f56d57221790353c7b220088d63c133901e0b500accb5e420811db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/fXs_L39cqkM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/fXs_L39cqkM
IP 142.250.74.131:0
Hash 952a81cf5926bb1e795efd2ba49e5751
a6cf238e1802008778f634f9b841d4100e786f99
46438a2e0cf9fe805a51e501ce27154892025f073d9ff96aec107fd1b9a680be
POST /s/gts1d4/fXs_L39cqkM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=earnme.club
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=earnme.club
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=earnme.club HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 14 Jan 2023 07:28:58 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=earnme.club
172.217.21.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=earnme.club
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=earnme.club HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 14 Jan 2023 07:28:58 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
184.24.45.54200 OK 56 B URL HTTP/1.1 at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
IP 184.24.45.54:0
File type ASCII text, with no line terminators
Hash e54f9e4429376f974ec09464a589f20e
5db134af6e904408e6c2d223fcbab7f3efa92fe5
a12afda72fbed12346a69ea5380cc6eb86b580fe0d8be08d5f61d64401358ee9
GET /fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1 HTTP/1.1
Host: at.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
Content-Length: 56
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://earnme.club
Expires: Sat, 14 Jan 2023 07:28:58 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 14 Jan 2023 07:28:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c8daa9414759dd15f9f7f4dd90dc3d86
013c000b3d2485985a0113b7305568f97d871c3e
c096ccbc68e28203b6f7592d67d8b7fb058dd295772b1dce49364933a2bb22fb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C096CCBC68E28203B6F7592D67D8B7FB058DD295772B1DCE49364933A2BB22FB"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20512
Expires: Sat, 14 Jan 2023 13:10:50 GMT
Date: Sat, 14 Jan 2023 07:28:58 GMT
Connection: keep-alive
adservice.google.no/adsid/integrator.js?domain=earnme.club
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=earnme.club
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=earnme.club HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 14 Jan 2023 07:28:58 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=earnme.club
172.217.21.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=earnme.club
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=earnme.club HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 14 Jan 2023 07:28:58 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
id5-sync.com/api/config/prebid
141.95.33.111200 135 B URL HTTP/1.1 id5-sync.com/api/config/prebid
IP 141.95.33.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4eb43de05ae4ccf9197d91167f082dae
d6cd93e31f2d6bcbf9aae42e82680950a1c9ea6f
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
POST /api/config/prebid HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 121
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sat, 14 Jan 2023 07:28:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f96f3b88eebd362c0208a60d27e28068
f244f8dfbc2677fbddcf0024ff7cf343e24205bb
9b3586a498232da2b246b2bd158d7fd75eb9b4ac00ed750bbe670f1b54fe0f2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&src=pbjs&ver=7.28.0
35.244.193.51200 OK 49 B URL HTTP/2 lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&src=pbjs&ver=7.28.0
IP 35.244.193.51:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c466bd434db29cf02793f8522fde5f3a
f39a01bb0264479dbe9a4bfb0b80ae0b3b0e8154
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
GET /v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0&src=pbjs&ver=7.28.0 HTTP/1.1
Host: lexicon.33across.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: origin
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
cache-control: private, must-revalidate, max-age=28800
content-type: application/json
content-length: 49
date: Sat, 14 Jan 2023 07:28:58 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/fXs_L39cqkM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/fXs_L39cqkM
IP 142.250.74.131:0
Hash 952a81cf5926bb1e795efd2ba49e5751
a6cf238e1802008778f634f9b841d4100e786f99
46438a2e0cf9fe805a51e501ce27154892025f073d9ff96aec107fd1b9a680be
POST /s/gts1d4/fXs_L39cqkM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 324bf188133a2717da4badc9a392357e
749f05fc6f5c8653720f91592cf09e4d596441e3
8409a2877ba212cb7fac0a76ffe4ba7cc8af2689dc08da3bc0101c54b9803144
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 14 Jan 2023 07:28:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 13 Jan 2023 22:44:09 GMT
Expires: Sat, 14 Jan 2023 22:44:09 GMT
ETag: "749f05fc6f5c8653720f91592cf09e4d596441e3"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
tra.neodatagroup.com/pv?sid=2033&rnd=1232559539958&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&ids=81fa6524-ba19-4759-be75-71f7c9928ecd;pubcid;PublisherCommonId&pbs=true
20.73.234.141302 0 B URL HTTP/1.1 tra.neodatagroup.com/pv?sid=2033&rnd=1232559539958&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&ids=81fa6524-ba19-4759-be75-71f7c9928ecd;pubcid;PublisherCommonId&pbs=true
IP 20.73.234.141:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv?sid=2033&rnd=1232559539958&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&ids=81fa6524-ba19-4759-be75-71f7c9928ecd;pubcid;PublisherCommonId&pbs=true HTTP/1.1
Host: tra.neodatagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Sat, 14 Jan 2023 07:28:58 GMT
Content-Type: text/richtext;charset=UTF-8
Content-Length: 0
Connection: keep-alive
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
Access-Control-Allow-Origin: *
Set-Cookie: cProfile=AQMLXl0DrAWQAAAAAAAEAAABhcPH8dYAB2RlZmF1bHQ=; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Sun, 29 Jan 2023 07:28:58 GMT;
Location: /pv?sid=2033&rnd=1232559539958&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&ids=81fa6524-ba19-4759-be75-71f7c9928ecd;pubcid;PublisherCommonId&pbs=true&neoid=30b5e5d03ac0590
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 2e362a616ffb4979967ac7500a26639c
158408b3c7d9476e6bc7641d66db9f0f6ed1b045
81f889240db5cee753c8d81203445903754c6ebb216c1128dc9bc60cd29afd73
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 14 Jan 2023 07:28:58 GMT
Last-Modified: Sat, 14 Jan 2023 06:23:29 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G0otEmkZn4EvHmLfSRzED_oiSBfgxhgTBPwAfTJoAW3jsccV2X_8WQ==
Age: 3929
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011205&st=env
142.250.74.34200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011205&st=env
IP 142.250.74.34:0
File type JSON data\012- , ASCII text, with very long lines (14538), with no line terminators
Hash e99e0131aa1a81a1a3b96774d5094185
7da5c9435899bf2870751ef30bfe0cbebb072845
aaf9039ed26a22f1f86b022f6c8a3aabb0fcc5aebaa5ed2dfd256484bf4227b4
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023011205&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sat, 14 Jan 2023 07:28:58 GMT
server: cafe
content-length: 10975
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
id.crwdcntrl.net/id
52.48.35.78200 OK 43 B IP 52.48.35.78:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 90eeff5111bbbdce769d4130cc3cca3c
d62886c1a85d51814cb7f124761c5e6aca6d8933
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
GET /id HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:58 GMT
content-type: application/json;charset=utf-8
content-length: 43
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.11.3
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 74ae345962904f836bad1697fa6b2944
dfcad9841d71a992b031eebf087329b64bf06c78
2cdc1f07b0e21e0b57a0d7d7ddcfd7bdb79979b7c123512556356c973c4f12be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CDC1F07B0E21E0B57A0D7D7DDCFD7BDB79979B7C123512556356C973C4F12BE"
Last-Modified: Wed, 11 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3264
Expires: Sat, 14 Jan 2023 08:23:22 GMT
Date: Sat, 14 Jan 2023 07:28:58 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash bd1827f425fa89be7c21b7af7240f77d
bf037796abdb0f85a5c994b149b725e899da356d
c13e6fc9bde6243a03616255880ee3c42a13052eb8df12dc9693e1d4f7b7913c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 07:28:58 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 11 Jan 2023 13:42:57 GMT
Expires: Wed, 18 Jan 2023 13:42:56 GMT
Etag: "bf037796abdb0f85a5c994b149b725e899da356d"
Cache-Control: max-age=367437,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7894a86e4923b512-OSL
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 659eec6053625c6661493da85c2855cb
f7cef848f0e9d820e4f4fea96e7099d7e697ab9b
89409a1676f8889bf1f9ce9aa931f114c7454ed5dcc58f89a64915df89bf8e6b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3243
Cache-Control: max-age=111692
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:58 GMT
Etag: "63c15e5b-139"
Expires: Sun, 15 Jan 2023 14:30:30 GMT
Last-Modified: Fri, 13 Jan 2023 13:36:27 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
326bad74d7e3b4018992a059493be094.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
172.217.21.161200 OK 2.7 kB URL HTTP/2 326bad74d7e3b4018992a059493be094.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: 326bad74d7e3b4018992a059493be094.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Sat, 14 Jan 2023 07:28:58 GMT
expires: Sun, 14 Jan 2024 07:28:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lb.eu-1-id5-sync.com/lb/v1
162.19.138.120200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 162.19.138.120:0
File type JSON data\012- , ASCII text, with no line terminators
Hash de6bd6c93ac57f6c093478e8a49f50e5
321daad7000487b94d9aaa8aee1c9843f6603217
c6dd8bbcd080ebaf6e4dc217eb420835ce522a970d8ddd5692e6defef7073755
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sat, 14 Jan 2023 07:28:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
idx.liadm.com/idex/prebid/any?resolve=nonId
34.231.246.225200 OK 50 B URL HTTP/2 idx.liadm.com/idex/prebid/any?resolve=nonId
IP 34.231.246.225:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e3a38ccec56d96697cc49610ecd1c7be
f817afd28b6b9222bcf3470756d66d32a1be438a
d656cfefcb59088d5a22b35dec0095961eedb82806c8031f6fd39fae0fb7804d
GET /idex/prebid/any?resolve=nonId HTTP/1.1
Host: idx.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:58 GMT
content-type: application/json
content-length: 50
trace-id: 67e78ae964aa51b4
vary: Origin
expires: Sun, 15 Jan 2023 07:28:58 GMT
set-cookie: lidid=c862f443-b423-440e-b772-ba5b1a4d0b6f; Max-Age=63072000; Expires=Mon, 13 Jan 2025 07:28:58 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
request-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1
178.250.0.157200 OK 401 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (487), with no line terminators
Hash 09a140b2e9fbfd370e112ebd47d71730
52c7a3b8b7faacf187a3d57872b80bcf1d69d5ee
5f0cb08c48913a20447f08e20937c459330c57fd9ae3242c79d8ae6c20c6d9b7
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:58 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://earnme.club
server-processing-duration-in-ticks: 1342337
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash bd1827f425fa89be7c21b7af7240f77d
bf037796abdb0f85a5c994b149b725e899da356d
c13e6fc9bde6243a03616255880ee3c42a13052eb8df12dc9693e1d4f7b7913c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 07:28:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 11 Jan 2023 13:42:57 GMT
Expires: Wed, 18 Jan 2023 13:42:56 GMT
Etag: "bf037796abdb0f85a5c994b149b725e899da356d"
Cache-Control: max-age=367436,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7894a870ebf3b512-OSL
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011205&st=env
142.250.74.34200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011205&st=env
IP 142.250.74.34:0
File type JSON data\012- , ASCII text, with very long lines (14614), with no line terminators
Hash 0164364d7f8068880264b7876911ec87
61cd5b4222b4754455026ae10ec2b178290656ad
5ebfea5fb25a0836d2e9c384a5dbeab8eec3a060afc981df038cfe4ae52dbfa4
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023011205&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sat, 14 Jan 2023 07:28:59 GMT
server: cafe
content-length: 11029
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=1232559539958
142.250.74.162302 Found 338 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=1232559539958
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 98b1cdd43ebe2d831d52b881001d514a
eb190349d593e61a7e4d8f1f8e359d6afe9617cf
a8d6ead8ed6f9d7501563b20c1e09f06010a42a0ea3cba3a9dc4851fca8b2a9d
GET /pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=1232559539958 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm=&pv=dbm&sid=1&rt=img&rnd=1232559539958&google_tc=
date: Sat, 14 Jan 2023 07:28:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 338
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 14-Jan-2023 07:43:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/id5-api.js
104.22.52.86200 OK 19 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP 104.22.52.86:0
Hash bc684eb70628e58d13b21d3b8da7780f
0b2475022a79f9ba905c4ecdd932a648db0248c8
b8327cc792f0dce91cf1344dad9bf4e6ae9c78f0374122ebc5f74452b96b4b3e
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: XA0Xcb9PtCWzlolHa2vPg4nTx4VoCXMvA5uHcJO0xOfC14c6yuHkYE/5KbbzOyylMzBoIGEj/bg=
x-amz-request-id: ZZGCY2GTHYQWTE2M
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
etag: W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 1528
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7894a8718d6fb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ada63762075e5651538a7488c1892793
d443662e6a558c67937b5582c7a53606477d9f57
6d66c972497029fe99022d6ff9b567e67b6b4d4dce33951a34ba7bcd2f79efdf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
imasdk.googleapis.com/js/sdkloader/ima3.js
142.250.74.74200 OK 126 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (2791)
Size 126 kB (125837 bytes)
Hash d41f9eb373f6d389916d2354e8106f45
92822b81e8af2d74ff91b05dc563155584696144
6a7265e29c29d383677a1a779b58337c684fd85847d7106a1ac46b91eef6ee69
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 125837
date: Sat, 14 Jan 2023 07:28:59 GMT
expires: Sat, 14 Jan 2023 07:28:59 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tags.crwdcntrl.net/lt/c/16576/sync.min.js
54.230.111.94200 OK 16 kB URL HTTP/2 tags.crwdcntrl.net/lt/c/16576/sync.min.js
IP 54.230.111.94:0
File type ASCII text, with very long lines (32494)
Hash 861324776587e85d94d4f34e0408a783
8715386db088f06b7505eecbc566bea5bfedc56d
72ddc85cb3a543700e05f961cf7ba59951f73107a4b95836b13f0e412ce61f37
GET /lt/c/16576/sync.min.js HTTP/1.1
Host: tags.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 13 Jan 2023 08:18:13 GMT
cache-control: max-age: 86400
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NPA2WkhYYi6OI5uAmAC1x3yJC7PLQL6licYhaR_9GdpjA1fsNvXwvA==
age: 83447
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=20840902735&lsavail=0
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=20840902735&lsavail=0
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=20840902735&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:59 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9c434e08adcb66f72936696ab2eaecee
d2bea9de81603f3c9692f9fa11a96804e060b080
07b54ded283d43d81e2cb9da1ea80d814e37b611c06d0ecbab8fb91a12d4e8f7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 644
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 07:28:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 64c933ca-fe34-40cd-8ee2-9f0e80833ed5
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMLuziZ4GOAFAAUgBELuziZ4GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=5122681223230118434; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e9a27ccfaf88852540978fe6cb6ecb14
81f31673ea2c21376e099ba2d7f2f2485908e708
f976fabe09ebc30d0759de0596e1d0626fd8b2b5a98e0fd8b4167439e17888ae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6321
Cache-Control: max-age=152942
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:59 GMT
Etag: "63c1f378-117"
Expires: Mon, 16 Jan 2023 01:58:01 GMT
Last-Modified: Sat, 14 Jan 2023 00:12:40 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 491
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
id5-sync.com/g/v2/579.json
141.95.33.111200 216 B URL HTTP/1.1 id5-sync.com/g/v2/579.json
IP 141.95.33.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9ba6fee5bb53a2e7c3245f42ed1c96a0
074ae742fa0f4eed8f62936516c30686fc307e75
1835e1fe4231632a8b54a0bd896e4706c99888ba8bba752e7921059a18731b54
POST /g/v2/579.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 291
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sat, 14 Jan 2023 07:28:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e9a27ccfaf88852540978fe6cb6ecb14
81f31673ea2c21376e099ba2d7f2f2485908e708
f976fabe09ebc30d0759de0596e1d0626fd8b2b5a98e0fd8b4167439e17888ae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6523
Cache-Control: max-age=153144
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:28:59 GMT
Etag: "63c1f378-117"
Expires: Mon, 16 Jan 2023 02:01:23 GMT
Last-Modified: Sat, 14 Jan 2023 00:12:40 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:58 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=99260480852&lsavail=0
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=99260480852&lsavail=0
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=99260480852&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:59 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 490
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 146 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99a54961ce59c986b4bbb81f6a6e2218
9ac13b455eac6b764d25a1547c14c3e50fed9020
1f639a94d0d07a6d108c455d5d0c9dba7cc29b50839ebe883c28c5dc2bdeb518
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 645
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 07:28:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 146
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 215d1add-1410-472c-a95b-6888d6972bd7
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMLuziZ4GOAFAAUgBELuziZ4GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=4628361963758566860; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322253&tk_flint=pbjs_lite_v7.19.0&x_source.tid=82738913-5771-4388-9af6-88592c4331c5&l_pb_bid_id=27bda34b07c94c8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4540165705097077
69.173.144.140200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322253&tk_flint=pbjs_lite_v7.19.0&x_source.tid=82738913-5771-4388-9af6-88592c4331c5&l_pb_bid_id=27bda34b07c94c8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4540165705097077
IP 69.173.144.140:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash f474233be5d3ff6529fc1a3a836ed455
d811b3f380d04431e30fbb17be3743f12266cfe4
9ab9dabb8adf089fffd33929f41e4b8a609b3d9709932f38633679b8a3a3c49a
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322253&tk_flint=pbjs_lite_v7.19.0&x_source.tid=82738913-5771-4388-9af6-88592c4331c5&l_pb_bid_id=27bda34b07c94c8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4540165705097077 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCVMNMK7-1R-BZA8; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:59 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB3rUbUHArBH4O9DtVM30fCgLyeqvALYT7kYAVC2sSLJjXvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:59 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 678 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1317), with no line terminators
Hash bf16051d78d7b78e8b2536d1a20bbde5
69ab1fe894a9a0c1fe58afa4e1df0603d99f3812
487c459ea34b252aa2236eaf3dd2e88f2924501b7b6c0b2bb63b13ce307a9170
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:58 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
vs=525642=5278048; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
pid=1646842602321862734; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638092781393973075&o=1; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8994e28cf81f7d152aaa79689a075cad
6b1a4e1ef96a195320f8ad7385f4a7e394f7afcc
84646142db6ce609f0b634d04e284abf087926a7ac0de0d729c05a8274d72baa
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 642
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 07:28:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: b337e47f-0a6e-4a61-8df5-966722addee1
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMLuziZ4GOAFAAUgBELuziZ4GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=1399545110538387179; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 491
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 354
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=88839207722&lsavail=0
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=88839207722&lsavail=0
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=88839207722&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:58 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322260&tk_flint=pbjs_lite_v7.19.0&x_source.tid=9a95f22c-d31b-4977-8334-9b0c8630e0fb&l_pb_bid_id=12f0d93a2fcff388&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08140076979212285
69.173.144.140200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322260&tk_flint=pbjs_lite_v7.19.0&x_source.tid=9a95f22c-d31b-4977-8334-9b0c8630e0fb&l_pb_bid_id=12f0d93a2fcff388&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08140076979212285
IP 69.173.144.140:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 37de21713a18249a2b21866e6e85b1da
824329523828b23aa2a9329d17dd3a8c5d0d78ef
600d6c1115f508d200a42049d57f1df9eec55f7161d28b5a84e30630718a83a3
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322260&tk_flint=pbjs_lite_v7.19.0&x_source.tid=9a95f22c-d31b-4977-8334-9b0c8630e0fb&l_pb_bid_id=12f0d93a2fcff388&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08140076979212285 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCVMNMM1-17-8ALP; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:59 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB3m5yzBibbufO9DtVM30fCgLyeqvALYT7kYAVC2sSLJjXvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:59 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
cloudflare.com/cdn-cgi/trace
104.16.133.229200 OK 12 kB URL HTTP/2 cloudflare.com/cdn-cgi/trace
IP 104.16.133.229:0
Hash 071d7afc59aab80af171804dc8102001
afd68cc07b8c2bbe2c47ef8372bc18f3edd9d49b
f2401e3724fc695fead426f01d54fe03bce5a75682bf453c801e31f95251bbb3
GET /cdn-cgi/trace HTTP/1.1
Host: cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:56 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 7894a8632f61b512-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f78172c597371cd1fbd7b367956c5e0c
95fb029b9e02537fe39c34cde13d9e4c4144d565
38bf42b77ff75c4ac6262e0d6662b1dd09d94c2d3236f43d7fc4df3bc97b1ede
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 643
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 07:28:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: dfed0fe7-6a3c-42ea-95a7-b140e7d0e84a
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMLuziZ4GOAFAAUgBELuziZ4GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=9200936584964385556; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=25789859442&lsavail=0
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=25789859442&lsavail=0
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=25789859442&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:59 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322264&tk_flint=pbjs_lite_v7.19.0&x_source.tid=bc2ee190-f05b-4a80-8227-49aa7c2f51f6&l_pb_bid_id=8f2c8b9a2e21c6&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.31505292557058007
69.173.144.140200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322264&tk_flint=pbjs_lite_v7.19.0&x_source.tid=bc2ee190-f05b-4a80-8227-49aa7c2f51f6&l_pb_bid_id=8f2c8b9a2e21c6&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.31505292557058007
IP 69.173.144.140:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash d7211e48a61fa393d09e913b9f6fc99d
586982728c2664bc88c61ef67a66abfc22bc29ca
ded84db56a42619e8c7230765e865926a185f954facfbf19141bd38976042b6d
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322264&tk_flint=pbjs_lite_v7.19.0&x_source.tid=bc2ee190-f05b-4a80-8227-49aa7c2f51f6&l_pb_bid_id=8f2c8b9a2e21c6&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.31505292557058007 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCVMNMNE-K-57V7; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:59 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB3wYtkblKc9Hu9DtVM30fCgLyeqvALYT7kYAVC2sSLJjXvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:59 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 490
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 491 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1011), with no line terminators
Hash 0ea52667459950547a613fbfc1ccf0c2
5f64ccaca16f17bfdc8c8345fd1d882bbf44b325
1eff6c779fd8deb9406827bae03da98cbcec03af5716a94d253ac84c3add9cfb
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:58 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
vs=555020=5278048; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
pid=8606349781320589391; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638092781395798791&o=1; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3b653577dfe90c8de3bff9620ed1768c
a20ae0cf4ef24cbf59dfb8e3f228259605e51707
747ed187b4e0758e3e3cb930b05d35586556306885af8e1f7589e8e84b87dd1c
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 641
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 07:28:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: c1690b34-cf58-4748-acec-f15fea334a2f
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMLuziZ4GOAFAAUgBELuziZ4GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=5297145859291746723; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=95770720117&lsavail=0
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=95770720117&lsavail=0
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=95770720117&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:59 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 490
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:58 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 527 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1081), with no line terminators
Hash d809c1839a8abf0bc03d5d8d46486254
ecf8e29b1fcfdcf2137684977cf04a9a10b0b70c
670bb6b249ae5670e5ec9636665feead3c14d269a22f58a3c64cc99eb152d664
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 352
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
vs=525642=5278048; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
pid=3146694350870667511; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638092781395741205&o=1; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
8122474ccf646753316ec4e4f7eff1fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
172.217.21.161200 OK 565 B URL HTTP/2 8122474ccf646753316ec4e4f7eff1fd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
IP 172.217.21.161:0
File type JSON data\012- , ASCII text, with very long lines (1105), with no line terminators
Hash e8dd7ca1ba19ff7704546e9160d475b9
bcee9fc26aabc277823d63a60af34bbae10275d1
001965c32ff7fb2f7b2e9d64e3e6bde7fb15444c614848e93ca8a23ad85350f0
GET /safeframe/1-0-40/html/container.html?n=1 HTTP/1.1
Host: 8122474ccf646753316ec4e4f7eff1fd.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Sat, 14 Jan 2023 07:28:58 GMT
expires: Sun, 14 Jan 2024 07:28:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 352
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322268&tk_flint=pbjs_lite_v7.19.0&x_source.tid=629abf8e-0b82-4077-ac78-3c8da987b499&l_pb_bid_id=105279018af87718&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.42286102711167073
69.173.144.140200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322268&tk_flint=pbjs_lite_v7.19.0&x_source.tid=629abf8e-0b82-4077-ac78-3c8da987b499&l_pb_bid_id=105279018af87718&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.42286102711167073
IP 69.173.144.140:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 8cef8697836929f0ec7e5c794ea349e7
8fb9bde63809573837361219415dd1b1b34190c2
0e6d277ebd56b4821857508146b8378f05da6157b0de9403dd4537f344901944
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322268&tk_flint=pbjs_lite_v7.19.0&x_source.tid=629abf8e-0b82-4077-ac78-3c8da987b499&l_pb_bid_id=105279018af87718&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.42286102711167073 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCVMNMPE-1K-DWBZ; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:59 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB3dJckiJO214u9DtVM30fCgLyeqvALYT7kYAVC2sSLJjXvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:59 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 41a7bd312a57e5356b8847de36cf28e2
df86258917b4999a75e139cce31dd6f437fe643f
0453aea8ccfe5261b18c541a2d9281031ddab703954bd2b2e3f77736c8cf8600
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 642
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 07:28:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 6962a547-1473-4edb-a69c-48d865b33f70
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMLuziZ4GOAFAAUgBELuziZ4GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=2030748685650432599; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
adx.adform.net/adx/openrtb
37.157.6.241200 OK 1.2 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.241:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (1878), with no line terminators
Hash ba981b7fd7b5c7363a7c5393b22ff024
33c8b57be55eeeb76138a84fe97d29cbadb6f5e7
52334ce1b32d18a7884de5cbfc7666623178787f3f6ee0d98e826e1a41f2c9b3
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 567 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1095), with no line terminators
Hash 0d4736ef275e6ba08336d56fef5a3c00
8fafb97400699338cb39bd941d54240fffb1c4a0
4dd7dda02ae0d7b7c3616b4976a6645ea40258b452da48bb9699fb7c98d6c547
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:58 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
vs=525642=5278048; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
pid=8875307720092147817; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638092781395433070&o=1; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a12058c2ac2214340a1242e430027daa
6c4e2ef731e364b4e6b78432ffc18c58333d1690
054185d756bfbc829625938cf1f09734cc4b5b3055cb69ca91a3fc9af9ec9753
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 641
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 07:28:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: e28a9ad6-9b12-49f3-9cc0-a3ed57e9973f
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMLuziZ4GOAFAAUgBELuziZ4GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=3945160493752955958; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 490
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 354
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=46323209190&lsavail=0
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=46323209190&lsavail=0
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=46323209190&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:59 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.6.241200 OK 1.5 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.241:0
Hash 02a6790d972437397a23d1c4d128cafd
2c97198764d8ff7d039fdb5ec3437c8e7bb5e67a
3dfc86898d13a0cff1f0a5bf67959b1e7bc0edf4d8087e88c892cce03c5aae83
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:58 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 143 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a33239cbff1d0f5b6be0d7ca66bcc891
0edde560a521c391e3303be9c6a475f51fafde8a
ed719fa284b2444508d44581b2d937420b74e212e0ce59cc05f7bc2099c9ea1a
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 640
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 07:28:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 143
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: d0629137-b21f-477b-a776-13014a0c391f
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMLuziZ4GOAFAAUgBELuziZ4GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=5408897793073133277; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 448 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (804), with no line terminators
Hash 4b490c0c4da73814c3811dc6680cd807
a308ed8cd84d3ca0d20a3a7b71d795a459c3bc46
944e0ece50738d55e771c1f13f2d69be54617e07fb4caeadc17ecb26c83fd178
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 354
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
vs=525642=5278048; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
pid=8527010100297064529; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638092781396855961&o=1; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
adx.adform.net/adx/openrtb
37.157.6.241200 OK 2.3 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.241:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (3738), with no line terminators
Hash d6c3d3ee010ad5663ead3f0b8b9bcfe0
6346ba815a91b57edad3f42bd6484ea8548a5473
a959bfa4c18a8b4e7d7dc739ab0b047d811f5b6a4037f8a98f7d9289d2690bc3
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 491
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 581 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1280), with no line terminators
Hash cfea232bc849aa19cccbdf6a3701b60e
99b08bfd788ca7a2121a06e571c5686a1221a28e
0d4144e2b497de7a32a1cc063f5380e4bbfd0487b2c30b004c5f73e6982ab41e
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 352
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
vs=525642=5278048; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
pid=5197029390573101220; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638092781397214449&o=1; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322304&tk_flint=pbjs_lite_v7.19.0&x_source.tid=39bc782d-c9b8-4632-9775-2199ff3ebebd&l_pb_bid_id=10ad52e77e967da&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6323937236237295
69.173.144.140200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322304&tk_flint=pbjs_lite_v7.19.0&x_source.tid=39bc782d-c9b8-4632-9775-2199ff3ebebd&l_pb_bid_id=10ad52e77e967da&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6323937236237295
IP 69.173.144.140:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash a4d05567783036399e3042345e5883b2
d3a5efa9a474c16e075902880789f966b8d1ca6f
332edab00cab6d2efe82a3e6aa091e639a0b5ddd6cd05b7da87b31823df55d2d
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322304&tk_flint=pbjs_lite_v7.19.0&x_source.tid=39bc782d-c9b8-4632-9775-2199ff3ebebd&l_pb_bid_id=10ad52e77e967da&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6323937236237295 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCVMNMTG-1P-6MP0; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:59 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB0PgP1HJrCN+u9DtVM30fCgLyeqvALYT7kYAVC2sSLJjXvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:59 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322272&tk_flint=pbjs_lite_v7.19.0&x_source.tid=7b3dae4f-ca83-4558-ba16-f4d80e74ffb8&l_pb_bid_id=14e50a49599b89a&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3805402877167515
69.173.144.140200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322272&tk_flint=pbjs_lite_v7.19.0&x_source.tid=7b3dae4f-ca83-4558-ba16-f4d80e74ffb8&l_pb_bid_id=14e50a49599b89a&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3805402877167515
IP 69.173.144.140:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 9b677d1f00611ca87f9f1700acc80460
ddeb962c6b81128c9411aec1b369bc100bacd020
f85ecbbb8efa2ac768a8155e7011ab3ce5f3a112e8eafaeab0e059f8e38b9e85
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322272&tk_flint=pbjs_lite_v7.19.0&x_source.tid=7b3dae4f-ca83-4558-ba16-f4d80e74ffb8&l_pb_bid_id=14e50a49599b89a&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3805402877167515 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCVMNMPT-26-63YW; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:59 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB3gwkQclbxTl+9DtVM30fCgLyeqvALYT7kYAVC2sSLJjXvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:59 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 143 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d7541175afedccf8a410218e37fec572
23c6f2291680202f61339a3f209a2de500576dbe
4798e3bc984323ac06e48f1e2b051b707a04a38bec65f1b47ae7a3d8de802ba5
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 641
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 07:28:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 143
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: fedb0498-4e61-4648-ba54-921bb1a00765
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMLuziZ4GOAFAAUgBELuziZ4GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=3439897661000905682; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=49143224475&lsavail=0
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=49143224475&lsavail=0
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=49143224475&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:59 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322312&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5e49c82f-c20d-463b-b923-ab9eebe0a30c&l_pb_bid_id=105011dc0ca4ac78&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.03532636491660612
69.173.144.140200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322312&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5e49c82f-c20d-463b-b923-ab9eebe0a30c&l_pb_bid_id=105011dc0ca4ac78&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.03532636491660612
IP 69.173.144.140:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 1c35891c3bcdca046408bb8b110d5658
04451be5122667f583b91ea496d09f8d05b0c899
349fa8ae717974423db15bf1a47fb3942c7889f3fe475fc66aa10cddce20890c
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322312&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5e49c82f-c20d-463b-b923-ab9eebe0a30c&l_pb_bid_id=105011dc0ca4ac78&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.03532636491660612 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCVMNMUU-1J-CYEX; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:59 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB3Zis0ElcWh9e9DtVM30fCgLyeqvALYT7kYAVC2sSLJjXvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:59 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.6.241200 OK 1.3 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.241:0
Hash 69bb0955ef5a7fa9287c325c4815f392
d90e063245391c61faaa8fa427d7c01aab1cc7e5
2eee6d67627c6523c4b912cea272c1d94e9fde513ab2cc154e9e3a72dd6228ab
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=30727514413&lsavail=0
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=30727514413&lsavail=0
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=30727514413&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:59 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 408 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (744), with no line terminators
Hash 2b932d050af882280be9afd20696f2d1
90a01a4922ad8bc1b4844c9c05627740a883bc28
26d8f48ef6301fa8a950f69bac87f4e4426acfa7039edb139baa3a49289ca3e0
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 352
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
vs=525642=5278048; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
pid=8907704087175225415; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638092781398153104&o=1; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
adx.adform.net/adx/openrtb
37.157.6.241200 OK 1.4 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.241:0
Hash fab2813ba5652bc5ab7c7737a1644985
560dfe4ab6ef460303c83dd1844e2d8583db4820
dd05f6917f7fc47d9997e2a1ecc2d3b64f828644959f69c84b2f46000c85be19
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 565 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1157), with no line terminators
Hash dbe6bed8d18b6b246bdb601b50a08bf4
726a4ab2efb5e2c21af7e1cc0a19eea4aac20bba
834f1f43519f2bda2a45cdcf9214bd0ee9988186dca0b4d6c7bd0f24f770e478
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
vs=525642=5278048; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
pid=656012888588148991; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638092781398286405&o=1; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8316ab40d9812b9cbd7eb2d38e5957f3
6bee2405bc0d7e2b29832fc2b2d1de974af4bb9d
23011ec201b0d5e4f0cfd709da93cfc9415a0b7648d1cd2f2dcc8482d1d0b88d
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 643
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 07:28:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 529e32f9-5f08-472b-85fa-23c521fa9df5
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMLuziZ4GOAFAAUgBELuziZ4GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=2223962858055116145; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
adx.adform.net/adx/openrtb
37.157.6.241200 OK 1.2 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.241:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (1878), with no line terminators
Hash d4e38b11694849354b6606203e1d30b2
7857510b3727c14584d459ca8f05889848290fd8
98a79460699d743d8b44ce26bb377068af86d054b249a2aaf1ce31d3063b289c
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=earnme.club&url=https://earnme.club/nord-n1-from-oneplus/
172.67.23.234200 OK 67 B URL HTTP/2 id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=earnme.club&url=https://earnme.club/nord-n1-from-oneplus/
IP 172.67.23.234:0
File type JSON data\012- , ASCII text
Hash 2612c2514bbb4dd51b9164dba3569234
839dad2fb2d7b257a045d1df253e4469e1ef200c
a634d86ccbb74f568a47529c6d9c6c354bd20100370e29f87593c6fa02a4af44
GET /v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=earnme.club&url=https://earnme.club/nord-n1-from-oneplus/ HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
cache-control: public,max-age=30
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
vary: Origin
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7894a874bc5db52d-OSL
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322341&tk_flint=pbjs_lite_v7.19.0&x_source.tid=454e0e35-be8d-44ac-b463-d64970e571f1&l_pb_bid_id=8e488fb16cbaf48&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5015476133109714
69.173.144.140200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322341&tk_flint=pbjs_lite_v7.19.0&x_source.tid=454e0e35-be8d-44ac-b463-d64970e571f1&l_pb_bid_id=8e488fb16cbaf48&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5015476133109714
IP 69.173.144.140:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 08d0b71d1b99f2eefd7611f83e2e739d
f0e99ac5e00dae332b054be0f94e322d58034df1
882df3b22fe86b314fc96406c21f87ea0c1e8e1d3b9808df169d914f5bf5908f
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322341&tk_flint=pbjs_lite_v7.19.0&x_source.tid=454e0e35-be8d-44ac-b463-d64970e571f1&l_pb_bid_id=8e488fb16cbaf48&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5015476133109714 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCVMNMXC-Z-EIY5; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:59 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB2vbxzK0qwkY+9DtVM30fCgLyeqvALYT7kYAVC2sSLJjXvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:59 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 521 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1174), with no line terminators
Hash 48f54fc57494dce2b4519df056e454bc
38667c0447dc1bdcf1ae23eaa1bbb8cd6e34478a
4ae36c8f197063e494ebee26c7ecb8e0002f22bd2e2ab4e2afc82e57e84e61fd
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 354
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
vs=525642=5278048; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
pid=8596655898399596595; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638092781398740342&o=1; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322346&tk_flint=pbjs_lite_v7.19.0&x_source.tid=b71d6285-be14-4f4d-bcdf-1c6e0b190d17&l_pb_bid_id=2ed00056eb88038&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.38581342572626764
69.173.144.140200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322346&tk_flint=pbjs_lite_v7.19.0&x_source.tid=b71d6285-be14-4f4d-bcdf-1c6e0b190d17&l_pb_bid_id=2ed00056eb88038&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.38581342572626764
IP 69.173.144.140:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 0e648678fce1afe20fae8c4a14a523d0
cd30f35e6e5bd060a40edd6c0520c2250872c004
fcb5946b9a183efe278bb1dca4aa4fc810b15da3fb3a98d465b56b9932422411
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322346&tk_flint=pbjs_lite_v7.19.0&x_source.tid=b71d6285-be14-4f4d-bcdf-1c6e0b190d17&l_pb_bid_id=2ed00056eb88038&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.38581342572626764 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCVMNMYK-6-45GP; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:59 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB1ph6mVJOy6Oe9DtVM30fCgLyeqvALYT7kYAVC2sSLJjXvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:28:59 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 433 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (878), with no line terminators
Hash b57ede328e9143e30725946a785ac47e
2dcd7352ecb7a93c98e0cf1188ad42b64f4dd3b0
0b4ddf4b65c6547ac55d69ee7c6a604eb14fe9ae20b900f951a2b18824284ef1
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 354
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
vs=525642=5278048; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
pid=8380493815049347317; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638092781399188520&o=1; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 142 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ab3946a8269865cc3af2903cb5b2d210
8c64fd6336465e05ed10f355a4f3e76969e024ae
6a6d738ca1c58819f08d699002bd348499414c702f96d573badda7c1b09d9b6e
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 639
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 07:28:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 142
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 453ab525-011c-4c55-91f7-7f54b3fa226d
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMLuziZ4GOAFAAUgBELuziZ4GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=6240838482058089759; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:28:59 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=90780638492&lsavail=0
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=90780638492&lsavail=0
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=90780638492&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:59 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 575 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1234), with no line terminators
Hash 28af7aeb6a4383e94cee29c8d548ed9b
2da0e920f26f157babb732b5b8274cb5a559089e
54554ff84df4d10830be3adcb66d4225d4480a4812366e8218713ecc32afa44f
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 352
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
vs=525642=5278048; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
pid=2171832750017863813; expires=Sun, 14 Jan 2024 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638092781399890860&o=1; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sun, 15 Jan 2023 07:28:59 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 14 Jan 2023 07:29:00 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 244b06d87fbf113dcef695c6fefe962b
c1f637b462c11031a0e0cadf7c181a850723f705
2546c8980954b583e1f10c7d776f2f5c3c0f9fecd671cf9c860c873dc1a61265
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 643
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 07:29:00 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 0bf2771c-6a4c-4403-8f03-c071ab5dc52a
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMLyziZ4GOAFAAUgBELyziZ4GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:29:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=6644462964963840310; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:29:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_n-LoopMe_n-onetag_rbd_n-MediaNet_an-db5_sovrn
67.220.226.233302 Found 0 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_n-LoopMe_n-onetag_rbd_n-MediaNet_an-db5_sovrn
IP 67.220.226.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_n-LoopMe_n-onetag_rbd_n-MediaNet_an-db5_sovrn HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Sat, 14 Jan 2023 07:29:00 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: RY6GXXQ82M5X2FN4VAD4
Set-Cookie: ad-id=A_-vc8FpI0tImK8sffQIiYM|t; Domain=.amazon-adsystem.com; Expires=Sun, 01-Oct-2023 07:29:00 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_n-LoopMe_n-onetag_rbd_n-MediaNet_an-db5_sovrn&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=31313365942&lsavail=0
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=31313365942&lsavail=0
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=31313365942&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:29:00 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.6.241200 OK 1.2 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.241:0
Hash 0d69a5b4664892d28abc689c086c15e9
8498ebe7e55877381f36d882bf285f3bd3080955
f9191c88422ba149df305149849c9725c087df1bb25ee83292d664b209a1f6d5
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:00 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 486 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (850), with no line terminators
Hash e04a4037e19cd1a834907b2a6ea49271
9646332462f2cd650117a60d218c93af6dd5ef01
9d63e37525a529e656c29483ee397d819233c2f44bf97279e242d0fd40e9ea79
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 352
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:28:59 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Sun, 14 Jan 2024 07:29:00 GMT; domain=.smartadserver.com; path=/
vs=525642=5278049; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 14 Jan 2024 07:29:00 GMT; domain=.smartadserver.com; path=/
pid=4396498051248677228; expires=Sun, 14 Jan 2024 07:29:00 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638092781400593296&o=1; expires=Sun, 15 Jan 2023 07:29:00 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sun, 15 Jan 2023 07:29:00 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
adx.adform.net/adx/openrtb
37.157.6.241200 OK 1.1 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.241:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (1860), with no line terminators
Hash c73752213c7a5a1b4aa68f1eabbd833a
29bc0407e1cf92670167a540997dc05a407ceb67
acc7ab208bd7219f5b67bb02f3b5a94e61333756491770cdd064b079b8d497c3
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:00 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 483ee41bb4eb6825f9807ec81b0cd4ec
9248faad232a8b1533a850a809a8d0ce37d04a14
a7841ce40d56d83ca6e61454542230ac1ede59e3770a0242da23e3d7db770d5c
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 645
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 07:29:00 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 1a76a605-85f7-495e-abb3-2781aea830aa
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMLyziZ4GOAFAAUgBELyziZ4GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:29:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=2590440734690870103; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:29:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=97127829458&lsavail=0
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=97127829458&lsavail=0
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=97127829458&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:59 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.6.241200 OK 1.4 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.241:0
Hash 6b4db15814eccbaac68e8f4c3a4f8546
7894f0cf55330b7826e56517503d1209f45ba25f
8c0ba11640470ff12d2752957fe2914735c2b4e286028008b4a674b0aa6f0dc1
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322371&tk_flint=pbjs_lite_v7.19.0&x_source.tid=bdf9a630-9e91-4e62-a1b6-102cc00e4d4b&l_pb_bid_id=2185c6e6846108&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6860346640958971
69.173.144.140200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322371&tk_flint=pbjs_lite_v7.19.0&x_source.tid=bdf9a630-9e91-4e62-a1b6-102cc00e4d4b&l_pb_bid_id=2185c6e6846108&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6860346640958971
IP 69.173.144.140:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash ef54d61a3d8448b815afb598f6304511
378cdc857ea7c762b40be7f7f5f211a274edf184
fc6a81fa04a72015081e808c8056108c426df12fcaec36b3488707742a91aa88
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322371&tk_flint=pbjs_lite_v7.19.0&x_source.tid=bdf9a630-9e91-4e62-a1b6-102cc00e4d4b&l_pb_bid_id=2185c6e6846108&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6860346640958971 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sat, 14 Jan 2023 07:29:00 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCVMNN5J-Q-L9AM; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:29:00 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB0UiyLKZknpR+9DtVM30fCgLyeqvALYT7nAAEy/hgCPXnvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:29:00 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.16200 OK 518 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.16:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1084), with no line terminators
Hash 28a5805a8bfa55a3ac178aa48e76d194
4a987c1054b05241740042bfd28020a17adff569
5867e8552d14b73efee6e477e16c0414388e41313f39f53a4cd682405bde2ab0
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 352
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sat, 14 Jan 2023 07:29:00 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Sun, 14 Jan 2024 07:29:00 GMT; domain=.smartadserver.com; path=/
vs=525642=5278049; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 14 Jan 2024 07:29:00 GMT; domain=.smartadserver.com; path=/
pid=1200707010503368997; expires=Sun, 14 Jan 2024 07:29:00 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638092781401795387&o=1; expires=Sun, 15 Jan 2023 07:29:00 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sun, 15 Jan 2023 07:29:00 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
adx.adform.net/adx/openrtb
37.157.6.241200 OK 2.3 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.241:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (1885), with CRLF line terminators
Hash 77eface11bd99f1cbd09f7fb405aff8c
036ff1c1a86cffbb8389c3fb00f574a04f7a3571
dde391e128a5cf966e5d8f3cbbe62822efd0fa0d6fe8b4c96e528643d23a2b48
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:00 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60454987;rtbwp=driG5d-uWUsbjNrO1ue2bqzboUFQG3yp0;rtbdata=hPzTdJMDKIiRPKk2IdGXp2qpvlzk-NbgHamCiJx7Wt4m6XUlFvcovrkjpE4NLSXb1HjL_7GzKz8MemkYNmFrKp7sxsSMe-gCtbZtqIbIopzJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO1a1miJp2bUMi0RxaS8vu-TkxB85Co2bPOnqGuhAbga6kWLg8AcERWABzrUMxakn4-nvpUcyTYEYKcb1aFOOpyfjcD1sQQXBRw1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ShyEcN61mdd42u1ywTJ-2liH5HQu80uJMvZX66oGn6STiA5PHQPxeW8fI60XlM8Nwz0LEq8kKVyoQTQG11_PPxb50JC9i2658b1x0ZpVUUwN_g-WMtiBEq1GSU1YIRFucul6654TbiHI9QZMJeomKQpu7xow8fQ1HR_Va6G-DMgD9jTA9wD4ksfMEX5By_Xskui0bMBUl7EItAaUI_QD3QO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.6.241200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60454987;rtbwp=driG5d-uWUsbjNrO1ue2bqzboUFQG3yp0;rtbdata=hPzTdJMDKIiRPKk2IdGXp2qpvlzk-NbgHamCiJx7Wt4m6XUlFvcovrkjpE4NLSXb1HjL_7GzKz8MemkYNmFrKp7sxsSMe-gCtbZtqIbIopzJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO1a1miJp2bUMi0RxaS8vu-TkxB85Co2bPOnqGuhAbga6kWLg8AcERWABzrUMxakn4-nvpUcyTYEYKcb1aFOOpyfjcD1sQQXBRw1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ShyEcN61mdd42u1ywTJ-2liH5HQu80uJMvZX66oGn6STiA5PHQPxeW8fI60XlM8Nwz0LEq8kKVyoQTQG11_PPxb50JC9i2658b1x0ZpVUUwN_g-WMtiBEq1GSU1YIRFucul6654TbiHI9QZMJeomKQpu7xow8fQ1HR_Va6G-DMgD9jTA9wD4ksfMEX5By_Xskui0bMBUl7EItAaUI_QD3QO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.6.241:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash cbbc59387357ad42f385eeb9355f4ec0
27d795e58a2b2d2b41ac8515789571be9d363fcf
83b46c2196a1153410d0382225d786648a1fffd4fd865e9cee4c3c7c47a8ea54
GET /adfscript/?bn=60454987;rtbwp=driG5d-uWUsbjNrO1ue2bqzboUFQG3yp0;rtbdata=hPzTdJMDKIiRPKk2IdGXp2qpvlzk-NbgHamCiJx7Wt4m6XUlFvcovrkjpE4NLSXb1HjL_7GzKz8MemkYNmFrKp7sxsSMe-gCtbZtqIbIopzJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO1a1miJp2bUMi0RxaS8vu-TkxB85Co2bPOnqGuhAbga6kWLg8AcERWABzrUMxakn4-nvpUcyTYEYKcb1aFOOpyfjcD1sQQXBRw1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ShyEcN61mdd42u1ywTJ-2liH5HQu80uJMvZX66oGn6STiA5PHQPxeW8fI60XlM8Nwz0LEq8kKVyoQTQG11_PPxb50JC9i2658b1x0ZpVUUwN_g-WMtiBEq1GSU1YIRFucul6654TbiHI9QZMJeomKQpu7xow8fQ1HR_Va6G-DMgD9jTA9wD4ksfMEX5By_Xskui0bMBUl7EItAaUI_QD3QO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:00 GMT
content-type: text/javascript; charset=utf-8
content-length: 1221
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Tue, 14-Feb-2023 07:29:00 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60454987;rtbwp=driG5d-uWUsbjNrO1ue2bqzboUFQG3yp0;rtbdata=A8iMOn7YAifwCPo7eDgW9tDEizo3fBKyplGPm4548WXX65plYwQa8lMM0KY5cE_zR9QnH-5MK8dg8313Xh0jnlSeiqn20AWfTHEBfkane8nJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO2ZYeI9LSfJEC0RxaS8vu-TkxB85Co2bPOnqGuhAbga6kWLg8AcERWAalaLoxW3us2nvpUcyTYEYKcb1aFOOpyfjcD1sQQXBRw1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=vs1nY6vG0OB42u1ywTJ-2liH5HQu80uJMvZX66oGn6STiA5PHQPxeW8fI60XlM8Nwz0LEq8kKVxj6XQlcMu8PqPVsTBLj89Ih0ddwOfARXulon-D6CT5AF0Nxhmm53v36DKV_m0a4y6GOgJUYoQNeCUi_ZW-Q--bXMseeG1ti8sD9jTA9wD4ksfMEX5By_Xskui0bMBUl7H-F61CtfCKLwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.6.241200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60454987;rtbwp=driG5d-uWUsbjNrO1ue2bqzboUFQG3yp0;rtbdata=A8iMOn7YAifwCPo7eDgW9tDEizo3fBKyplGPm4548WXX65plYwQa8lMM0KY5cE_zR9QnH-5MK8dg8313Xh0jnlSeiqn20AWfTHEBfkane8nJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO2ZYeI9LSfJEC0RxaS8vu-TkxB85Co2bPOnqGuhAbga6kWLg8AcERWAalaLoxW3us2nvpUcyTYEYKcb1aFOOpyfjcD1sQQXBRw1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=vs1nY6vG0OB42u1ywTJ-2liH5HQu80uJMvZX66oGn6STiA5PHQPxeW8fI60XlM8Nwz0LEq8kKVxj6XQlcMu8PqPVsTBLj89Ih0ddwOfARXulon-D6CT5AF0Nxhmm53v36DKV_m0a4y6GOgJUYoQNeCUi_ZW-Q--bXMseeG1ti8sD9jTA9wD4ksfMEX5By_Xskui0bMBUl7H-F61CtfCKLwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.6.241:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash cd1cbabcc28e3bae9a8dbe738b5f08c4
f0aaab5254b7f0f33ab0208c9560518b195bc828
19d13b744ab4747a79ca69c8a583f0811ba3041e719948f929a89e02441a8ccc
GET /adfscript/?bn=60454987;rtbwp=driG5d-uWUsbjNrO1ue2bqzboUFQG3yp0;rtbdata=A8iMOn7YAifwCPo7eDgW9tDEizo3fBKyplGPm4548WXX65plYwQa8lMM0KY5cE_zR9QnH-5MK8dg8313Xh0jnlSeiqn20AWfTHEBfkane8nJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO2ZYeI9LSfJEC0RxaS8vu-TkxB85Co2bPOnqGuhAbga6kWLg8AcERWAalaLoxW3us2nvpUcyTYEYKcb1aFOOpyfjcD1sQQXBRw1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=vs1nY6vG0OB42u1ywTJ-2liH5HQu80uJMvZX66oGn6STiA5PHQPxeW8fI60XlM8Nwz0LEq8kKVxj6XQlcMu8PqPVsTBLj89Ih0ddwOfARXulon-D6CT5AF0Nxhmm53v36DKV_m0a4y6GOgJUYoQNeCUi_ZW-Q--bXMseeG1ti8sD9jTA9wD4ksfMEX5By_Xskui0bMBUl7H-F61CtfCKLwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:00 GMT
content-type: text/javascript; charset=utf-8
content-length: 1217
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Tue, 14-Feb-2023 07:29:00 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322363&tk_flint=pbjs_lite_v7.19.0&x_source.tid=b6ee6f6d-5290-4e8e-87c0-1c911cc265df&l_pb_bid_id=1029df34c9bd9698&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4464222343122458
69.173.144.140200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322363&tk_flint=pbjs_lite_v7.19.0&x_source.tid=b6ee6f6d-5290-4e8e-87c0-1c911cc265df&l_pb_bid_id=1029df34c9bd9698&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4464222343122458
IP 69.173.144.140:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 373ad8019ecb5156dbe0de0cb45d8ecf
231bc9c1148087651da0fb874a44df36c7f979de
b0dc721523c3876308277ed23709e6da3b7c7b7f795bfff33de3faa27e7b1ab3
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2226136&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673681322363&tk_flint=pbjs_lite_v7.19.0&x_source.tid=b6ee6f6d-5290-4e8e-87c0-1c911cc265df&l_pb_bid_id=1029df34c9bd9698&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4464222343122458 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sat, 14 Jan 2023 07:29:00 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCVMNN3B-1X-BX0U; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:29:00 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|hLZGFuTafB17Oc47JaLcH+9DtVM30fCgLyeqvALYT7nAAEy/hgCPXnvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Sun, 14-Jan-2024 07:29:00 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=pIjprdQVl3zU55KuJTrHxAFC1-Qhvxx-l8nI6BcIq0EWwcEoi3cdyzN9KlWqfrAltMG8GznsEwujvAKtEd5swu0v7dQCVS10KLG50Tgf3vbJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO2PRMrsfCTxBGZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Ge13fn8pcKQqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXuFVexOALauEieEI_HdDmWGeWeU8vmBt7RHIStnaVTSXYLjWAd1OFnEtMG8GznsEwujvAKtEd5swu0v7dQCVS10ZGdyAiIaJINqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNBv-UQ43VSOXcWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;
37.157.6.241200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=pIjprdQVl3zU55KuJTrHxAFC1-Qhvxx-l8nI6BcIq0EWwcEoi3cdyzN9KlWqfrAltMG8GznsEwujvAKtEd5swu0v7dQCVS10KLG50Tgf3vbJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO2PRMrsfCTxBGZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Ge13fn8pcKQqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXuFVexOALauEieEI_HdDmWGeWeU8vmBt7RHIStnaVTSXYLjWAd1OFnEtMG8GznsEwujvAKtEd5swu0v7dQCVS10ZGdyAiIaJINqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNBv-UQ43VSOXcWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.6.241:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash e1b942d1749640514e3ab774d29c56db
1cc296ce466ccf8fca90670f856d008c8a8ae586
9102521a6dc4eb2fb185e53ae9a0c9a7f0fae2169c15d74ff0fe374109736ca2
GET /adfscript/?bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=pIjprdQVl3zU55KuJTrHxAFC1-Qhvxx-l8nI6BcIq0EWwcEoi3cdyzN9KlWqfrAltMG8GznsEwujvAKtEd5swu0v7dQCVS10KLG50Tgf3vbJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO2PRMrsfCTxBGZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Ge13fn8pcKQqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXuFVexOALauEieEI_HdDmWGeWeU8vmBt7RHIStnaVTSXYLjWAd1OFnEtMG8GznsEwujvAKtEd5swu0v7dQCVS10ZGdyAiIaJINqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNBv-UQ43VSOXcWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:00 GMT
content-type: text/javascript; charset=utf-8
content-length: 1206
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Tue, 14-Feb-2023 07:29:00 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=TJ4qHFkmLj2BnRCGUBXGTUTotwdHhv2H2pd7ZoLzjCcwqhrwOzrvTbkjpE4NLSXbdQgYm5SHpfeiWB9TdLudYGfaAE-0coVWx7R47DfrnjHJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO3WruCPO5vkumZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=pxvdSNIBF-QqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXviHp2Y6JPGcAOQnA-c0W8AME4P7tJR8-vLdpsxX6RC8oviDFvtr3kFdQgYm5SHpfeiWB9TdLudYGfaAE-0coVWtt8kxlX9p-1qxZ1iDns5VpXUV7uR1YOps5Da4GvFMNAa3wQqCd73TcWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;
37.157.6.241200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=TJ4qHFkmLj2BnRCGUBXGTUTotwdHhv2H2pd7ZoLzjCcwqhrwOzrvTbkjpE4NLSXbdQgYm5SHpfeiWB9TdLudYGfaAE-0coVWx7R47DfrnjHJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO3WruCPO5vkumZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=pxvdSNIBF-QqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXviHp2Y6JPGcAOQnA-c0W8AME4P7tJR8-vLdpsxX6RC8oviDFvtr3kFdQgYm5SHpfeiWB9TdLudYGfaAE-0coVWtt8kxlX9p-1qxZ1iDns5VpXUV7uR1YOps5Da4GvFMNAa3wQqCd73TcWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.6.241:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash 7465edd0b33e374d09ec6857087ab8f0
df417f6744dc4720a971e8c5ead1e9aeddec3de6
f2d99e29daf350f04ac914cc6c57eca86bb7446b8efb06aaf354297723ef7a59
GET /adfscript/?bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=TJ4qHFkmLj2BnRCGUBXGTUTotwdHhv2H2pd7ZoLzjCcwqhrwOzrvTbkjpE4NLSXbdQgYm5SHpfeiWB9TdLudYGfaAE-0coVWx7R47DfrnjHJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO3WruCPO5vkumZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=pxvdSNIBF-QqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXviHp2Y6JPGcAOQnA-c0W8AME4P7tJR8-vLdpsxX6RC8oviDFvtr3kFdQgYm5SHpfeiWB9TdLudYGfaAE-0coVWtt8kxlX9p-1qxZ1iDns5VpXUV7uR1YOps5Da4GvFMNAa3wQqCd73TcWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:00 GMT
content-type: text/javascript; charset=utf-8
content-length: 1205
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Tue, 14-Feb-2023 07:29:00 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
cdn.prod.uidapi.com/uid2SecureSignal.js
54.230.82.163200 OK 1.9 kB URL HTTP/1.1 cdn.prod.uidapi.com/uid2SecureSignal.js
IP 54.230.82.163:0
File type ASCII text, with very long lines (1859), with no line terminators
Hash aded621b17723f487b3c9d0e43cf2f94
90fbec381aa4a6ae2a2bb37eb082291432a1ab18
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
GET /uid2SecureSignal.js HTTP/1.1
Host: cdn.prod.uidapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1859
Connection: keep-alive
Last-Modified: Thu, 22 Dec 2022 00:57:19 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 14 Jan 2023 00:57:44 GMT
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: L16L11OnooSfXWGVAay8sUVSwAikKna-OW47pOmJT4y9hOLW3ITAwA==
Age: 23477
track.adform.net/adfscript/?bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=E6tQbzBjLA872GUJ_yuwA4jSnPcsVlNB4OdLnV7sX2eqde4Sj671ZZEOAGbjPBIs761EtTy_VtUD4g12_OFxUvoD9GcGjKTdPoCnorFv4lLJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO2Rso0dtOMygGZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=K93G7ztzjzUqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXu2oF3XeLhghpeVIWVz-DXw7eBdsw-BOPRhwDqrHLXwMe7YgMxOyErI761EtTy_VtUD4g12_OFxUvoD9GcGjKTdiAYoDbMTo_JqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNDlNyhHsO8hicWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;
37.157.6.241200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=E6tQbzBjLA872GUJ_yuwA4jSnPcsVlNB4OdLnV7sX2eqde4Sj671ZZEOAGbjPBIs761EtTy_VtUD4g12_OFxUvoD9GcGjKTdPoCnorFv4lLJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO2Rso0dtOMygGZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=K93G7ztzjzUqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXu2oF3XeLhghpeVIWVz-DXw7eBdsw-BOPRhwDqrHLXwMe7YgMxOyErI761EtTy_VtUD4g12_OFxUvoD9GcGjKTdiAYoDbMTo_JqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNDlNyhHsO8hicWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.6.241:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash ab024c23f94cfeaa2f83fba667ce63f9
3111bdcc168de4f7128755f55b01c974c972c1a0
7aaf9e09a771b14793e4c2056cab7c7827c0dc22b076d1e9d27d932ef1285abd
GET /adfscript/?bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=E6tQbzBjLA872GUJ_yuwA4jSnPcsVlNB4OdLnV7sX2eqde4Sj671ZZEOAGbjPBIs761EtTy_VtUD4g12_OFxUvoD9GcGjKTdPoCnorFv4lLJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO2Rso0dtOMygGZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=K93G7ztzjzUqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXu2oF3XeLhghpeVIWVz-DXw7eBdsw-BOPRhwDqrHLXwMe7YgMxOyErI761EtTy_VtUD4g12_OFxUvoD9GcGjKTdiAYoDbMTo_JqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNDlNyhHsO8hicWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:00 GMT
content-type: text/javascript; charset=utf-8
content-length: 1209
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Tue, 14-Feb-2023 07:29:00 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
s1.adform.net/banners/scripts/adx.js
37.157.5.72200 OK 27 kB URL HTTP/2 s1.adform.net/banners/scripts/adx.js
IP 37.157.5.72:0
File type ASCII text, with very long lines (855), with CRLF, LF line terminators
Hash 4c2644aa650f9cac73f87443ebad0164
9b3b5fbf7612e5a93c39cb4c34ded66a5abb2b8b
45cff7cd817785be7c2620c462986ef19c2f1565e7027aa21e977ea6ceaf3a38
GET /banners/scripts/adx.js HTTP/1.1
Host: s1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:00 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
x-rgw-object-type: Normal
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-amz-request-id: tx0000036c3b8447bdf0cc5-00637b6786-32941e2b-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2ebf180030d494bf6261445b10ace7bd
97af69477682de917c9bb25ead9f01ec3f4b6fb5
5bb8fd04c2753d500cff77572e2baef1b4830d192e23a7b88e422c96ee8d8dff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3996
Cache-Control: max-age=157478
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:29:00 GMT
Etag: "63c20e46-118"
Expires: Mon, 16 Jan 2023 03:13:38 GMT
Last-Modified: Sat, 14 Jan 2023 02:07:02 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
a.ad.gt/api/v1/u/matches/405?_it=amazon
104.22.4.69200 OK 4.9 kB URL HTTP/2 a.ad.gt/api/v1/u/matches/405?_it=amazon
IP 104.22.4.69:0
File type C source, ASCII text, with very long lines (2298), with CRLF, LF line terminators
Hash 46a60a38d145e43b2da91dace55830fc
07085f7d2c54ed892e8635523911632fb6bc643b
067cc5ad8ca8a6fa2cc47cd7de95b33e33fd747984281e340ce19b86cd9dc597
GET /api/v1/u/matches/405?_it=amazon HTTP/1.1
Host: a.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:29:00 GMT
content-type: application/javascript
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 61
last-modified: Sat, 14 Jan 2023 07:27:59 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 7894a87c0ee9b512-OSL
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/esp.js
104.22.52.86200 OK 20 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/esp.js
IP 104.22.52.86:0
Hash bf0e6b6dc3d70689b6e70c6134202055
cda52137366fcd40948206d41bfff641a089803a
d892f9280f4955bc35879cd713af13d14f02085e81d41b66fd92b32fb9ad373f
GET /api/1.0/esp.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:29:00 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: br8ocj5fWmQgOqNy/Y5LiIH5q+MAwLmtxoIHmumKrdJnVOflpFk2DrvLlhRMxH1N156iQZCmWrRJmSpedVGlPA==
x-amz-request-id: 9KT5DTFKEWY7HC5S
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
etag: W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 117
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7894a87cbcffb524-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
tags.crwdcntrl.net/lt/c/16589/sync.min.js
54.230.111.94200 OK 12 kB URL HTTP/2 tags.crwdcntrl.net/lt/c/16589/sync.min.js
IP 54.230.111.94:0
Hash d97ec2e2d41ae4b2fc30d28257936ce1
598ba1efcbd76f657700097fbd0ba396ab8ae868
4a3b55412239d19b92daa3379eb683c18d2fd88bd6cdc76d216580b81acf5c86
GET /lt/c/16589/sync.min.js HTTP/1.1
Host: tags.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 05 Jan 2023 20:08:05 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sat, 14 Jan 2023 01:25:26 GMT
cache-control: max-age: 86400
etag: W/"87ee016ad429d1c83712b8d81ccb3c59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AGqAYBrIBabTNuTx8vO1INzsD1nUh3UzJ_gKd8_fVpBfb962iKDbKA==
age: 21815
X-Firefox-Spdy: h2
bcp.crwdcntrl.net/6/map
52.48.35.78200 OK 60 B IP 52.48.35.78:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 60e8f424d8578b95ac022b4dd52964a9
caed5dc0fe7ca09c620da5695d9504dafff4dda4
ad92e78895ddb6822818c87ef967fd6537f52c2f842365b3da1bd7f27b1ca580
POST /6/map HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 50
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:29:00 GMT
content-type: application/json;charset=utf-8
content-length: 60
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.11.3
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 990923111e9bdf458f09f9c8df7e4158
8ee4ce1cd7d6da1ce3a798483824eb47aacd82f4
8e01d8cb21cf9ecd2b4e07089004d7fb019473c199eb8f51b928ad8be7d6cd55
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5388
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:29:01 GMT
Last-Modified: Sat, 14 Jan 2023 05:59:13 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
track.adform.net/adfscript/?bn=60454987;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=nedVi83WsnsEB3ERoM9yQG1GrcssHhhgmjyUYA-HBFmwYWLohtkwo57RJsIFLDe--EQ3i-Ncap_dXLhmNWdLrwkJRpHa7LBjenbKc5Aa_JDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO1YZyd7lhZQoWZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=cc5_gFzjCT8qHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXtBQLLPxnLeEBXJYF-Zul33fJKJbdkE8fNnXAaFn4qumBolQLLHiOn_-EQ3i-Ncap_dXLhmNWdLrwkJRpHa7LBjasJ9NnCn3xtqxZ1iDns5VpXUV7uR1YOps5Da4GvFMND7vCffV4kwUsWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;
37.157.6.241200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60454987;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=nedVi83WsnsEB3ERoM9yQG1GrcssHhhgmjyUYA-HBFmwYWLohtkwo57RJsIFLDe--EQ3i-Ncap_dXLhmNWdLrwkJRpHa7LBjenbKc5Aa_JDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO1YZyd7lhZQoWZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=cc5_gFzjCT8qHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXtBQLLPxnLeEBXJYF-Zul33fJKJbdkE8fNnXAaFn4qumBolQLLHiOn_-EQ3i-Ncap_dXLhmNWdLrwkJRpHa7LBjasJ9NnCn3xtqxZ1iDns5VpXUV7uR1YOps5Da4GvFMND7vCffV4kwUsWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.6.241:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash ab0992b7e87b3ce6cd627171548e53b8
843f7fef499dafca986bde7e0ff43a71a5e387c9
5df127ee9528a6857a4fe228d91970f5d9360a6345c1298904ea565e2d49b002
GET /adfscript/?bn=60454987;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=nedVi83WsnsEB3ERoM9yQG1GrcssHhhgmjyUYA-HBFmwYWLohtkwo57RJsIFLDe--EQ3i-Ncap_dXLhmNWdLrwkJRpHa7LBjenbKc5Aa_JDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO1YZyd7lhZQoWZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=cc5_gFzjCT8qHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXtBQLLPxnLeEBXJYF-Zul33fJKJbdkE8fNnXAaFn4qumBolQLLHiOn_-EQ3i-Ncap_dXLhmNWdLrwkJRpHa7LBjasJ9NnCn3xtqxZ1iDns5VpXUV7uR1YOps5Da4GvFMND7vCffV4kwUsWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:01 GMT
content-type: text/javascript; charset=utf-8
content-length: 1205
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Tue, 14-Feb-2023 07:29:01 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=6hySndOYzXULSMxR2vKOSgylFhu127Vgcy5ltKbgJi_oC5_KK856Jp7RJsIFLDe-6jQ8wdF51esJUgcKcgqgTUBEOrefZeqKoW8EpXaDZjbJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO08Fcl4O9BKOWZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=3k8tkmGMIBUqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXs0AT4_scpgt8CzUdmIXxx03XUTVI9OtShVFfHBx82I35Ny7oAkuvB66jQ8wdF51esJUgcKcgqgTUBEOrefZeqKToYgPb-gJ1dqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNB0jG2C7v5wAMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;
37.157.6.241200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=6hySndOYzXULSMxR2vKOSgylFhu127Vgcy5ltKbgJi_oC5_KK856Jp7RJsIFLDe-6jQ8wdF51esJUgcKcgqgTUBEOrefZeqKoW8EpXaDZjbJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO08Fcl4O9BKOWZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=3k8tkmGMIBUqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXs0AT4_scpgt8CzUdmIXxx03XUTVI9OtShVFfHBx82I35Ny7oAkuvB66jQ8wdF51esJUgcKcgqgTUBEOrefZeqKToYgPb-gJ1dqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNB0jG2C7v5wAMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.6.241:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash cb6f56e464cfd39f7f81714eb464cefb
77e199766a10f389d84e216e23ebe02b59c86e10
a4654b974b88d4f23cf6a7cb692f74a16cb8c5f23ba6da2ac1c5764a2e650341
GET /adfscript/?bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=6hySndOYzXULSMxR2vKOSgylFhu127Vgcy5ltKbgJi_oC5_KK856Jp7RJsIFLDe-6jQ8wdF51esJUgcKcgqgTUBEOrefZeqKoW8EpXaDZjbJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO08Fcl4O9BKOWZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=3k8tkmGMIBUqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXs0AT4_scpgt8CzUdmIXxx03XUTVI9OtShVFfHBx82I35Ny7oAkuvB66jQ8wdF51esJUgcKcgqgTUBEOrefZeqKToYgPb-gJ1dqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNB0jG2C7v5wAMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:01 GMT
content-type: text/javascript; charset=utf-8
content-length: 1209
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Tue, 14-Feb-2023 07:29:01 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/gen_204?id=ia_evt&aflvr=true&al=5&qid=CPTiwe3ExvwCFTDDOwIdRrYA_g&ns=4858&fs=5&req=https%3A%2F%2F326bad74d7e3b4018992a059493be094.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ptt=17
142.250.74.34204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/gen_204?id=ia_evt&aflvr=true&al=5&qid=CPTiwe3ExvwCFTDDOwIdRrYA_g&ns=4858&fs=5&req=https%3A%2F%2F326bad74d7e3b4018992a059493be094.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ptt=17
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/gen_204?id=ia_evt&aflvr=true&al=5&qid=CPTiwe3ExvwCFTDDOwIdRrYA_g&ns=4858&fs=5&req=https%3A%2F%2F326bad74d7e3b4018992a059493be094.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ptt=17 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 07:29:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=hPzTdJMDKIjD8WahC8frZ-ubRaZTDNu2c0crRTWq74nUeRCa4rbT4bkjpE4NLSXb7-pELZzZRDeHqUr16D_hYc1WYnqUXfoRNnTM_HJXulDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO01-RcBLRrEiWZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=k6ESF6qjrnIqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXvs4tAIWs0EZN1iJdj-lFisffrWBwF3zIe7qqZdeGBNmI_sAgrwyRt87-pELZzZRDeHqUr16D_hYc1WYnqUXfoRSpTQmEQIOl5qxZ1iDns5VpXUV7uR1YOps5Da4GvFMNCUM4-aEYCiq8WjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;
37.157.6.241200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=hPzTdJMDKIjD8WahC8frZ-ubRaZTDNu2c0crRTWq74nUeRCa4rbT4bkjpE4NLSXb7-pELZzZRDeHqUr16D_hYc1WYnqUXfoRNnTM_HJXulDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO01-RcBLRrEiWZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=k6ESF6qjrnIqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXvs4tAIWs0EZN1iJdj-lFisffrWBwF3zIe7qqZdeGBNmI_sAgrwyRt87-pELZzZRDeHqUr16D_hYc1WYnqUXfoRSpTQmEQIOl5qxZ1iDns5VpXUV7uR1YOps5Da4GvFMNCUM4-aEYCiq8WjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.6.241:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash bcafb542825cad726b2693bc6e262c08
3db25244162934620977f9e6e40d503e1cbae784
994e1fec5f15a8cbc398cdfb71496e76ff823216e22d9eca92f147a79f18e984
GET /adfscript/?bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=hPzTdJMDKIjD8WahC8frZ-ubRaZTDNu2c0crRTWq74nUeRCa4rbT4bkjpE4NLSXb7-pELZzZRDeHqUr16D_hYc1WYnqUXfoRNnTM_HJXulDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO01-RcBLRrEiWZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=k6ESF6qjrnIqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXvs4tAIWs0EZN1iJdj-lFisffrWBwF3zIe7qqZdeGBNmI_sAgrwyRt87-pELZzZRDeHqUr16D_hYc1WYnqUXfoRSpTQmEQIOl5qxZ1iDns5VpXUV7uR1YOps5Da4GvFMNCUM4-aEYCiq8WjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:01 GMT
content-type: text/javascript; charset=utf-8
content-length: 1208
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Tue, 14-Feb-2023 07:29:01 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60454987;rtbwp=-0KBq16r_0eBwBM4FpcgREeBAB3KqT0_0;rtbdata=6kB3crmDNKt8w-OFDxMX-RKQEGDsbRr53Dsv0SP5am5C-sZzjuR9YucxbCA7OgRL4oRGLPNbqIXQ0WW5UCW7ZQGdBAeCLANPFxnehj3F96TJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-93TiRbXuOlE_8dMx_JUgsim3XdA_7KoTCKsjHacshO1n_LVeFrfIZrq_ZT61K-_0TvAVg_Aqa_Ki-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHZW75mFd04FnWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=GM0sWF_0rRgqHMLsI0XOHar8852KPeXlBm4Frq_1Nqc2Z1Kib07ssJT7WXJg35mThTxFdo_0vXtUj61nC1FNxQcyg0SqqtKNhZxy890ixyuHj4UlOL5L8d1fgq0hn-rY4oRGLPNbqIXQ0WW5UCW7ZQGdBAeCLANPfE_tFC5OMaVqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNBKQcT3GsFmjMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;
37.157.6.241200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60454987;rtbwp=-0KBq16r_0eBwBM4FpcgREeBAB3KqT0_0;rtbdata=6kB3crmDNKt8w-OFDxMX-RKQEGDsbRr53Dsv0SP5am5C-sZzjuR9YucxbCA7OgRL4oRGLPNbqIXQ0WW5UCW7ZQGdBAeCLANPFxnehj3F96TJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-93TiRbXuOlE_8dMx_JUgsim3XdA_7KoTCKsjHacshO1n_LVeFrfIZrq_ZT61K-_0TvAVg_Aqa_Ki-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHZW75mFd04FnWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=GM0sWF_0rRgqHMLsI0XOHar8852KPeXlBm4Frq_1Nqc2Z1Kib07ssJT7WXJg35mThTxFdo_0vXtUj61nC1FNxQcyg0SqqtKNhZxy890ixyuHj4UlOL5L8d1fgq0hn-rY4oRGLPNbqIXQ0WW5UCW7ZQGdBAeCLANPfE_tFC5OMaVqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNBKQcT3GsFmjMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.6.241:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash 7b7d73f51fcad43d78be8574d5416093
343ef88975b9e6e9187e6bc3a0f8cecbcee032e9
8e88515f631f25dc5b2936f0ede46ef06a3833624b1a291b9b8088d5c0a0e70c
GET /adfscript/?bn=60454987;rtbwp=-0KBq16r_0eBwBM4FpcgREeBAB3KqT0_0;rtbdata=6kB3crmDNKt8w-OFDxMX-RKQEGDsbRr53Dsv0SP5am5C-sZzjuR9YucxbCA7OgRL4oRGLPNbqIXQ0WW5UCW7ZQGdBAeCLANPFxnehj3F96TJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-93TiRbXuOlE_8dMx_JUgsim3XdA_7KoTCKsjHacshO1n_LVeFrfIZrq_ZT61K-_0TvAVg_Aqa_Ki-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHZW75mFd04FnWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=GM0sWF_0rRgqHMLsI0XOHar8852KPeXlBm4Frq_1Nqc2Z1Kib07ssJT7WXJg35mThTxFdo_0vXtUj61nC1FNxQcyg0SqqtKNhZxy890ixyuHj4UlOL5L8d1fgq0hn-rY4oRGLPNbqIXQ0WW5UCW7ZQGdBAeCLANPfE_tFC5OMaVqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNBKQcT3GsFmjMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:01 GMT
content-type: text/javascript; charset=utf-8
content-length: 1214
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Tue, 14-Feb-2023 07:29:01 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
142.250.74.34200 OK 13 kB URL HTTP/2 pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (1493)
Hash 0dece4b354fc41d0430994be26247a47
1063c9471665bb53cc9a4e89c4cf0f1e9f695f8d
71a1c1d814cc6c713b3513212be779f944e9b4002e1fb89ac36e438a1a04e4a0
GET /omsdk/releases/live/omweb-v1.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-length: 13109
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 06:33:10 GMT
expires: Sat, 14 Jan 2023 07:33:10 GMT
cache-control: public, max-age=3600
age: 3351
last-modified: Mon, 31 Oct 2022 17:24:37 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69c011429c0b1f8a0c091474b207c240
fe2c5e1854a65d8a2b669fc54aa0c827f07e428b
409f967eeebf5472cb0d2a917b9285e52b21950f672c6c37a19285d3375edc7f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.132200 OK 511 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 0aada763dd2da50659a271cf033fc741
828b6a1e243e7646a072ab7b8122ba60805eac59
712a7d1901d1c6af40a404b95eb185cb804509c04c50b4f4d19afaf73d82eff3
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 14 Jan 2023 07:29:01 GMT
date: Sat, 14 Jan 2023 07:29:01 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-9CpKuomHe-O0jT1PltuiCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60454987;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=pIjprdQVl3yOLh6ZD2tAA6kIP7Fqp_2mkgm7Nyfs89tWbDsaA25xuBmhi8XDu_Q2QLquCDqsauS9O-RZf8SbVKJgKgRLfvz9gITtvRKGVGjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO3P5gICNZ_sxGZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDWlEr5B2agIaelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=en_r4xW5XmUqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXsfkQUTY_Vv_TzqARTWFbPgtC6HjaNngaq5TvdnEBmi5fgy75k9PhYWQLquCDqsauS9O-RZf8SbVKJgKgRLfvz9Y9s6TAhqRzFqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNDXKqJdauwhyMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;
37.157.6.241200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60454987;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=pIjprdQVl3yOLh6ZD2tAA6kIP7Fqp_2mkgm7Nyfs89tWbDsaA25xuBmhi8XDu_Q2QLquCDqsauS9O-RZf8SbVKJgKgRLfvz9gITtvRKGVGjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO3P5gICNZ_sxGZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDWlEr5B2agIaelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=en_r4xW5XmUqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXsfkQUTY_Vv_TzqARTWFbPgtC6HjaNngaq5TvdnEBmi5fgy75k9PhYWQLquCDqsauS9O-RZf8SbVKJgKgRLfvz9Y9s6TAhqRzFqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNDXKqJdauwhyMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.6.241:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash 5eccfe15f455bc02bf6a73d42b841aa5
1a834b79bea45e99bb87c22e8c8e4ff9c6bfb264
bec9c0ea92e1cff2367f5009b434a19ad580aafca4fcd17dbd34d53e1f3a59ee
GET /adfscript/?bn=60454987;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=pIjprdQVl3yOLh6ZD2tAA6kIP7Fqp_2mkgm7Nyfs89tWbDsaA25xuBmhi8XDu_Q2QLquCDqsauS9O-RZf8SbVKJgKgRLfvz9gITtvRKGVGjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO3P5gICNZ_sxGZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDWlEr5B2agIaelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=en_r4xW5XmUqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXsfkQUTY_Vv_TzqARTWFbPgtC6HjaNngaq5TvdnEBmi5fgy75k9PhYWQLquCDqsauS9O-RZf8SbVKJgKgRLfvz9Y9s6TAhqRzFqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNDXKqJdauwhyMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:01 GMT
content-type: text/javascript; charset=utf-8
content-length: 1215
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Tue, 14-Feb-2023 07:29:01 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ec8e48d149daee2752435a00c6a2bc82
c6ea572437b23d7e342e3e46e8dbcfec9cf062c0
703596d130348ad65e4f77abee2c1aa2fac0bee63d42999e764deb5d36834ed0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ec8e48d149daee2752435a00c6a2bc82
c6ea572437b23d7e342e3e46e8dbcfec9cf062c0
703596d130348ad65e4f77abee2c1aa2fac0bee63d42999e764deb5d36834ed0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track.adform.net/adfscript/?bn=60454987;rtbwp=-0KBq16r_0eBwBM4FpcgREeBAB3KqT0_0;rtbdata=nedVi83WsntzBDzaVYb8Odh83TnOmUv4pClSCtYk_EgAHekMw8BqdTkgZx8X_JVdi4QVPOROwA_bb3Q5MVrQFJ6a4hV-PM0bmaF4nGpWzwLJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-93TiRbXuOlE_8dMx_JUgsim3XdA_7KoTCKsjHacshO2qZg6ZROG8M7q_ZT61K-_0TvAVg_Aqa_Ki-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHZW75mFd04FnWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=BFCoq7ViQUIqHMLsI0XOHar8852KPeXlBm4Frq_1Nqc2Z1Kib07ssJT7WXJg35mThTxFdo_0vXvCiVReKLS1pdtjbYkWDUzVb9ec0T8PkEwFJhAltelCxbIuFiPr-oG-i4QVPOROwA_bb3Q5MVrQFJ6a4hV-PM0bcDXc2mn7pXBqxZ1iDns5VpXUV7uR1YOps5Da4GvFMND7tm6mN1SYyMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;
37.157.6.241200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60454987;rtbwp=-0KBq16r_0eBwBM4FpcgREeBAB3KqT0_0;rtbdata=nedVi83WsntzBDzaVYb8Odh83TnOmUv4pClSCtYk_EgAHekMw8BqdTkgZx8X_JVdi4QVPOROwA_bb3Q5MVrQFJ6a4hV-PM0bmaF4nGpWzwLJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-93TiRbXuOlE_8dMx_JUgsim3XdA_7KoTCKsjHacshO2qZg6ZROG8M7q_ZT61K-_0TvAVg_Aqa_Ki-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHZW75mFd04FnWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=BFCoq7ViQUIqHMLsI0XOHar8852KPeXlBm4Frq_1Nqc2Z1Kib07ssJT7WXJg35mThTxFdo_0vXvCiVReKLS1pdtjbYkWDUzVb9ec0T8PkEwFJhAltelCxbIuFiPr-oG-i4QVPOROwA_bb3Q5MVrQFJ6a4hV-PM0bcDXc2mn7pXBqxZ1iDns5VpXUV7uR1YOps5Da4GvFMND7tm6mN1SYyMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.6.241:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash 93778c2779ed62095f2bef2c7d1176cb
8b0bbdbcda113e1d2ced866879cf4f0b0c9f86d9
5768428feb58ae0a568b27525ed85d55e4227f467a2a8a14df544eb0354816d4
GET /adfscript/?bn=60454987;rtbwp=-0KBq16r_0eBwBM4FpcgREeBAB3KqT0_0;rtbdata=nedVi83WsntzBDzaVYb8Odh83TnOmUv4pClSCtYk_EgAHekMw8BqdTkgZx8X_JVdi4QVPOROwA_bb3Q5MVrQFJ6a4hV-PM0bmaF4nGpWzwLJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-93TiRbXuOlE_8dMx_JUgsim3XdA_7KoTCKsjHacshO2qZg6ZROG8M7q_ZT61K-_0TvAVg_Aqa_Ki-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHZW75mFd04FnWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=BFCoq7ViQUIqHMLsI0XOHar8852KPeXlBm4Frq_1Nqc2Z1Kib07ssJT7WXJg35mThTxFdo_0vXvCiVReKLS1pdtjbYkWDUzVb9ec0T8PkEwFJhAltelCxbIuFiPr-oG-i4QVPOROwA_bb3Q5MVrQFJ6a4hV-PM0bcDXc2mn7pXBqxZ1iDns5VpXUV7uR1YOps5Da4GvFMND7tm6mN1SYyMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:01 GMT
content-type: text/javascript; charset=utf-8
content-length: 1216
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Tue, 14-Feb-2023 07:29:01 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.130.js
178.250.0.130200 OK 30 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.130.js
IP 178.250.0.130:0
File type ASCII text, with very long lines (65354)
Hash 41b93e2227db70edbdffa2672b6395e0
8eba268b5225d9e80d2f04c9096108686ce8bf9d
87a53da7b1c228f3486ede0900dbe01820834ead8154ac3ae7688f3e92edf518
GET /js/ld/publishertag.prebid.130.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:01 GMT
content-type: text/javascript
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
etag: W/"6326273b-16120"
expires: Sun, 15 Jan 2023 07:29:01 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ec8e48d149daee2752435a00c6a2bc82
c6ea572437b23d7e342e3e46e8dbcfec9cf062c0
703596d130348ad65e4f77abee2c1aa2fac0bee63d42999e764deb5d36834ed0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.pubmatic.com/AdServer/js/pwt/157742/7600/
2.18.172.200403 Forbidden 199 B URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/157742/7600/
IP 2.18.172.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bb8f534fbff5ee61a95af9c4740ae043
832e403d42aac1fec93e4f602338544d3fd2e4f1
5b13fb5957b84ef7bb9d0b6cd509c947ff6a37d67efdac2b896ddd3b908aad10
GET /AdServer/js/pwt/157742/7600/ HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
server: Apache
content-length: 199
content-type: text/html; charset=iso-8859-1
date: Sat, 14 Jan 2023 07:29:01 GMT
X-Firefox-Spdy: h2
id5-sync.com/api/esp/increment?counter=no-config
141.95.33.111204 0 B URL HTTP/1.1 id5-sync.com/api/esp/increment?counter=no-config
IP 141.95.33.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/esp/increment?counter=no-config HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
date: Sat, 14 Jan 2023 07:29:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=driG5d-uWUsbjNrO1ue2bqzboUFQG3yp0;rtbdata=hPzTdJMDKIiRPKk2IdGXp2qpvlzk-NbgHamCiJx7Wt4m6XUlFvcovrkjpE4NLSXb1HjL_7GzKz8MemkYNmFrKp7sxsSMe-gCtbZtqIbIopzJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO1a1miJp2bUMi0RxaS8vu-TkxB85Co2bPOnqGuhAbga6kWLg8AcERWABzrUMxakn4-nvpUcyTYEYKcb1aFOOpyfjcD1sQQXBRw1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ShyEcN61mdd42u1ywTJ-2liH5HQu80uJMvZX66oGn6STiA5PHQPxeW8fI60XlM8Nwz0LEq8kKVyoQTQG11_PPxb50JC9i2658b1x0ZpVUUwN_g-WMtiBEq1GSU1YIRFucul6654TbiHI9QZMJeomKQpu7xow8fQ1HR_Va6G-DMgD9jTA9wD4ksfMEX5By_Xskui0bMBUl7EItAaUI_QD3QO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=1x;622;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.6.241200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=driG5d-uWUsbjNrO1ue2bqzboUFQG3yp0;rtbdata=hPzTdJMDKIiRPKk2IdGXp2qpvlzk-NbgHamCiJx7Wt4m6XUlFvcovrkjpE4NLSXb1HjL_7GzKz8MemkYNmFrKp7sxsSMe-gCtbZtqIbIopzJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO1a1miJp2bUMi0RxaS8vu-TkxB85Co2bPOnqGuhAbga6kWLg8AcERWABzrUMxakn4-nvpUcyTYEYKcb1aFOOpyfjcD1sQQXBRw1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ShyEcN61mdd42u1ywTJ-2liH5HQu80uJMvZX66oGn6STiA5PHQPxeW8fI60XlM8Nwz0LEq8kKVyoQTQG11_PPxb50JC9i2658b1x0ZpVUUwN_g-WMtiBEq1GSU1YIRFucul6654TbiHI9QZMJeomKQpu7xow8fQ1HR_Va6G-DMgD9jTA9wD4ksfMEX5By_Xskui0bMBUl7EItAaUI_QD3QO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=1x;622;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.6.241:0
File type ASCII text, with very long lines (4214), with CRLF line terminators
Hash 06fc45e5398bcea2c8ca0ddba4f12f5e
222f70299934ecf2e63877cede24fa64fea28bed
174c505f06e798ca25b044aeaae7f0dc694fa87ca4f932b26e57797e8ee641e4
GET /adfserve/?CC=1&bn=60454987;rtbwp=driG5d-uWUsbjNrO1ue2bqzboUFQG3yp0;rtbdata=hPzTdJMDKIiRPKk2IdGXp2qpvlzk-NbgHamCiJx7Wt4m6XUlFvcovrkjpE4NLSXb1HjL_7GzKz8MemkYNmFrKp7sxsSMe-gCtbZtqIbIopzJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO1a1miJp2bUMi0RxaS8vu-TkxB85Co2bPOnqGuhAbga6kWLg8AcERWABzrUMxakn4-nvpUcyTYEYKcb1aFOOpyfjcD1sQQXBRw1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ShyEcN61mdd42u1ywTJ-2liH5HQu80uJMvZX66oGn6STiA5PHQPxeW8fI60XlM8Nwz0LEq8kKVyoQTQG11_PPxb50JC9i2658b1x0ZpVUUwN_g-WMtiBEq1GSU1YIRFucul6654TbiHI9QZMJeomKQpu7xow8fQ1HR_Va6G-DMgD9jTA9wD4ksfMEX5By_Xskui0bMBUl7EItAaUI_QD3QO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=1x;622;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: text/javascript; charset=utf-8
content-length: 3194
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60454987A502848A10148559A26942; domain=adform.net; expires=Sun, 15-Jan-2023 07:29:02 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=driG5d-uWUsbjNrO1ue2bqzboUFQG3yp0;rtbdata=A8iMOn7YAifwCPo7eDgW9tDEizo3fBKyplGPm4548WXX65plYwQa8lMM0KY5cE_zR9QnH-5MK8dg8313Xh0jnlSeiqn20AWfTHEBfkane8nJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO2ZYeI9LSfJEC0RxaS8vu-TkxB85Co2bPOnqGuhAbga6kWLg8AcERWAalaLoxW3us2nvpUcyTYEYKcb1aFOOpyfjcD1sQQXBRw1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=vs1nY6vG0OB42u1ywTJ-2liH5HQu80uJMvZX66oGn6STiA5PHQPxeW8fI60XlM8Nwz0LEq8kKVxj6XQlcMu8PqPVsTBLj89Ih0ddwOfARXulon-D6CT5AF0Nxhmm53v36DKV_m0a4y6GOgJUYoQNeCUi_ZW-Q--bXMseeG1ti8sD9jTA9wD4ksfMEX5By_Xskui0bMBUl7H-F61CtfCKLwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=2x;2115;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.6.241200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=driG5d-uWUsbjNrO1ue2bqzboUFQG3yp0;rtbdata=A8iMOn7YAifwCPo7eDgW9tDEizo3fBKyplGPm4548WXX65plYwQa8lMM0KY5cE_zR9QnH-5MK8dg8313Xh0jnlSeiqn20AWfTHEBfkane8nJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO2ZYeI9LSfJEC0RxaS8vu-TkxB85Co2bPOnqGuhAbga6kWLg8AcERWAalaLoxW3us2nvpUcyTYEYKcb1aFOOpyfjcD1sQQXBRw1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=vs1nY6vG0OB42u1ywTJ-2liH5HQu80uJMvZX66oGn6STiA5PHQPxeW8fI60XlM8Nwz0LEq8kKVxj6XQlcMu8PqPVsTBLj89Ih0ddwOfARXulon-D6CT5AF0Nxhmm53v36DKV_m0a4y6GOgJUYoQNeCUi_ZW-Q--bXMseeG1ti8sD9jTA9wD4ksfMEX5By_Xskui0bMBUl7H-F61CtfCKLwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=2x;2115;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.6.241:0
File type ASCII text, with very long lines (4214), with CRLF line terminators
Hash 0753c28b795034e845589c08aa4d9e20
d59e05823401cf2c276ddac07e79161875a1686a
47b46ef46d92533592f7211d0d32bc44ad8ab456b201b4ed01cb97644d4915e9
GET /adfserve/?CC=1&bn=60454987;rtbwp=driG5d-uWUsbjNrO1ue2bqzboUFQG3yp0;rtbdata=A8iMOn7YAifwCPo7eDgW9tDEizo3fBKyplGPm4548WXX65plYwQa8lMM0KY5cE_zR9QnH-5MK8dg8313Xh0jnlSeiqn20AWfTHEBfkane8nJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO2ZYeI9LSfJEC0RxaS8vu-TkxB85Co2bPOnqGuhAbga6kWLg8AcERWAalaLoxW3us2nvpUcyTYEYKcb1aFOOpyfjcD1sQQXBRw1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=vs1nY6vG0OB42u1ywTJ-2liH5HQu80uJMvZX66oGn6STiA5PHQPxeW8fI60XlM8Nwz0LEq8kKVxj6XQlcMu8PqPVsTBLj89Ih0ddwOfARXulon-D6CT5AF0Nxhmm53v36DKV_m0a4y6GOgJUYoQNeCUi_ZW-Q--bXMseeG1ti8sD9jTA9wD4ksfMEX5By_Xskui0bMBUl7H-F61CtfCKLwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=2x;2115;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: text/javascript; charset=utf-8
content-length: 3190
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60454987A502848A10148559A26942; domain=adform.net; expires=Sun, 15-Jan-2023 07:29:02 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
p.ad.gt/api/v1/p/405
172.67.23.234200 OK 16 kB IP 172.67.23.234:0
File type ASCII text, with very long lines (40820), with CRLF line terminators
Hash b9d7afeadf7cbbc050bfaf3e85535130
b6ab58e70aa0764c33f085de21176710dced4dfe
de5dc63dc6398fa1943d0bef3ef0730bdf103d5c4a0a3ea6be88227f58785d05
GET /api/v1/p/405 HTTP/1.1
Host: p.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: application/javascript
last-modified: Fri, 13 Jan 2023 12:11:22 GMT
cache-control: public, max-age=43200
expires: Sat, 14 Jan 2023 19:27:59 GMT
etag: W/"1673611882.0-40800-3373272138"
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 63
vary: Accept-Encoding
server: cloudflare
cf-ray: 7894a88499f5b506-OSL
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=pIjprdQVl3zU55KuJTrHxAFC1-Qhvxx-l8nI6BcIq0EWwcEoi3cdyzN9KlWqfrAltMG8GznsEwujvAKtEd5swu0v7dQCVS10KLG50Tgf3vbJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO2PRMrsfCTxBGZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Ge13fn8pcKQqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXuFVexOALauEieEI_HdDmWGeWeU8vmBt7RHIStnaVTSXYLjWAd1OFnEtMG8GznsEwujvAKtEd5swu0v7dQCVS10ZGdyAiIaJINqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNBv-UQ43VSOXcWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=4x;9654;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.6.241200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=pIjprdQVl3zU55KuJTrHxAFC1-Qhvxx-l8nI6BcIq0EWwcEoi3cdyzN9KlWqfrAltMG8GznsEwujvAKtEd5swu0v7dQCVS10KLG50Tgf3vbJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO2PRMrsfCTxBGZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Ge13fn8pcKQqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXuFVexOALauEieEI_HdDmWGeWeU8vmBt7RHIStnaVTSXYLjWAd1OFnEtMG8GznsEwujvAKtEd5swu0v7dQCVS10ZGdyAiIaJINqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNBv-UQ43VSOXcWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=4x;9654;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.6.241:0
File type ASCII text, with very long lines (4214), with CRLF line terminators
Hash 1b558209c99227ea43cfef5b44cb0adf
d3eb2b0e95536a3c64ed32fc05d0fa2e25c7e698
8ba360d1ee0cae103fcfb1826a9e220776b92e4b9c5111610008d7faed529fff
GET /adfserve/?CC=1&bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=pIjprdQVl3zU55KuJTrHxAFC1-Qhvxx-l8nI6BcIq0EWwcEoi3cdyzN9KlWqfrAltMG8GznsEwujvAKtEd5swu0v7dQCVS10KLG50Tgf3vbJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO2PRMrsfCTxBGZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Ge13fn8pcKQqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXuFVexOALauEieEI_HdDmWGeWeU8vmBt7RHIStnaVTSXYLjWAd1OFnEtMG8GznsEwujvAKtEd5swu0v7dQCVS10ZGdyAiIaJINqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNBv-UQ43VSOXcWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=4x;9654;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: text/javascript; charset=utf-8
content-length: 3172
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60455003A502848A10148559A26942; domain=adform.net; expires=Sun, 15-Jan-2023 07:29:02 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
cdn.adapex.io/hb/aaw.emc.js
188.114.97.1200 OK 170 kB URL HTTP/2 cdn.adapex.io/hb/aaw.emc.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (65254)
Size 170 kB (170355 bytes)
Hash 7f36920033cd2102d85267b1fa1d3cfd
ceef54523e2749eb31ba0a34ac4db2be4ebae1b7
865d72ea57082f6b152f76d3458f01e96d844893a9072b124b0b0090a95f700a
GET /hb/aaw.emc.js HTTP/1.1
Host: cdn.adapex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:56 GMT
content-type: application/javascript
last-modified: Tue, 10 Jan 2023 06:32:31 GMT
vary: Accept-Encoding
etag: W/"63bd067f-8cecd"
expires: Sat, 14 Jan 2023 06:33:22 GMT
cache-control: public, max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 33863
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRis4ZiwzJ6%2Bi9xulZpgpjH3bb%2Fk6ov%2FYAYdgNzfd0CT%2BXlgRWhF48V6XBC5o6OJXHTCwrsKp96CQ%2FBsTVo2rLsOeKpmzcweiqGaF9t1nwNw1PC4SV%2FJAGEpTSF75%2FZR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7894a860ccb00b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=TJ4qHFkmLj2BnRCGUBXGTUTotwdHhv2H2pd7ZoLzjCcwqhrwOzrvTbkjpE4NLSXbdQgYm5SHpfeiWB9TdLudYGfaAE-0coVWx7R47DfrnjHJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO3WruCPO5vkumZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=pxvdSNIBF-QqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXviHp2Y6JPGcAOQnA-c0W8AME4P7tJR8-vLdpsxX6RC8oviDFvtr3kFdQgYm5SHpfeiWB9TdLudYGfaAE-0coVWtt8kxlX9p-1qxZ1iDns5VpXUV7uR1YOps5Da4GvFMNAa3wQqCd73TcWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=5x;9356;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.6.241200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=TJ4qHFkmLj2BnRCGUBXGTUTotwdHhv2H2pd7ZoLzjCcwqhrwOzrvTbkjpE4NLSXbdQgYm5SHpfeiWB9TdLudYGfaAE-0coVWx7R47DfrnjHJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO3WruCPO5vkumZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=pxvdSNIBF-QqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXviHp2Y6JPGcAOQnA-c0W8AME4P7tJR8-vLdpsxX6RC8oviDFvtr3kFdQgYm5SHpfeiWB9TdLudYGfaAE-0coVWtt8kxlX9p-1qxZ1iDns5VpXUV7uR1YOps5Da4GvFMNAa3wQqCd73TcWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=5x;9356;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.6.241:0
File type ASCII text, with very long lines (4213), with CRLF line terminators
Hash 5f4a05545f636fefd6932bd8b644257b
9c8fe47bf444ee8ee9b0bba9cd83ca2f7c3f9ae5
5cc5ed14d2d1981391ff8fece3170720fc33b82f6b7b9d47e0b347518e46225b
GET /adfserve/?CC=1&bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=TJ4qHFkmLj2BnRCGUBXGTUTotwdHhv2H2pd7ZoLzjCcwqhrwOzrvTbkjpE4NLSXbdQgYm5SHpfeiWB9TdLudYGfaAE-0coVWx7R47DfrnjHJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO3WruCPO5vkumZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=pxvdSNIBF-QqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXviHp2Y6JPGcAOQnA-c0W8AME4P7tJR8-vLdpsxX6RC8oviDFvtr3kFdQgYm5SHpfeiWB9TdLudYGfaAE-0coVWtt8kxlX9p-1qxZ1iDns5VpXUV7uR1YOps5Da4GvFMNAa3wQqCd73TcWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=5x;9356;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: text/javascript; charset=utf-8
content-length: 3174
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60455003A502848A10148559A26942; domain=adform.net; expires=Sun, 15-Jan-2023 07:29:02 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=E6tQbzBjLA872GUJ_yuwA4jSnPcsVlNB4OdLnV7sX2eqde4Sj671ZZEOAGbjPBIs761EtTy_VtUD4g12_OFxUvoD9GcGjKTdPoCnorFv4lLJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO2Rso0dtOMygGZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=K93G7ztzjzUqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXu2oF3XeLhghpeVIWVz-DXw7eBdsw-BOPRhwDqrHLXwMe7YgMxOyErI761EtTy_VtUD4g12_OFxUvoD9GcGjKTdiAYoDbMTo_JqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNDlNyhHsO8hicWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=6x;4356;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.6.241200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=E6tQbzBjLA872GUJ_yuwA4jSnPcsVlNB4OdLnV7sX2eqde4Sj671ZZEOAGbjPBIs761EtTy_VtUD4g12_OFxUvoD9GcGjKTdPoCnorFv4lLJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO2Rso0dtOMygGZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=K93G7ztzjzUqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXu2oF3XeLhghpeVIWVz-DXw7eBdsw-BOPRhwDqrHLXwMe7YgMxOyErI761EtTy_VtUD4g12_OFxUvoD9GcGjKTdiAYoDbMTo_JqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNDlNyhHsO8hicWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=6x;4356;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.6.241:0
File type ASCII text, with very long lines (4213), with CRLF line terminators
Hash 34fbabd3b261fd504b972ff6f5e15d0b
dc3f7a8e63311c06589c9b0ec31321f034836d8d
a444e5fbfbdb53317f4f3e66fbae01c2fb4815c0ffb94e19d6dad0309ff41255
GET /adfserve/?CC=1&bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=E6tQbzBjLA872GUJ_yuwA4jSnPcsVlNB4OdLnV7sX2eqde4Sj671ZZEOAGbjPBIs761EtTy_VtUD4g12_OFxUvoD9GcGjKTdPoCnorFv4lLJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO2Rso0dtOMygGZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=K93G7ztzjzUqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXu2oF3XeLhghpeVIWVz-DXw7eBdsw-BOPRhwDqrHLXwMe7YgMxOyErI761EtTy_VtUD4g12_OFxUvoD9GcGjKTdiAYoDbMTo_JqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNDlNyhHsO8hicWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=6x;4356;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: text/javascript; charset=utf-8
content-length: 3180
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60455003A502848A10148559A26942; domain=adform.net; expires=Sun, 15-Jan-2023 07:29:02 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=KEfFc34P3_1oig8ieJ6NGO_0qIig5PgRJPOfgi8NI9uacdOwuwSeQtO6EqB0BATo_S-eqGnrS-aSZj1BiGIHpmGZZ6K5pIIURA9mQqA1I7vJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO3GJ9UhqPWfG2ZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDWlEr5B2agIaelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=2mpjhB9f2usqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXuDuAchc0Q-vYJPNo94LielfWy_dZT2BlZI-WQ6N7jJTXkW-J_mg8x3_S-eqGnrS-aSZj1BiGIHpmGZZ6K5pIIUC78ctZmIgQNqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNCdgfUeDTHZg8WjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=7x;10727;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.6.241200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=KEfFc34P3_1oig8ieJ6NGO_0qIig5PgRJPOfgi8NI9uacdOwuwSeQtO6EqB0BATo_S-eqGnrS-aSZj1BiGIHpmGZZ6K5pIIURA9mQqA1I7vJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO3GJ9UhqPWfG2ZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDWlEr5B2agIaelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=2mpjhB9f2usqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXuDuAchc0Q-vYJPNo94LielfWy_dZT2BlZI-WQ6N7jJTXkW-J_mg8x3_S-eqGnrS-aSZj1BiGIHpmGZZ6K5pIIUC78ctZmIgQNqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNCdgfUeDTHZg8WjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=7x;10727;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.6.241:0
File type ASCII text, with very long lines (4214), with CRLF line terminators
Hash d41bc1b5c212bb096928e0191d3ea98b
2e0f9e2cbaed26ece1aeaaa71db83b606d6f265a
59c4f2fe6d333c3171489c8b25a1941b4ecc154efb6defceab4c6c3a1dcb847d
GET /adfserve/?CC=1&bn=60454987;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=KEfFc34P3_1oig8ieJ6NGO_0qIig5PgRJPOfgi8NI9uacdOwuwSeQtO6EqB0BATo_S-eqGnrS-aSZj1BiGIHpmGZZ6K5pIIURA9mQqA1I7vJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO3GJ9UhqPWfG2ZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDWlEr5B2agIaelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=2mpjhB9f2usqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXuDuAchc0Q-vYJPNo94LielfWy_dZT2BlZI-WQ6N7jJTXkW-J_mg8x3_S-eqGnrS-aSZj1BiGIHpmGZZ6K5pIIUC78ctZmIgQNqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNCdgfUeDTHZg8WjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=7x;10727;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: text/javascript; charset=utf-8
content-length: 3182
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60454987A502848A10148559A26942; domain=adform.net; expires=Sun, 15-Jan-2023 07:29:02 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.youronlinechoices.com/wp-content/plugins/optout/callback/?status=nocookie&token=ZEW3zIjW9vXDFwg0XR0hbHMJSDg
40.85.112.191200 OK 794 B URL HTTP/1.1 www.youronlinechoices.com/wp-content/plugins/optout/callback/?status=nocookie&token=ZEW3zIjW9vXDFwg0XR0hbHMJSDg
IP 40.85.112.191:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document, ASCII text
Hash f026a964cfb8833aff8c2b07bcd613c9
39aa2f7ab1cd7124f19f810840ca927f30d08a6b
47ade784d0e780806e1ef800d4a7bb703f364836af05ac5bef97e0a9fc604ebe
GET /wp-content/plugins/optout/callback/?status=nocookie&token=ZEW3zIjW9vXDFwg0XR0hbHMJSDg HTTP/1.1
Host: www.youronlinechoices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 14 Jan 2023 07:29:02 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
X-Powered-By: PHP/7.4.16
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=631138519; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;
Content-Length: 794
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=TJ4qHFkmLj0GWqodcgLX6refMkX-EFtS_MVVAnSvJdby9lkXlw4yoZ7RJsIFLDe-a9d4pcOX3_cp5dmELmyDZH0KIyLtYLOFuvTvDHuwLf3JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO25XuaKMT7RnmZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Tk1yet77BA8qHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXvomzj3GZmz8PeCFvaS-HtL5yljAkM_OsKo6GL9HH1OhjL6wqEJHkhsa9d4pcOX3_cp5dmELmyDZH0KIyLtYLOFi_a-9t0MwUVqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNAnZKKypkKtasWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=8x;3759;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.6.241200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=TJ4qHFkmLj0GWqodcgLX6refMkX-EFtS_MVVAnSvJdby9lkXlw4yoZ7RJsIFLDe-a9d4pcOX3_cp5dmELmyDZH0KIyLtYLOFuvTvDHuwLf3JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO25XuaKMT7RnmZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Tk1yet77BA8qHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXvomzj3GZmz8PeCFvaS-HtL5yljAkM_OsKo6GL9HH1OhjL6wqEJHkhsa9d4pcOX3_cp5dmELmyDZH0KIyLtYLOFi_a-9t0MwUVqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNAnZKKypkKtasWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=8x;3759;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.6.241:0
File type ASCII text, with very long lines (4214), with CRLF line terminators
Hash 5f157c08e392e0f6a6cf0b29de8ff1fd
2eb5e37f3e000d9727c2a0f42347f56d3a849624
19cf71d4e9c74aa4f02b8c364a8fbeab704136ef4f9c0b06bfb58b24023035b4
GET /adfserve/?CC=1&bn=60454987;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=TJ4qHFkmLj0GWqodcgLX6refMkX-EFtS_MVVAnSvJdby9lkXlw4yoZ7RJsIFLDe-a9d4pcOX3_cp5dmELmyDZH0KIyLtYLOFuvTvDHuwLf3JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO25XuaKMT7RnmZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=Tk1yet77BA8qHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXvomzj3GZmz8PeCFvaS-HtL5yljAkM_OsKo6GL9HH1OhjL6wqEJHkhsa9d4pcOX3_cp5dmELmyDZH0KIyLtYLOFi_a-9t0MwUVqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNAnZKKypkKtasWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=8x;3759;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: text/javascript; charset=utf-8
content-length: 3181
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60454987A502848A10148559A26942; domain=adform.net; expires=Sun, 15-Jan-2023 07:29:02 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=nedVi83WsnsEB3ERoM9yQG1GrcssHhhgmjyUYA-HBFmwYWLohtkwo57RJsIFLDe--EQ3i-Ncap_dXLhmNWdLrwkJRpHa7LBjenbKc5Aa_JDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO1YZyd7lhZQoWZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=cc5_gFzjCT8qHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXtBQLLPxnLeEBXJYF-Zul33fJKJbdkE8fNnXAaFn4qumBolQLLHiOn_-EQ3i-Ncap_dXLhmNWdLrwkJRpHa7LBjasJ9NnCn3xtqxZ1iDns5VpXUV7uR1YOps5Da4GvFMND7vCffV4kwUsWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=9x;4771;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.6.241200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=nedVi83WsnsEB3ERoM9yQG1GrcssHhhgmjyUYA-HBFmwYWLohtkwo57RJsIFLDe--EQ3i-Ncap_dXLhmNWdLrwkJRpHa7LBjenbKc5Aa_JDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO1YZyd7lhZQoWZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=cc5_gFzjCT8qHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXtBQLLPxnLeEBXJYF-Zul33fJKJbdkE8fNnXAaFn4qumBolQLLHiOn_-EQ3i-Ncap_dXLhmNWdLrwkJRpHa7LBjasJ9NnCn3xtqxZ1iDns5VpXUV7uR1YOps5Da4GvFMND7vCffV4kwUsWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=9x;4771;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.6.241:0
File type ASCII text, with very long lines (4214), with CRLF line terminators
Hash af3d9758f9bc248ac03bb84f41c6c822
169461aa74e552d253755eb485f38f4b3e07cfb1
b08f8c6e19771bfb325ddaca5e558d78160dce713e14c8ce66fbfbb4608106a3
GET /adfserve/?CC=1&bn=60454987;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=nedVi83WsnsEB3ERoM9yQG1GrcssHhhgmjyUYA-HBFmwYWLohtkwo57RJsIFLDe--EQ3i-Ncap_dXLhmNWdLrwkJRpHa7LBjenbKc5Aa_JDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO1YZyd7lhZQoWZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=cc5_gFzjCT8qHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXtBQLLPxnLeEBXJYF-Zul33fJKJbdkE8fNnXAaFn4qumBolQLLHiOn_-EQ3i-Ncap_dXLhmNWdLrwkJRpHa7LBjasJ9NnCn3xtqxZ1iDns5VpXUV7uR1YOps5Da4GvFMND7vCffV4kwUsWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=9x;4771;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: text/javascript; charset=utf-8
content-length: 3177
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60454987A502848A10148559A26942; domain=adform.net; expires=Sun, 15-Jan-2023 07:29:02 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=6hySndOYzXULSMxR2vKOSgylFhu127Vgcy5ltKbgJi_oC5_KK856Jp7RJsIFLDe-6jQ8wdF51esJUgcKcgqgTUBEOrefZeqKoW8EpXaDZjbJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO08Fcl4O9BKOWZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=3k8tkmGMIBUqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXs0AT4_scpgt8CzUdmIXxx03XUTVI9OtShVFfHBx82I35Ny7oAkuvB66jQ8wdF51esJUgcKcgqgTUBEOrefZeqKToYgPb-gJ1dqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNB0jG2C7v5wAMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=10x;4608;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.6.241200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=6hySndOYzXULSMxR2vKOSgylFhu127Vgcy5ltKbgJi_oC5_KK856Jp7RJsIFLDe-6jQ8wdF51esJUgcKcgqgTUBEOrefZeqKoW8EpXaDZjbJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO08Fcl4O9BKOWZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=3k8tkmGMIBUqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXs0AT4_scpgt8CzUdmIXxx03XUTVI9OtShVFfHBx82I35Ny7oAkuvB66jQ8wdF51esJUgcKcgqgTUBEOrefZeqKToYgPb-gJ1dqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNB0jG2C7v5wAMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=10x;4608;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.6.241:0
File type ASCII text, with very long lines (4215), with CRLF line terminators
Hash 672be1d77164a3ab1a9a47a8052a151e
bb5548210275e385c7ca22af9640c102a6cf5757
c304bd80e06106b3847342c9c2d9659b8aaf10319895ff4eeac9369371838c8b
GET /adfserve/?CC=1&bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=6hySndOYzXULSMxR2vKOSgylFhu127Vgcy5ltKbgJi_oC5_KK856Jp7RJsIFLDe-6jQ8wdF51esJUgcKcgqgTUBEOrefZeqKoW8EpXaDZjbJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO08Fcl4O9BKOWZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=3k8tkmGMIBUqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXs0AT4_scpgt8CzUdmIXxx03XUTVI9OtShVFfHBx82I35Ny7oAkuvB66jQ8wdF51esJUgcKcgqgTUBEOrefZeqKToYgPb-gJ1dqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNB0jG2C7v5wAMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=10x;4608;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: text/javascript; charset=utf-8
content-length: 3176
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60455003A502848A10148559A26942; domain=adform.net; expires=Sun, 15-Jan-2023 07:29:02 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=hPzTdJMDKIjD8WahC8frZ-ubRaZTDNu2c0crRTWq74nUeRCa4rbT4bkjpE4NLSXb7-pELZzZRDeHqUr16D_hYc1WYnqUXfoRNnTM_HJXulDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO01-RcBLRrEiWZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=k6ESF6qjrnIqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXvs4tAIWs0EZN1iJdj-lFisffrWBwF3zIe7qqZdeGBNmI_sAgrwyRt87-pELZzZRDeHqUr16D_hYc1WYnqUXfoRSpTQmEQIOl5qxZ1iDns5VpXUV7uR1YOps5Da4GvFMNCUM4-aEYCiq8WjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=11x;2294;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.6.241200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=hPzTdJMDKIjD8WahC8frZ-ubRaZTDNu2c0crRTWq74nUeRCa4rbT4bkjpE4NLSXb7-pELZzZRDeHqUr16D_hYc1WYnqUXfoRNnTM_HJXulDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO01-RcBLRrEiWZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=k6ESF6qjrnIqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXvs4tAIWs0EZN1iJdj-lFisffrWBwF3zIe7qqZdeGBNmI_sAgrwyRt87-pELZzZRDeHqUr16D_hYc1WYnqUXfoRSpTQmEQIOl5qxZ1iDns5VpXUV7uR1YOps5Da4GvFMNCUM4-aEYCiq8WjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=11x;2294;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.6.241:0
File type ASCII text, with very long lines (4214), with CRLF line terminators
Hash 4a26237be866077c3f61b54c5c0cd5d1
0460c2be6886f530f0aecaa8dd66864314e5b565
4af711ef67a4298837d34a19cb547572a9a8b024d5996a2f1619d225c6778f5c
GET /adfserve/?CC=1&bn=60455003;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=hPzTdJMDKIjD8WahC8frZ-ubRaZTDNu2c0crRTWq74nUeRCa4rbT4bkjpE4NLSXb7-pELZzZRDeHqUr16D_hYc1WYnqUXfoRNnTM_HJXulDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO01-RcBLRrEiWZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=k6ESF6qjrnIqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXvs4tAIWs0EZN1iJdj-lFisffrWBwF3zIe7qqZdeGBNmI_sAgrwyRt87-pELZzZRDeHqUr16D_hYc1WYnqUXfoRSpTQmEQIOl5qxZ1iDns5VpXUV7uR1YOps5Da4GvFMNCUM4-aEYCiq8WjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=11x;2294;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: text/javascript; charset=utf-8
content-length: 3178
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60455003A502848A10148559A26942; domain=adform.net; expires=Sun, 15-Jan-2023 07:29:02 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=-0KBq16r_0eBwBM4FpcgREeBAB3KqT0_0;rtbdata=6kB3crmDNKt8w-OFDxMX-RKQEGDsbRr53Dsv0SP5am5C-sZzjuR9YucxbCA7OgRL4oRGLPNbqIXQ0WW5UCW7ZQGdBAeCLANPFxnehj3F96TJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-93TiRbXuOlE_8dMx_JUgsim3XdA_7KoTCKsjHacshO1n_LVeFrfIZrq_ZT61K-_0TvAVg_Aqa_Ki-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHZW75mFd04FnWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=GM0sWF_0rRgqHMLsI0XOHar8852KPeXlBm4Frq_1Nqc2Z1Kib07ssJT7WXJg35mThTxFdo_0vXtUj61nC1FNxQcyg0SqqtKNhZxy890ixyuHj4UlOL5L8d1fgq0hn-rY4oRGLPNbqIXQ0WW5UCW7ZQGdBAeCLANPfE_tFC5OMaVqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNBKQcT3GsFmjMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=12x;8373;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.6.241200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=-0KBq16r_0eBwBM4FpcgREeBAB3KqT0_0;rtbdata=6kB3crmDNKt8w-OFDxMX-RKQEGDsbRr53Dsv0SP5am5C-sZzjuR9YucxbCA7OgRL4oRGLPNbqIXQ0WW5UCW7ZQGdBAeCLANPFxnehj3F96TJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-93TiRbXuOlE_8dMx_JUgsim3XdA_7KoTCKsjHacshO1n_LVeFrfIZrq_ZT61K-_0TvAVg_Aqa_Ki-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHZW75mFd04FnWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=GM0sWF_0rRgqHMLsI0XOHar8852KPeXlBm4Frq_1Nqc2Z1Kib07ssJT7WXJg35mThTxFdo_0vXtUj61nC1FNxQcyg0SqqtKNhZxy890ixyuHj4UlOL5L8d1fgq0hn-rY4oRGLPNbqIXQ0WW5UCW7ZQGdBAeCLANPfE_tFC5OMaVqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNBKQcT3GsFmjMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=12x;8373;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.6.241:0
File type ASCII text, with very long lines (4226), with CRLF line terminators
Hash 21f37ff90263fc2c26848946165983e0
0c9fbbcba538420fecb2bef5bfbabe949b1d844e
60311c7857a18e6db642bcf9117727b7afc764113c697cd2f2cbb99b4ec06f12
GET /adfserve/?CC=1&bn=60454987;rtbwp=-0KBq16r_0eBwBM4FpcgREeBAB3KqT0_0;rtbdata=6kB3crmDNKt8w-OFDxMX-RKQEGDsbRr53Dsv0SP5am5C-sZzjuR9YucxbCA7OgRL4oRGLPNbqIXQ0WW5UCW7ZQGdBAeCLANPFxnehj3F96TJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-93TiRbXuOlE_8dMx_JUgsim3XdA_7KoTCKsjHacshO1n_LVeFrfIZrq_ZT61K-_0TvAVg_Aqa_Ki-2mpX_6WbdKb8zKBUnyDdAMdzedsP8yelXXc_Q6xHZW75mFd04FnWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=GM0sWF_0rRgqHMLsI0XOHar8852KPeXlBm4Frq_1Nqc2Z1Kib07ssJT7WXJg35mThTxFdo_0vXtUj61nC1FNxQcyg0SqqtKNhZxy890ixyuHj4UlOL5L8d1fgq0hn-rY4oRGLPNbqIXQ0WW5UCW7ZQGdBAeCLANPfE_tFC5OMaVqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNBKQcT3GsFmjMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=12x;8373;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: text/javascript; charset=utf-8
content-length: 3192
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60454987A502848A10148559A26942; domain=adform.net; expires=Sun, 15-Jan-2023 07:29:02 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
185.86.139.115302 Found 0 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
IP 185.86.139.115:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
content-length: 0
date: Sat, 14 Jan 2023 07:29:02 GMT
cache-control: no-cache,no-store
location: https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=5580574857778684208&gdpr=0&gdpr_consent=
pragma: no-cache
set-cookie: pid=5580574857778684208; expires=Wed, 14 Feb 2024 07:29:02 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Wed, 14 Feb 2024 07:29:02 GMT; domain=smartadserver.com; path=/
csync=135:TAM_OK; expires=Sun, 14 Jan 2024 07:29:02 GMT; domain=smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 3d68c58452d41745e480b6f9f70c2510
eb5a065e302fc902af513b73fb565e2311f8b064
2c6d845ab07fbe9c5756a5fd2ccf4a808ed1d3ff604d30333aed09359ef2aaf0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 14 Jan 2023 07:29:02 GMT
Last-Modified: Sat, 14 Jan 2023 05:44:58 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CXnV0Q77kMWCeE00b_im-kjC4f9kV9RwXD-c8ecfIbHjY8r9nXsMnA==
Age: 6244
ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
172.64.154.237302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=
IP 172.64.154.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch?s=179394&cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent= HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 14 Jan 2023 07:29:02 GMT
content-length: 0
location: /usermatch?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fgdpr%3D0%26issi%3D1%26partnerid%3D33%26partneruserid%3D&gdpr=0&gdpr_consent=&s=179394&C=1
cf-ray: 7894a88728610b51-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y8JZvjL7G1XOupm6stiQMgAA; Path=/; Domain=casalemedia.com; Expires=Sun, 14 Jan 2024 07:29:02 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=663; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Apr 2023 07:29:02 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=663; Path=/; Domain=casalemedia.com; Expires=Fri, 14 Apr 2023 07:29:02 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0e7tHjatbV8rjLZCXuONhjqzrvUwBzgt5nFIoVFJweL%2BZ8cNsink0cNkO59FlcD0%2BD2KZ2FkqwECt0rVNddzZMk4ls6NTdqlGkr3dAxmihp5mdvErvvKwY7WN4G4WUgWrmgZxieWg%2FgSEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=pIjprdQVl3yOLh6ZD2tAA6kIP7Fqp_2mkgm7Nyfs89tWbDsaA25xuBmhi8XDu_Q2QLquCDqsauS9O-RZf8SbVKJgKgRLfvz9gITtvRKGVGjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO3P5gICNZ_sxGZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDWlEr5B2agIaelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=en_r4xW5XmUqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXsfkQUTY_Vv_TzqARTWFbPgtC6HjaNngaq5TvdnEBmi5fgy75k9PhYWQLquCDqsauS9O-RZf8SbVKJgKgRLfvz9Y9s6TAhqRzFqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNDXKqJdauwhyMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=13x;8414;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.6.241200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=pIjprdQVl3yOLh6ZD2tAA6kIP7Fqp_2mkgm7Nyfs89tWbDsaA25xuBmhi8XDu_Q2QLquCDqsauS9O-RZf8SbVKJgKgRLfvz9gITtvRKGVGjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO3P5gICNZ_sxGZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDWlEr5B2agIaelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=en_r4xW5XmUqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXsfkQUTY_Vv_TzqARTWFbPgtC6HjaNngaq5TvdnEBmi5fgy75k9PhYWQLquCDqsauS9O-RZf8SbVKJgKgRLfvz9Y9s6TAhqRzFqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNDXKqJdauwhyMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=13x;8414;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.6.241:0
File type ASCII text, with very long lines (4215), with CRLF line terminators
Hash 63c14b157ae2e1744791c24eeda4f7b3
424409eefae680459f3d590e51391ccfb9c106b1
3fa6f8b37abff0027a38696efe3d6b177e5881bb4467b7445de963eceb8c40b9
GET /adfserve/?CC=1&bn=60454987;rtbwp=bn_8e_UvM-U-Z8rE3TKq1qzboUFQG3yp0;rtbdata=pIjprdQVl3yOLh6ZD2tAA6kIP7Fqp_2mkgm7Nyfs89tWbDsaA25xuBmhi8XDu_Q2QLquCDqsauS9O-RZf8SbVKJgKgRLfvz9gITtvRKGVGjJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-e6xnatm8GeUjNgrIU5xRGqcb1aFOOpyfCKsjHacshO3P5gICNZ_sxGZoFBEEQVLUwjbeT80XH42i-2mpX_6WbdKb8zKBUnyDWlEr5B2agIaelXXc_Q6xHRYpqkZx-6brWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=en_r4xW5XmUqHMLsI0XOHZCP-DSDkquX1kxiSwSWVlVR0gvLAXw12IRzIdDUJiB6hTxFdo_0vXsfkQUTY_Vv_TzqARTWFbPgtC6HjaNngaq5TvdnEBmi5fgy75k9PhYWQLquCDqsauS9O-RZf8SbVKJgKgRLfvz9Y9s6TAhqRzFqxZ1iDns5VpXUV7uR1YOps5Da4GvFMNDXKqJdauwhyMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=13x;8414;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: text/javascript; charset=utf-8
content-length: 3185
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60454987A502848A10148559A26942; domain=adform.net; expires=Sun, 15-Jan-2023 07:29:02 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c7f8a21f5392f56f4f5da835b8d6f135
451cf1e630c1618c4e9ba70f40e9359db62239bc
f8f49ea42de002fe8a1f5dd8591e3eaf692c62358fad8b64ecbb36e0fa64cc50
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5887
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:29:02 GMT
Last-Modified: Sat, 14 Jan 2023 05:50:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
adx.adform.net/adx/openrtb
37.157.6.241200 OK 1.1 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.241:0
Hash e3e535836f62941783ba494ec020407b
af1950d8bd9f474c418512eeffd2059f85e72ead
635803c936d15cf00ac14a8371b8a22707fd13287d4e4ae6942e049cc5a66fde
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=-0KBq16r_0eBwBM4FpcgREeBAB3KqT0_0;rtbdata=nedVi83WsntzBDzaVYb8Odh83TnOmUv4pClSCtYk_EgAHekMw8BqdTkgZx8X_JVdi4QVPOROwA_bb3Q5MVrQFJ6a4hV-PM0bmaF4nGpWzwLJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-93TiRbXuOlE_8dMx_JUgsim3XdA_7KoTCKsjHacshO2qZg6ZROG8M7q_ZT61K-_0TvAVg_Aqa_Ki-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHZW75mFd04FnWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=BFCoq7ViQUIqHMLsI0XOHar8852KPeXlBm4Frq_1Nqc2Z1Kib07ssJT7WXJg35mThTxFdo_0vXvCiVReKLS1pdtjbYkWDUzVb9ec0T8PkEwFJhAltelCxbIuFiPr-oG-i4QVPOROwA_bb3Q5MVrQFJ6a4hV-PM0bcDXc2mn7pXBqxZ1iDns5VpXUV7uR1YOps5Da4GvFMND7tm6mN1SYyMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=14x;6873;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.6.241200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=-0KBq16r_0eBwBM4FpcgREeBAB3KqT0_0;rtbdata=nedVi83WsntzBDzaVYb8Odh83TnOmUv4pClSCtYk_EgAHekMw8BqdTkgZx8X_JVdi4QVPOROwA_bb3Q5MVrQFJ6a4hV-PM0bmaF4nGpWzwLJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-93TiRbXuOlE_8dMx_JUgsim3XdA_7KoTCKsjHacshO2qZg6ZROG8M7q_ZT61K-_0TvAVg_Aqa_Ki-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHZW75mFd04FnWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=BFCoq7ViQUIqHMLsI0XOHar8852KPeXlBm4Frq_1Nqc2Z1Kib07ssJT7WXJg35mThTxFdo_0vXvCiVReKLS1pdtjbYkWDUzVb9ec0T8PkEwFJhAltelCxbIuFiPr-oG-i4QVPOROwA_bb3Q5MVrQFJ6a4hV-PM0bcDXc2mn7pXBqxZ1iDns5VpXUV7uR1YOps5Da4GvFMND7tm6mN1SYyMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=14x;6873;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.6.241:0
File type ASCII text, with very long lines (4226), with CRLF line terminators
Hash d8457aa7a07f0400eaf5c3e7e4485920
ab21779cfbc3801b0edde096df0d6827197bbe82
9da5e748f8698b6c087912d54af67d4e1cbc9ffcd951e633dc47d9a9ee0c53ca
GET /adfserve/?CC=1&bn=60454987;rtbwp=-0KBq16r_0eBwBM4FpcgREeBAB3KqT0_0;rtbdata=nedVi83WsntzBDzaVYb8Odh83TnOmUv4pClSCtYk_EgAHekMw8BqdTkgZx8X_JVdi4QVPOROwA_bb3Q5MVrQFJ6a4hV-PM0bmaF4nGpWzwLJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfEG4XUToP5JJ-93TiRbXuOlE_8dMx_JUgsim3XdA_7KoTCKsjHacshO2qZg6ZROG8M7q_ZT61K-_0TvAVg_Aqa_Ki-2mpX_6WbdKb8zKBUnyDRWAzkHIUTpSelXXc_Q6xHZW75mFd04FnWsJRNWwK9K81;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=BFCoq7ViQUIqHMLsI0XOHar8852KPeXlBm4Frq_1Nqc2Z1Kib07ssJT7WXJg35mThTxFdo_0vXvCiVReKLS1pdtjbYkWDUzVb9ec0T8PkEwFJhAltelCxbIuFiPr-oG-i4QVPOROwA_bb3Q5MVrQFJ6a4hV-PM0bcDXc2mn7pXBqxZ1iDns5VpXUV7uR1YOps5Da4GvFMND7tm6mN1SYyMWjAexNyLOV0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=14x;6873;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: text/javascript; charset=utf-8
content-length: 3190
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60454987A502848A10148559A26942; domain=adform.net; expires=Sun, 15-Jan-2023 07:29:02 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 3d68c58452d41745e480b6f9f70c2510
eb5a065e302fc902af513b73fb565e2311f8b064
2c6d845ab07fbe9c5756a5fd2ccf4a808ed1d3ff604d30333aed09359ef2aaf0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 14 Jan 2023 07:29:02 GMT
Last-Modified: Sat, 14 Jan 2023 07:01:12 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aDM6LxD0rnreFJr-nk-N2OoMb5LuCQHG6TVI6YCAkTRWKRr4DL1xdw==
Age: 1670
cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
91.228.74.244302 Found 0 B URL HTTP/2 cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
IP 91.228.74.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP/1.1
Host: cms.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 14 Jan 2023 07:29:02 GMT
content-length: 0
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=jUIfBI5IHlOWEElQi0JRV4pBTAaWRkkO2RLk4Lnu
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=EEEBDQGGKIir0QA; expires=Fri, 14-Apr-2023 07:29:02 GMT; path=/; domain=.quantserve.com
mc=63c259be-a5f03-a1000-758bc; expires=Wed, 14-Feb-2024 07:29:02 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 92175cdd015808f0776871063caa711e
a4487a19c34f6f019deac5a36e2fe69b96bbad40
e6496923aa91ae3e292a476b07e36d68a4125c67815877497fc680692be53b52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4664
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:29:02 GMT
Last-Modified: Sat, 14 Jan 2023 06:11:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F
168.119.149.178200 OK 1.5 kB URL HTTP/2 sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F
IP 168.119.149.178:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash a554e2f600429674276f5e1237786fcc
c5c6769e1f95153b740e20c23c8b848a0b3eb901
04146e8dfe614cf6cb7b6b7a757a2761c37f1df64be33cb921ddeb8f44ddf902
GET /bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F HTTP/1.1
Host: sync.richaudience.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.2
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: image/png
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b50c2e3626b57c1c930410913bfe24e1
99f33ddf6452744200bd817de1a695da30d61d66
2324995a7e5cb166835cd024fcf9cda7083fa19ba9d281ef459c68e2995a4aa2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2563
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:29:02 GMT
Last-Modified: Sat, 14 Jan 2023 06:46:19 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2c0c7eb810731238d4a9a19ebd201912
4733e89ccc428454db903e41989770f0f21b0421
dc555a6a12c4467ad95ad0db229685e84da3e6d5249727547f2cc7532ac998b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1046
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:29:02 GMT
Last-Modified: Sat, 14 Jan 2023 07:11:36 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001673681326-Z33PSVQQ-9I5J&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001673681326-Z33PSVQQ-9I5J%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001673681326-Z33PSVQQ-9I5J&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001673681326-Z33PSVQQ-9I5J%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001673681326-Z33PSVQQ-9I5J&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001673681326-Z33PSVQQ-9I5J%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 14 Jan 2023 07:29:02 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1673681342889;Expires=Wed, 15 Mar 2023 07:29:02 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=812c6885-037e-476a-871b-f534ca3a318c;Expires=Wed, 15 Mar 2023 07:29:02 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001673681326-Z33PSVQQ-9I5J&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001673681326-Z33PSVQQ-9I5J%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bf7bc60edb6dc9ebd04acb78e3ef351d
3fe537e1d1540baaed5bbb41985c6ea80cad2397
0e78fa29c13ed19de3ba10efea4f4fcde814095c7cfa0fcc1ad4523e4ea59ad6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6085
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:29:02 GMT
Last-Modified: Sat, 14 Jan 2023 05:47:37 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 6ba4200d41c2576ad67e1e7e26232791
2b2390f865d3c724d38e23ec5f501f0ebff4e282
288c1b8907bb58870a88e3835c9e4d534ab97b3d1dcc615571f1c1ef17cfd7fc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=102345
Date: Sat, 14 Jan 2023 07:29:02 GMT
Etag: "63c13f8e-1d7"
Expires: Sun, 15 Jan 2023 11:54:47 GMT
Last-Modified: Fri, 13 Jan 2023 11:25:02 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -Z_OojOqWQdxRUR2Rb7uub7TYF8b8UpLj0WmFHIz7HV_xaOu1mUhRw==
Age: 1785
sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001673681326-Z33PSVQQ-9I5J%26sas_uid%3D%5bsas_uid%5d&gdpr=0
185.86.139.115302 Found 0 B URL HTTP/1.1 sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001673681326-Z33PSVQQ-9I5J%26sas_uid%3D%5bsas_uid%5d&gdpr=0
IP 185.86.139.115:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001673681326-Z33PSVQQ-9I5J%26sas_uid%3D%5bsas_uid%5d&gdpr=0 HTTP/1.1
Host: sync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
content-length: 0
date: Sat, 14 Jan 2023 07:29:02 GMT
cache-control: no-cache,no-store
location: https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001673681326-Z33PSVQQ-9I5J&sas_uid=[sas_uid]&gdpr=0&cklb=1
pragma: no-cache
set-cookie: TestIfCookie=ok; expires=Mon, 01 Jan 0001 00:00:00 GMT; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 14 Jan 2024 07:29:02 GMT; domain=.smartadserver.com; path=/
pbw=%24b%3d12100%3b%24o%3d11100; expires=Sun, 14 Jan 2024 07:29:02 GMT; domain=.smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001673681326-Z33PSVQQ-9I5J
35.165.89.71302 Found 473 B URL HTTP/2 ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001673681326-Z33PSVQQ-9I5J
IP 35.165.89.71:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (363)
Hash 65bd5617d7dfc48a32d9b83120eae015
493473832c0ac8d6c0cd659c0ada68deacbf2db7
d83da7a75e77e490772942f19d4b647e61d5bb747153f24747d960d67dfe0231
GET /api/v1/g_hosted?id=AU1D-0100-001673681326-Z33PSVQQ-9I5J HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: text/html; charset=utf-8
content-length: 473
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3MzY4MTMyNi1aMzNQU1ZRUS05STVK
server: nginx/1.20.0
set-cookie: au_id=AU1D-0100-001673681326-Z33PSVQQ-9I5J; Expires=Mon, 13 Jan 2025 07:29:02 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
g_hosted=; Expires=Mon, 13 Jan 2025 07:29:02 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001673681326-Z33PSVQQ-9I5J&gdpr=0
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001673681326-Z33PSVQQ-9I5J&gdpr=0
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001673681326-Z33PSVQQ-9I5J&gdpr=0 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001673681326-Z33PSVQQ-9I5J&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001673681326-Z33PSVQQ-9I5J
52.213.249.147302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001673681326-Z33PSVQQ-9I5J&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001673681326-Z33PSVQQ-9I5J
IP 52.213.249.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=348447&dpuuid=AU1D-0100-001673681326-Z33PSVQQ-9I5J&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001673681326-Z33PSVQQ-9I5J HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0ebeee8d5.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=AU1D-0100-001673681326-Z33PSVQQ-9I5J&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001673681326-Z33PSVQQ-9I5J
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=21255865005728915832145378871342545432; Max-Age=15552000; Expires=Thu, 13 Jul 2023 07:29:04 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: ZuIVxSZiQxg=
Content-Length: 0
Connection: keep-alive
match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001673681326-Z33PSVQQ-9I5J
54.171.86.223303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001673681326-Z33PSVQQ-9I5J
IP 54.171.86.223:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/audigent?buyer_user_id=AU1D-0100-001673681326-Z33PSVQQ-9I5J HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Sat, 14 Jan 2023 07:29:02 GMT
location: https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001673681326-Z33PSVQQ-9I5J&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Sat, 14 Jan 2023 07:39:02 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 92175cdd015808f0776871063caa711e
a4487a19c34f6f019deac5a36e2fe69b96bbad40
e6496923aa91ae3e292a476b07e36d68a4125c67815877497fc680692be53b52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4664
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 14 Jan 2023 07:29:02 GMT
Last-Modified: Sat, 14 Jan 2023 06:11:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js
142.250.74.34200 OK 8.9 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (1569)
Hash 405113cd450d20a7a8794680fe6d9085
aa285e8e9e3a07ea817e5bbc81d36c40f3edfe40
884ddf0329fcc7c276fd337734c4454c42c4e9c8ca3ed4371d544c8c3acbdfd9
GET /pagead/js/r20230111/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://326bad74d7e3b4018992a059493be094.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8889
x-xss-protection: 0
date: Fri, 13 Jan 2023 20:10:44 GMT
expires: Fri, 27 Jan 2023 20:10:44 GMT
cache-control: public, max-age=1209600
age: 40699
etag: 3049769697470197148
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001673681326-Z33PSVQQ-9I5J&adnxs_id=$UID&gdpr=0
37.252.171.84307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001673681326-Z33PSVQQ-9I5J&adnxs_id=$UID&gdpr=0
IP 37.252.171.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001673681326-Z33PSVQQ-9I5J&adnxs_id=$UID&gdpr=0 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 14 Jan 2023 07:29:03 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001673681326-Z33PSVQQ-9I5J%26adnxs_id%3D%24UID%26gdpr%3D0
AN-X-Request-Uuid: 387e47a2-544f-4968-8da8-152cff7404c9
Set-Cookie: uuid2=5268503288221535212; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 14-Apr-2023 07:29:02 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
googleads.g.doubleclick.net/xbbe/pixel?d=CPvrbxD7s9wBGKC7vt4BMAE&v=APEucNV2LO05Vv-fQeNUpDIj_AOQ0YbYVNCs4Yqvpgcexp3jnSWf8eLMrEsN9hPdYvaZcKK8bmS7Und9_-Xg4J1KFCmhOOIdfw
216.58.211.2200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CPvrbxD7s9wBGKC7vt4BMAE&v=APEucNV2LO05Vv-fQeNUpDIj_AOQ0YbYVNCs4Yqvpgcexp3jnSWf8eLMrEsN9hPdYvaZcKK8bmS7Und9_-Xg4J1KFCmhOOIdfw
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CPvrbxD7s9wBGKC7vt4BMAE&v=APEucNV2LO05Vv-fQeNUpDIj_AOQ0YbYVNCs4Yqvpgcexp3jnSWf8eLMrEsN9hPdYvaZcKK8bmS7Und9_-Xg4J1KFCmhOOIdfw HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://326bad74d7e3b4018992a059493be094.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 07:29:03 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 14-Jan-2023 07:44:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 14 Jan 2023 07:29:03 GMT
cache-control: private
X-Firefox-Spdy: h2
tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=1232559539958&google_error=3
20.73.234.141200 1 B URL HTTP/1.1 tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=1232559539958&google_error=3
IP 20.73.234.141:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /cm?pv=dbm&sid=1&rt=img&rnd=1232559539958&google_error=3 HTTP/1.1
Host: tracker.neodatagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Cookie: cProfile=AQMLXl0DrAWQAAAAAAAEAAABhcPH8dYAB2RlZmF1bHQ=; cP=ARADC15dA6wFkAAAAAABqaOh; tr=loCAwICAgdoANDMwYjVlNWQwM2FjMDU5MF84MWZhNjUyNC1iYTE5LTQ3NTktYmU3NS03MWY3Yzk5MjhlY2TOY8JZvQ==; cOptout=0|yocToken:ZEW3zIjW9vXDFwg0XR0hbHMJSDg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Sat, 14 Jan 2023 07:29:03 GMT
Content-Type: image/gif;charset=UTF-8
Content-Length: 1
Connection: keep-alive
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
Access-Control-Allow-Origin: *
Set-Cookie: cP=ARADC15dA6wFkAAAAAABqaOh; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Sun, 14 Jan 2024 07:29:03 GMT;
tr=loCAwIGjREJNAICB2gA0MzBiNWU1ZDAzYWMwNTkwXzgxZmE2NTI0LWJhMTktNDc1OS1iZTc1LTcxZjdjOTkyOGVjZM5jwlm9; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Sun, 14 Jan 2024 07:29:03 GMT;
tr=loCAwIGjREJNzmPDqz+AgdoANDMwYjVlNWQwM2FjMDU5MF84MWZhNjUyNC1iYTE5LTQ3NTktYmU3NS03MWY3Yzk5MjhlY2TOY8JZvQ==; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Sun, 14 Jan 2024 07:29:03 GMT;
track.adform.net/jsmetrics/?sid=578&rid=11348&cid=11093&adfserve=556&asset=3&deviceType=Desktop
37.157.6.241200 OK 43 B URL HTTP/2 track.adform.net/jsmetrics/?sid=578&rid=11348&cid=11093&adfserve=556&asset=3&deviceType=Desktop
IP 37.157.6.241:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /jsmetrics/?sid=578&rid=11348&cid=11093&adfserve=556&asset=3&deviceType=Desktop HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:03 GMT
content-type: image/gif
content-length: 43
last-modified: Thu, 11 Apr 2019 06:08:57 GMT
etag: "5caed9f9-2b"
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/omrhp_fy2021.js
142.250.74.34200 OK 2.5 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/omrhp_fy2021.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (2283)
Hash c6c0828a71374bf9ff4ae03a897c79d6
6db9b2158017e1440d30fe61142996abf8d0b42b
61a7e094442bcb96ee97448832564be295083a7b8e84bb067ceb55e44bc33f33
GET /pagead/js/r20230111/r20110914/elements/html/omrhp_fy2021.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://326bad74d7e3b4018992a059493be094.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 2477
x-xss-protection: 0
date: Fri, 13 Jan 2023 20:10:44 GMT
expires: Fri, 27 Jan 2023 20:10:44 GMT
cache-control: public, max-age=1209600
age: 40699
etag: 8436122973860808490
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C-F7ZP06zpIHQJG06z_twXQHVa_9SfkbDuUtNgB-yzYs0--ZevsRMoDryoO__M1emDrKl_c6-FoWhHQyPdYDuHMBzlW9trGaa-piflYhjZajnep58
142.250.74.34200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C-F7ZP06zpIHQJG06z_twXQHVa_9SfkbDuUtNgB-yzYs0--ZevsRMoDryoO__M1emDrKl_c6-FoWhHQyPdYDuHMBzlW9trGaa-piflYhjZajnep58
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/gen_204?id=xbid&dbm_b=AKAmf-C-F7ZP06zpIHQJG06z_twXQHVa_9SfkbDuUtNgB-yzYs0--ZevsRMoDryoO__M1emDrKl_c6-FoWhHQyPdYDuHMBzlW9trGaa-piflYhjZajnep58 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://326bad74d7e3b4018992a059493be094.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 07:29:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFqgPCUqFJEQu-j_Cu0ArV_OYXG8OcPX7ojbwoVRwZe-QTyOhNxQSkB7GwdWC-mn0K9zlRQ8t7HcLztmRxIci0_AcDKIGtyEXwvp-gUwNxWYz46eoNtFbiNjR9pm3dpsJq2jWst4L4M9YVEk0HQSxKClwgQWZDpZBUkne2-ZNL5b87t1S58xeaa63yD5ZYDkNGq4dNIwOT0iR-fv7pgXO2rdJRqdooyj5-3SfJaBdACxNUgbiXAeGDQwYne0fmbA-2eJhtoSqlmgz1ISDhhvSjbWWn-6CYXp6sAxA9Nyd9QGRta-lhW8yUmII8-9iIuHoBV3YxK42EDdBIqrBZLdZznIRw_claYJorpwd3ShlH8Xc-E6ZbCVumDp9wBEXEshJJY5Dt2cKmDY_iwWv1slwX8mXnWA3jnkZImjLuhQ6S85l-vQLNFWbVfMAyTl9BCeEDVQ7IeHVQljNYr6rWo2hqUSszPVmJT3sGqCphjd0sMPF40vEE6Pa9mKP-nxbBrs2UOvV8ZYIi9-AY7kNdCO3fGJDrdohj1VVHG9bp2_p29D5JUMGJqSm1Tj2aALp8fE2K1G4AgCBNCaf7gT9nwYnExsiaub4Pyj0aHGJVnHffofj7Br0KkgDMCtZcwPzz71hBkBbK1Bki2TuUnzhrRcy19ZNrTRDUGLSw6UPDefYE1BlQoF2azovTw3HeDVL-vyJHYMNRt81qHCwjbv-M05b0tThBTQKaaPFEERQni-IQ6DEQ16WSs_EnZhOiX2MUXeuPOEdD6o-j0dOozX2QzMhEJCDAnq0kigP7xoLRp_5YTLFyMuaKzsBh0KIXMJozurf7FOy1O0ZCleATFDcfgi52s3NwFA_7a1HHdcH5h8BRqjHC6nJXMFkGOu8qLml5h-R6GZFDb54pfporiXkgwHCBOIyRU7Lk5vRaaiyL6wWjaQ6mA6e4vjKac_ExRyM5iwi2NtXcYQaJPx5KxXzJ0otKgvRgU5gyhGD-9XPtw_QlCmNFXRhLNJ1BC6VZvcwVLPXJWxu9_AYwjMEYuMVWpUtFGrnOSOaMcSNLzfM-zqrejj9MHhtyduJ-EHJwx-4m4N_A2MuVfCrCrozUyusvQBm8P5gQcsZXFytikP19vzlazM9-sDNlAYo4vwagpYVZB_-0hKp-s5ok5SPw2YHD3wgFn-dttZFDpemPPja1rXWrT_QJvCxaEn3yjTPPhOLuOQL4D-JdR3RoogBvRg&sai=AMfl-YQBeK3QgwAdVmKZ8UKekNUM8Wzee_y23vkNB5cuWR4-0pMxVLWDX4YS2fCIrZex1T5u2S6mAerZVw6zA69nh5T-uK3VPEgJsmXzCTHMzt61_hL1YZYMPAw4FnbHKihoXzighkTD9jLviT5HjRQOUKNvG2LsPY9G7tif18gT7Yb5XWvgJjlnY5CvHoZIvfp5Bms_EICdFUDjzfYj-YTqn5Ekdgz_Yy_vYoZ0al9pTpiKu8h8uP_TaBYh5AEm2gXiX4Bz9zphKF9r8TJqt7etLz-vie7N1XhS7kyfgbyyRaC7-0KEiTfO2BwGvSmP_FBZ-rZO87Gi0Qi0GLtvweD_6tKA8hdYkNEHH7FPu0iRCSGLjqw6nmgP1wPz74cJp_yUjhhSHUUarrj6zxRHRQOFp0OifZR3IKOitUtvr66Ncfk5uCAjcCPmvvwhJY0qIhXbmVEWyYky1rBAfyGebX3tCHYlOzBWjm_uAoX9hw&sig=Cg0ArKJSzA5bFSWVUal7EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230111.11573&arae=0&ftch=1&adurl=
142.250.74.98200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssFqgPCUqFJEQu-j_Cu0ArV_OYXG8OcPX7ojbwoVRwZe-QTyOhNxQSkB7GwdWC-mn0K9zlRQ8t7HcLztmRxIci0_AcDKIGtyEXwvp-gUwNxWYz46eoNtFbiNjR9pm3dpsJq2jWst4L4M9YVEk0HQSxKClwgQWZDpZBUkne2-ZNL5b87t1S58xeaa63yD5ZYDkNGq4dNIwOT0iR-fv7pgXO2rdJRqdooyj5-3SfJaBdACxNUgbiXAeGDQwYne0fmbA-2eJhtoSqlmgz1ISDhhvSjbWWn-6CYXp6sAxA9Nyd9QGRta-lhW8yUmII8-9iIuHoBV3YxK42EDdBIqrBZLdZznIRw_claYJorpwd3ShlH8Xc-E6ZbCVumDp9wBEXEshJJY5Dt2cKmDY_iwWv1slwX8mXnWA3jnkZImjLuhQ6S85l-vQLNFWbVfMAyTl9BCeEDVQ7IeHVQljNYr6rWo2hqUSszPVmJT3sGqCphjd0sMPF40vEE6Pa9mKP-nxbBrs2UOvV8ZYIi9-AY7kNdCO3fGJDrdohj1VVHG9bp2_p29D5JUMGJqSm1Tj2aALp8fE2K1G4AgCBNCaf7gT9nwYnExsiaub4Pyj0aHGJVnHffofj7Br0KkgDMCtZcwPzz71hBkBbK1Bki2TuUnzhrRcy19ZNrTRDUGLSw6UPDefYE1BlQoF2azovTw3HeDVL-vyJHYMNRt81qHCwjbv-M05b0tThBTQKaaPFEERQni-IQ6DEQ16WSs_EnZhOiX2MUXeuPOEdD6o-j0dOozX2QzMhEJCDAnq0kigP7xoLRp_5YTLFyMuaKzsBh0KIXMJozurf7FOy1O0ZCleATFDcfgi52s3NwFA_7a1HHdcH5h8BRqjHC6nJXMFkGOu8qLml5h-R6GZFDb54pfporiXkgwHCBOIyRU7Lk5vRaaiyL6wWjaQ6mA6e4vjKac_ExRyM5iwi2NtXcYQaJPx5KxXzJ0otKgvRgU5gyhGD-9XPtw_QlCmNFXRhLNJ1BC6VZvcwVLPXJWxu9_AYwjMEYuMVWpUtFGrnOSOaMcSNLzfM-zqrejj9MHhtyduJ-EHJwx-4m4N_A2MuVfCrCrozUyusvQBm8P5gQcsZXFytikP19vzlazM9-sDNlAYo4vwagpYVZB_-0hKp-s5ok5SPw2YHD3wgFn-dttZFDpemPPja1rXWrT_QJvCxaEn3yjTPPhOLuOQL4D-JdR3RoogBvRg&sai=AMfl-YQBeK3QgwAdVmKZ8UKekNUM8Wzee_y23vkNB5cuWR4-0pMxVLWDX4YS2fCIrZex1T5u2S6mAerZVw6zA69nh5T-uK3VPEgJsmXzCTHMzt61_hL1YZYMPAw4FnbHKihoXzighkTD9jLviT5HjRQOUKNvG2LsPY9G7tif18gT7Yb5XWvgJjlnY5CvHoZIvfp5Bms_EICdFUDjzfYj-YTqn5Ekdgz_Yy_vYoZ0al9pTpiKu8h8uP_TaBYh5AEm2gXiX4Bz9zphKF9r8TJqt7etLz-vie7N1XhS7kyfgbyyRaC7-0KEiTfO2BwGvSmP_FBZ-rZO87Gi0Qi0GLtvweD_6tKA8hdYkNEHH7FPu0iRCSGLjqw6nmgP1wPz74cJp_yUjhhSHUUarrj6zxRHRQOFp0OifZR3IKOitUtvr66Ncfk5uCAjcCPmvvwhJY0qIhXbmVEWyYky1rBAfyGebX3tCHYlOzBWjm_uAoX9hw&sig=Cg0ArKJSzA5bFSWVUal7EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230111.11573&arae=0&ftch=1&adurl=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjssFqgPCUqFJEQu-j_Cu0ArV_OYXG8OcPX7ojbwoVRwZe-QTyOhNxQSkB7GwdWC-mn0K9zlRQ8t7HcLztmRxIci0_AcDKIGtyEXwvp-gUwNxWYz46eoNtFbiNjR9pm3dpsJq2jWst4L4M9YVEk0HQSxKClwgQWZDpZBUkne2-ZNL5b87t1S58xeaa63yD5ZYDkNGq4dNIwOT0iR-fv7pgXO2rdJRqdooyj5-3SfJaBdACxNUgbiXAeGDQwYne0fmbA-2eJhtoSqlmgz1ISDhhvSjbWWn-6CYXp6sAxA9Nyd9QGRta-lhW8yUmII8-9iIuHoBV3YxK42EDdBIqrBZLdZznIRw_claYJorpwd3ShlH8Xc-E6ZbCVumDp9wBEXEshJJY5Dt2cKmDY_iwWv1slwX8mXnWA3jnkZImjLuhQ6S85l-vQLNFWbVfMAyTl9BCeEDVQ7IeHVQljNYr6rWo2hqUSszPVmJT3sGqCphjd0sMPF40vEE6Pa9mKP-nxbBrs2UOvV8ZYIi9-AY7kNdCO3fGJDrdohj1VVHG9bp2_p29D5JUMGJqSm1Tj2aALp8fE2K1G4AgCBNCaf7gT9nwYnExsiaub4Pyj0aHGJVnHffofj7Br0KkgDMCtZcwPzz71hBkBbK1Bki2TuUnzhrRcy19ZNrTRDUGLSw6UPDefYE1BlQoF2azovTw3HeDVL-vyJHYMNRt81qHCwjbv-M05b0tThBTQKaaPFEERQni-IQ6DEQ16WSs_EnZhOiX2MUXeuPOEdD6o-j0dOozX2QzMhEJCDAnq0kigP7xoLRp_5YTLFyMuaKzsBh0KIXMJozurf7FOy1O0ZCleATFDcfgi52s3NwFA_7a1HHdcH5h8BRqjHC6nJXMFkGOu8qLml5h-R6GZFDb54pfporiXkgwHCBOIyRU7Lk5vRaaiyL6wWjaQ6mA6e4vjKac_ExRyM5iwi2NtXcYQaJPx5KxXzJ0otKgvRgU5gyhGD-9XPtw_QlCmNFXRhLNJ1BC6VZvcwVLPXJWxu9_AYwjMEYuMVWpUtFGrnOSOaMcSNLzfM-zqrejj9MHhtyduJ-EHJwx-4m4N_A2MuVfCrCrozUyusvQBm8P5gQcsZXFytikP19vzlazM9-sDNlAYo4vwagpYVZB_-0hKp-s5ok5SPw2YHD3wgFn-dttZFDpemPPja1rXWrT_QJvCxaEn3yjTPPhOLuOQL4D-JdR3RoogBvRg&sai=AMfl-YQBeK3QgwAdVmKZ8UKekNUM8Wzee_y23vkNB5cuWR4-0pMxVLWDX4YS2fCIrZex1T5u2S6mAerZVw6zA69nh5T-uK3VPEgJsmXzCTHMzt61_hL1YZYMPAw4FnbHKihoXzighkTD9jLviT5HjRQOUKNvG2LsPY9G7tif18gT7Yb5XWvgJjlnY5CvHoZIvfp5Bms_EICdFUDjzfYj-YTqn5Ekdgz_Yy_vYoZ0al9pTpiKu8h8uP_TaBYh5AEm2gXiX4Bz9zphKF9r8TJqt7etLz-vie7N1XhS7kyfgbyyRaC7-0KEiTfO2BwGvSmP_FBZ-rZO87Gi0Qi0GLtvweD_6tKA8hdYkNEHH7FPu0iRCSGLjqw6nmgP1wPz74cJp_yUjhhSHUUarrj6zxRHRQOFp0OifZR3IKOitUtvr66Ncfk5uCAjcCPmvvwhJY0qIhXbmVEWyYky1rBAfyGebX3tCHYlOzBWjm_uAoX9hw&sig=Cg0ArKJSzA5bFSWVUal7EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230111.11573&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://326bad74d7e3b4018992a059493be094.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
cache-control: private
content-type: image/gif
x-content-type-options: nosniff
date: Sat, 14 Jan 2023 07:29:03 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 14-Jan-2023 07:44:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 14 Jan 2023 07:29:03 GMT
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/dv3.js
142.250.74.34200 OK 27 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/dv3.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (2097)
Hash 8a28e64749071e59eb63574a46c3cd52
ae93a882fe7de22d8445409ec7bd033340ed04d8
b74a8a34a9fa56407f411ef3f041339997c867be4493e7fade037d65f935edee
GET /pagead/js/dv3.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://326bad74d7e3b4018992a059493be094.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 14 Jan 2023 07:29:03 GMT
expires: Sat, 14 Jan 2023 07:29:03 GMT
cache-control: private, max-age=600
content-type: text/javascript; charset=UTF-8
etag: 10506132538256102613
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 27384
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
37.157.5.72200 OK 16 kB URL HTTP/2 s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
IP 37.157.5.72:0
File type ASCII text, with very long lines (597)
Hash 0b0b65bdac20db77cefb4392f969bf1d
c41d39b0fc014e8dd66571fb053d3795832e3491
3681478458b07c8c1ed2991e86a001805795f1b86ea39aa1e1f36e286e10d0d2
GET /stoat/626/s1.adform.net/bootstrap.js HTTP/1.1
Host: s1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:01 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
cache-control: public, max-age=100000
expires: Thu, 22 Dec 2022 19:29:50 GMT
x-cache-status: STALE
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.132.js
178.250.0.130200 OK 30 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.132.js
IP 178.250.0.130:0
File type ASCII text, with very long lines (65354)
Hash 409ede673799c8ff9f92bbac826debd7
14679dc28079bc6569be2dc0acef04792b617e5a
bac8a4ff5e4c227cb5573028ff0138143ea40b928e0559f053bd43879282ad1b
GET /js/ld/publishertag.prebid.132.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:01 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Sun, 15 Jan 2023 07:29:01 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=jUIfBI5IHlOWEElQi0JRV4pBTAaWRkkO2RLk4Lnu
185.86.139.115200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=jUIfBI5IHlOWEElQi0JRV4pBTAaWRkkO2RLk4Lnu
IP 185.86.139.115:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=80&&partneruserid=jUIfBI5IHlOWEElQi0JRV4pBTAaWRkkO2RLk4Lnu HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Sat, 14 Jan 2023 07:29:04 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=4991243243835351365; expires=Wed, 14 Feb 2024 07:29:04 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Wed, 14 Feb 2024 07:29:04 GMT; domain=smartadserver.com; path=/
csync=80:jUIfBI5IHlOWEElQi0JRV4pBTAaWRkkO2RLk4Lnu; expires=Sun, 14 Jan 2024 07:29:04 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BPpKkEI_SbJaL_fwbWpOAxcFTZjc-3IWIVFp6QlRf8THIXATZlvW3DxnZ9Rqyp3J37ahrLfM6EjQlHy0qCvb_KGbkm9YobAlG4i7xOKMTwiGCw_-Y
142.250.74.34200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BPpKkEI_SbJaL_fwbWpOAxcFTZjc-3IWIVFp6QlRf8THIXATZlvW3DxnZ9Rqyp3J37ahrLfM6EjQlHy0qCvb_KGbkm9YobAlG4i7xOKMTwiGCw_-Y
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/gen_204?id=xbid&dbm_b=AKAmf-BPpKkEI_SbJaL_fwbWpOAxcFTZjc-3IWIVFp6QlRf8THIXATZlvW3DxnZ9Rqyp3J37ahrLfM6EjQlHy0qCvb_KGbkm9YobAlG4i7xOKMTwiGCw_-Y HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://326bad74d7e3b4018992a059493be094.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 07:29:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9395607192165025820&x=1&ct=76
142.250.74.34204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9395607192165025820&x=1&ct=76
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/gen_204?id=dv3-render&msg=fetch&cor=9395607192165025820&x=1&ct=76 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://326bad74d7e3b4018992a059493be094.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 07:29:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B3D1HYMzWZgw0prtarpfBo7qsqPRkjmBZ4JRPxRCNPFP9xMS5Z-wsS1zZDNgB30Dmh0mYEgkgc8OrkdB0nihcVvxUcsMTgY3AxI0bGNmoPWkTI5zM
142.250.74.34200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B3D1HYMzWZgw0prtarpfBo7qsqPRkjmBZ4JRPxRCNPFP9xMS5Z-wsS1zZDNgB30Dmh0mYEgkgc8OrkdB0nihcVvxUcsMTgY3AxI0bGNmoPWkTI5zM
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/gen_204?id=xbid&dbm_b=AKAmf-B3D1HYMzWZgw0prtarpfBo7qsqPRkjmBZ4JRPxRCNPFP9xMS5Z-wsS1zZDNgB30Dmh0mYEgkgc8OrkdB0nihcVvxUcsMTgY3AxI0bGNmoPWkTI5zM HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://326bad74d7e3b4018992a059493be094.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 07:29:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17210366482814771319&x=1&ct=77
142.250.74.34204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17210366482814771319&x=1&ct=77
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/gen_204?id=dv3-render&msg=fetch&cor=17210366482814771319&x=1&ct=77 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://326bad74d7e3b4018992a059493be094.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 14 Jan 2023 07:29:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
178.250.0.157200 OK 5.2 kB URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
IP 178.250.0.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash ab46303a80be90206eb2ec8d72221de1
af6b4c650bb8e635b61547758a17aecf42e2b3ad
d611b713fd5d46b4bc77f5edd85860927d73352841317735954994e06f5436ad
GET /syncframe?origin=publishertag&topUrl=earnme.club HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:29:01 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=bcd49bf7-b464-4a3d-ae33-9bff38afc6ca; expires=Thu, 08 Feb 2024 07:29:02 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 568284
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001673681326-Z33PSVQQ-9I5J
185.64.190.80302 Found 0 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001673681326-Z33PSVQQ-9I5J
IP 185.64.190.80:0
GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001673681326-Z33PSVQQ-9I5J HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 14 Jan 2023 07:29:02 GMT
set-cookie: KTPCACOOKIE=true; domain=pubmatic.com; secure; expires=Fri, 14-Apr-2023 07:29:02 GMT; path=/
location: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001673681326-Z33PSVQQ-9I5J
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.ids.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.ids.js
IP 178.250.0.130:0
GET /js/ld/publishertag.ids.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:01 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-9c1f"
expires: Sun, 15 Jan 2023 07:29:01 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertagids&topUrl=earnme.club
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertagids&topUrl=earnme.club
IP 178.250.0.157:0
GET /syncframe?origin=publishertagids&topUrl=earnme.club HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:29:01 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=b1e1c1f7-b609-489e-9d34-5304e9928ef0; expires=Thu, 08 Feb 2024 07:29:01 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 641540
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
143.204.46.73200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 143.204.46.73:0
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
server: AmazonS3
content-encoding: gzip
date: Sat, 14 Jan 2023 05:20:31 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Fgxcy_B8BxGoFOKzxHZSPxdHYyQtcGOyEpcJ4LZr-F7g1sYWV50Kqg==
age: 16263
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=baugkarq&e=1376561620077
54.230.111.77200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=baugkarq&e=1376561620077
IP 54.230.111.77:0
GET /r/p.html?f=baugkarq&e=1376561620077 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: br
date: Sat, 14 Jan 2023 00:47:00 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hl1PKK2m5NjOz9ModIUUjchPzGv9oP1zgVRZyDSoQxKW_6PDKJTfuA==
age: 24118
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
IP 178.250.0.157:0
GET /syncframe?origin=publishertag&topUrl=earnme.club HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=574f1230-3646-4e73-a169-f1f703fa316e; expires=Thu, 08 Feb 2024 07:29:01 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 742196
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CUQWX43D
34.107.148.139200 OK 0 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CUQWX43D
IP 34.107.148.139:0
POST /rtb/prebid?cid=8CUQWX43D HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3898
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:28:58 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Sat, 14 Jan 2023 07:28:58 GMT
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=jtrkx&e=1376561620077
54.230.111.77200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=jtrkx&e=1376561620077
IP 54.230.111.77:0
GET /r/p.html?f=jtrkx&e=1376561620077 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: br
date: Sat, 14 Jan 2023 00:47:00 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MNoXVjMZskkzfxRzuujj_vg6ae4IU5KoWI_LTsvvkEOZj5rBuh6QHQ==
age: 24118
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=lwmnlrxfw&e=1376561620077
54.230.111.77200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=lwmnlrxfw&e=1376561620077
IP 54.230.111.77:0
GET /r/p.html?f=lwmnlrxfw&e=1376561620077 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: br
date: Sat, 14 Jan 2023 00:47:00 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2nJJhhsf93wwB9VF3PQFlhHnkPmHqlAWvdPQH9ni5JgeC8V9se_DYg==
age: 24118
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1
IP 178.250.0.157:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:57 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://earnme.club
server-processing-duration-in-ticks: 570694
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=earnme.club&url=https://earnme.club/nord-n1-from-oneplus/
172.67.23.234200 OK 0 B URL HTTP/2 id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=earnme.club&url=https://earnme.club/nord-n1-from-oneplus/
IP 172.67.23.234:0
OPTIONS /v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=earnme.club&url=https://earnme.club/nord-n1-from-oneplus/ HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
cache-control: public,max-age=30
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
vary: Origin
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7894a8738ba6b52d-OSL
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=birvxnxn&e=1376561620077
54.230.111.77200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=birvxnxn&e=1376561620077
IP 54.230.111.77:0
GET /r/p.html?f=birvxnxn&e=1376561620077 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: br
date: Sat, 14 Jan 2023 00:47:00 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rNcb3FfnnOQF7KcYPncumwtCzeufhw6uqro-lj708ls84oaOHk2ZwA==
age: 24118
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=wbiztm&e=1376561620077
54.230.111.77200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=wbiztm&e=1376561620077
IP 54.230.111.77:0
GET /r/p.html?f=wbiztm&e=1376561620077 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: br
date: Sat, 14 Jan 2023 00:47:00 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gAstsjfuII0l_8b0V5iI1bxE4dbsKrZRj8k7DL4yhjOet_SqbD-ttg==
age: 24118
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=405
104.26.11.25200 OK 0 B URL HTTP/2 cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=405
IP 104.26.11.25:0
GET /hadron.js?url=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=405 HTTP/1.1
Host: cdn.hadronid.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:58 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"2280e2148e4ee3c06f679f8fac039778"
last-modified: Fri, 18 Nov 2022 10:57:44 GMT
x-amz-id-2: AlHhfnaYFu7DcAqm/AZXcFZz8Z4At5Hcn9XqhUxeA24L5T6B/l+VTePOXZCvBx0dhJEtzYQ2PVA=
x-amz-request-id: FNK044PCM9Y7VVCR
cache-control: max-age=3600
cf-cache-status: HIT
age: 5161
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScFTRpAeCZXrqMNzVV1rYIM0KWEU2JgTEaadpSxlRZcvahmRgQUwPjjSAGUc291akO2DjLFmUVwxMkr6vg3nMAsRncANlUcPWkUp%2FOKuQ0V6H4tgzHh4%2BmQVATJyYS8du9I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7894a86e886cb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=gmqeqnouqa&e=1376561620077
54.230.111.77200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=gmqeqnouqa&e=1376561620077
IP 54.230.111.77:0
GET /r/p.html?f=gmqeqnouqa&e=1376561620077 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: br
date: Sat, 14 Jan 2023 00:47:00 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qvKi_r95qMfO-NxfUNyf8mY4Oys6AHzD0L7Fke5gkURz54i_PwpvBw==
age: 24118
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001673681326-Z33PSVQQ-9I5J
198.148.27.139302 Found 0 B URL HTTP/2 bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001673681326-Z33PSVQQ-9I5J
IP 198.148.27.139:0
GET /bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001673681326-Z33PSVQQ-9I5J HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-548d8dffc6-ptwlq
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://ids.ad.gt/api/v1/ppnt_match?uid=MkNfIlC39vON&ev=1&pid=562316&id=AU1D-0100-001673681326-Z33PSVQQ-9I5J
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=MkNfIlC39vON;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Tue, 09-Jan-2024 07:29:02 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=38be9138c90befbb; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.6.241200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.241:0
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:28:59 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
shb.richaudience.com/hb/
157.90.0.13200 OK 0 B IP 157.90.0.13:0
ASN #24940 Hetzner Online GmbH
POST /hb/ HTTP/1.1
Host: shb.richaudience.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 672
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.2
date: Sat, 14 Jan 2023 07:28:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Sun, 15 Jan 2023 07:29:02 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001673681326-Z33PSVQQ-9I5J&halo_id=0606ki76edgclakaj8l66j78k86lgh8hlgg0yu20mkqi0eyew4000w24y400qs4s0
35.165.89.71200 OK 0 B URL HTTP/2 ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001673681326-Z33PSVQQ-9I5J&halo_id=0606ki76edgclakaj8l66j78k86lgh8hlgg0yu20mkqi0eyew4000w24y400qs4s0
IP 35.165.89.71:0
GET /api/v1/halo_match?id=AU1D-0100-001673681326-Z33PSVQQ-9I5J&halo_id=0606ki76edgclakaj8l66j78k86lgh8hlgg0yu20mkqi0eyew4000w24y400qs4s0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:29:02 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Sat, 14 Jan 2023 19:29:02 GMT
set-cookie: au_id=AU1D-0100-001673681326-Z33PSVQQ-9I5J; Expires=Mon, 13 Jan 2025 07:29:02 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=1.3.4
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=1.3.4
IP 142.250.74.106:0
GET /css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=1.3.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 14 Jan 2023 07:28:56 GMT
date: Sat, 14 Jan 2023 07:28:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=1555231673681320200
54.230.111.77200 OK 0 B URL HTTP/2 flashnetic.com/t.js?i=ao0y4krv21gsuol1v4o82&cb=1555231673681320200
IP 54.230.111.77:0
GET /t.js?i=ao0y4krv21gsuol1v4o82&cb=1555231673681320200 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 09 Jan 2023 12:32:16 GMT
x-amz-version-id: IDNfChNkCUj.7xkx4F4Z0JcytO8tzhIO
server: AmazonS3
content-encoding: gzip
date: Fri, 13 Jan 2023 08:41:24 GMT
etag: W/"12af0c06ef036cb22b413cb6a6f6db56"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9sEuFG4VLJA7pTHamAfdyem09YtWCeHrkLjSfU1BLiZDO8xuxCO5pA==
age: 82053
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
hb.adpone.com/prebid7.19.0.js
172.67.73.228200 OK 0 B URL HTTP/2 hb.adpone.com/prebid7.19.0.js
IP 172.67.73.228:0
GET /prebid7.19.0.js HTTP/1.1
Host: hb.adpone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 14 Jan 2023 07:28:57 GMT
content-type: application/javascript
x-amz-id-2: z8zPPgpChpmPHjrETbNpCXccjPHhgx/GJFcxrGv5xpYywnazjILxUOl1MmK1mgPPDqHEJdhQRpw=
x-amz-request-id: AZB8RQQA6SHSSEK2
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
cache-control: max-age=14400
cf-cache-status: HIT
age: 6709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWOgprsdenb%2BYePMXbYt51O8BeWsHCthPKkz0zvGBtgIS%2FU1QutFlaLaugD56VKUKlZIJLBZzCkD9BBK0Khlbpufs9eWklOrMKDGZpkDFKV9O%2FwZAsASrCmP6JIoBqA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7894a8665f22b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2