link.tnlink.in/u3inrh3d
157.90.71.190301 Moved Permanently 707 B IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET /u3inrh3d HTTP/1.1
Host: link.tnlink.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sun, 08 Jan 2023 23:36:30 GMT
location: https://link.tnlink.in/u3inrh3d
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10178
Expires: Mon, 09 Jan 2023 02:26:08 GMT
Date: Sun, 08 Jan 2023 23:36:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e4bdd77c0369662aa71ce2d01fd3edab
0ab1c5857e200e7e7946424c2c844537bfbb9775
a163c19fcc8fcf985e8df6ad4bd7ce73912b3df892d8236c70f9bc80820b26da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A163C19FCC8FCF985E8DF6AD4BD7CE73912B3DF892D8236C70F9BC80820B26DA"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4192
Expires: Mon, 09 Jan 2023 00:46:22 GMT
Date: Sun, 08 Jan 2023 23:36:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 08 Jan 2023 22:48:18 GMT
content-type: application/json
age: 2892
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89a058935fd04697c87e9441fbb466a9
59b5b08119374b1da34cff7e43a7c6dc80103f6e
3a3261f495323ff0f60067b2930b8d0e5e4e5cd6ae9b14929a88047587b735da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A3261F495323FF0F60067B2930B8D0E5E4E5CD6AE9B14929A88047587B735DA"
Last-Modified: Sat, 07 Jan 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11434
Expires: Mon, 09 Jan 2023 02:47:04 GMT
Date: Sun, 08 Jan 2023 23:36:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /ZaWjn8ssTm0QMgumEcqJu9WENlMlTPoIceh2TCJGY3Ipd3ezq/YrCEvH0Gf4OzupYaY2DIaAII=
x-amz-request-id: 9SQA1GZWRHKJT839
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 08 Jan 2023 23:15:58 GMT
age: 1232
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
link.tnlink.in/u3inrh3d
157.90.71.190302 Found 683 B IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 6371befc85069a96b0cb3c52e754a55a
de3def799f60ce2a16721687937ffb2a3f9bd3ae
db6f3663ecb5b124f3c02ce15691739fe69888b7ed6112f03062489470517f77
Analyzer Verdict Alert fortinet Malware
GET /u3inrh3d HTTP/1.1
Host: link.tnlink.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
content-type: text/html
content-length: 683
date: Sun, 08 Jan 2023 23:36:30 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: http://earnme.club/safe2.php?link=u3inrh3d
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:30 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
earnme.club/safe2.php?link=u3inrh3d
157.90.71.190200 OK 449 B URL HTTP/1.1 earnme.club/safe2.php?link=u3inrh3d
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 077c7421249bc8addc71e579048334e4
185303b03aed40a21c5c536c7ccba547f3dcb197
5d6d377717c24e034b865f954fa3445f851f0bf214b54a20a7ddbd19c43b8f1a
Analyzer Verdict Alert fortinet Malware
GET /safe2.php?link=u3inrh3d HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: tp2=u3inrh3d; expires=Sun, 08-Jan-2023 23:39:30 GMT; Max-Age=180
content-type: text/html; charset=UTF-8
content-length: 449
content-encoding: gzip
vary: Accept-Encoding
date: Sun, 08 Jan 2023 23:36:30 GMT
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 53e4963971e19408d4cf264bd653599d
271fa6d9b5843b97d579a713fbb48b388c61eba0
c3245e3793f7aab542ba2b4b719f5145a45ba29d536456ad629a364ab2df400b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 08 Jan 2023 23:33:44 GMT
age: 166
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 54ac41a005cad66e958c904071ea1d4f
66932889be57eb15ab99237a69d292b12090c68d
52545e144a7ca5c37c5369d5f5b566b4e5e820b1920ab7fe8e413e7fe022e21b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 144
Cache-Control: max-age=120763
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:31 GMT
Etag: "63ba87aa-1d7"
Expires: Tue, 10 Jan 2023 09:09:14 GMT
Last-Modified: Sun, 08 Jan 2023 09:06:50 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
earnme.club/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
157.90.71.190200 OK 12 kB URL HTTP/2 earnme.club/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/nord-n1-from-oneplus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 23:36:31 GMT
content-type: text/css
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Sun, 08 Jan 2023 23:36:31 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b2607e0dfc0aa5187c1ff5b2d59a0f52
0d61e67262df0ed93f1731235be83e834d90da7b
055e6e33bb49e23042a5bc011fcc40fdde161996d4e1d94de60657f673e86ece
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1467
Cache-Control: max-age=88237
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:31 GMT
Etag: "63ba0371-118"
Expires: Tue, 10 Jan 2023 00:07:08 GMT
Last-Modified: Sat, 07 Jan 2023 23:42:41 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
earnme.club/wp-includes/css/classic-themes.min.css?ver=1
157.90.71.190200 OK 144 B URL HTTP/2 earnme.club/wp-includes/css/classic-themes.min.css?ver=1
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
Hash fcbd239f30d9a6dd1f3637f291143d37
2871bf7d98af3f43e42f7fa32808048e7134fabf
c2f98e9d71f782b7a3266cd337c61ae6c8dcbb7203669c07852aa2ab65ab6144
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/nord-n1-from-oneplus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 23:36:31 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 144
date: Sun, 08 Jan 2023 23:36:31 GMT
X-Firefox-Spdy: h2
earnme.club/wp-content/themes/bloggingpro/style.css?ver=1.3.4
157.90.71.190200 OK 14 kB URL HTTP/2 earnme.club/wp-content/themes/bloggingpro/style.css?ver=1.3.4
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2091)
Hash 35fb9f56557ab8ddbfe5fe42f7043265
3d7f0046194d7cdbc06aa408018af702d5363b88
7880a5e983cae7e1e30ee88faa28f5176569cb6d06091a04e504cb787143420f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bloggingpro/style.css?ver=1.3.4 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/nord-n1-from-oneplus/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 23:36:31 GMT
content-type: text/css
last-modified: Sun, 01 Jan 2023 07:20:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13560
date: Sun, 08 Jan 2023 23:36:31 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
earnme.club/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
157.90.71.190200 OK 4.6 kB URL HTTP/2 earnme.club/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/nord-n1-from-oneplus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 23:36:31 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Sun, 08 Jan 2023 23:36:31 GMT
X-Firefox-Spdy: h2
earnme.club/wp-content/themes/bloggingpro/js/javascript-plugin-min.js?ver=1.3.4
157.90.71.190200 OK 15 kB URL HTTP/2 earnme.club/wp-content/themes/bloggingpro/js/javascript-plugin-min.js?ver=1.3.4
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (31911)
Hash cb7a12e88fefedfcdfb84aa5bdcd0074
6d5487ae9d1f8e4ee55a3a0248dee3374584cd32
f36e64985ba539851c169648463e2d00218a412165f5267eaaf160d1aaf657d1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bloggingpro/js/javascript-plugin-min.js?ver=1.3.4 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/nord-n1-from-oneplus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 23:36:31 GMT
content-type: application/javascript
last-modified: Sun, 01 Jan 2023 07:20:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14838
date: Sun, 08 Jan 2023 23:36:31 GMT
X-Firefox-Spdy: h2
earnme.club/wp-content/themes/bloggingpro/js/infinite-scroll-custom.js?ver=1.3.4
157.90.71.190200 OK 6.7 kB URL HTTP/2 earnme.club/wp-content/themes/bloggingpro/js/infinite-scroll-custom.js?ver=1.3.4
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (17739)
Hash 7751a79a4b05c1d9a91f1ca0e71d4d54
fc548c276847e84b0e4bb0e792558fe1932717d0
b2d26d65f099aceb4a4dd06690065bee25dd5adc3ca5ffddf019185e2e13ae5e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bloggingpro/js/infinite-scroll-custom.js?ver=1.3.4 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/nord-n1-from-oneplus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 23:36:31 GMT
content-type: application/javascript
last-modified: Sun, 01 Jan 2023 07:20:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6749
date: Sun, 08 Jan 2023 23:36:31 GMT
X-Firefox-Spdy: h2
earnme.club/wp-content/themes/bloggingpro/js/customscript.js?ver=1.3.4
157.90.71.190200 OK 1.8 kB URL HTTP/2 earnme.club/wp-content/themes/bloggingpro/js/customscript.js?ver=1.3.4
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (385)
Hash d1901b59e132e910c7503c6104fd558b
611f7b99fffe08605e4c5fdeee02141f6316ae8a
5cf7206ecfb818b82e1651f753a695786b3ad25c14270f6d1b61c33b7ecf7f41
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bloggingpro/js/customscript.js?ver=1.3.4 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/nord-n1-from-oneplus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 23:36:31 GMT
content-type: application/javascript
last-modified: Sun, 01 Jan 2023 07:20:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1843
date: Sun, 08 Jan 2023 23:36:31 GMT
X-Firefox-Spdy: h2
earnme.club/wp-includes/js/comment-reply.min.js?ver=6.1.1
157.90.71.190200 OK 1.2 kB URL HTTP/2 earnme.club/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2946)
Hash 7d8acf37582bf5212cbf4e31105de2ac
19581f31ceed66b11804eb6a2b3d00d43f73f071
d48d28cdb9d3dd8b812129663e5cc8b373b67629e2e65988d2b274960f7b847f
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/nord-n1-from-oneplus/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 23:36:31 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1228
date: Sun, 08 Jan 2023 23:36:31 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tg1.playstream.media/api/adserver/spt?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f
95.101.10.144200 OK 7.1 kB URL HTTP/1.1 tg1.playstream.media/api/adserver/spt?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f
IP 95.101.10.144:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3202)
Hash be3292574cbc1cedb26fc95227c23aad
27be67e3005ad760dfc9f56ca4a6b5917adb1b55
3d1ff0b444c6f2de877340df699f8266c17278f1f1a98d6344f6be1ac6830289
GET /api/adserver/spt?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f HTTP/1.1
Host: tg1.playstream.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 7138
Cache-Control: max-age=300
Expires: Sun, 08 Jan 2023 23:41:31 GMT
Date: Sun, 08 Jan 2023 23:36:31 GMT
Connection: keep-alive
Vary: Accept-Encoding
push.services.mozilla.com/
34.215.94.42101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.94.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IGiYEc+mUYqqt9K1Mg3b+Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GPMRy7WVOLf5x8IiK1wJvkvC9HU=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earnme.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:28:49 GMT
expires: Thu, 04 Jan 2024 19:28:49 GMT
cache-control: public, max-age=31536000
age: 360462
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Hash 4610010f425c140b99c88b6819ce1c02
a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earnme.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 08:00:18 GMT
expires: Fri, 05 Jan 2024 08:00:18 GMT
cache-control: public, max-age=31536000
age: 315373
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 67efa309cd1a12359fd7a5f70e366655
85ee5c0f2d9deeacbfe1a38bd18eb724138f066c
6872e796d42a65959b21ea56670a5c11643aa3bc06d51275b68dd3b23b0e1844
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27d78738a9609be605b9885f7a5f90e1
cc0794b5d6eff980221081c785662ffa3f770f13
388060a0450ea600c005936f51fbb7e7779ab49eb33044141926cfdb2cf01be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
flashnetic.com/c/tvdi2ru09cf0ymc0mwei9.json
54.230.111.81200 OK 1.6 kB URL HTTP/2 flashnetic.com/c/tvdi2ru09cf0ymc0mwei9.json
IP 54.230.111.81:0
File type JSON data\012- , ASCII text, with very long lines (1553), with no line terminators
Hash 33d98cba57a28b885c123495ff78571c
6e7f0f62bdbe8168ee0a7f714039e7496a81da60
b5bb863c6910d0c861eeeaa51d06324486b9d280f11a11ccfd77c305283fa912
GET /c/tvdi2ru09cf0ymc0mwei9.json HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 1553
last-modified: Thu, 10 Nov 2022 13:02:28 GMT
x-amz-version-id: qsp7d0tsTDbCsoRHwVoQTtR594IYsbh7
accept-ranges: bytes
server: AmazonS3
date: Sun, 08 Jan 2023 02:56:51 GMT
etag: "33d98cba57a28b885c123495ff78571c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DZBXCFDJ2FLyWeozmHkWNFFvDRccgjWMlnGsRQsBhe9AzDlGARWPFg==
age: 74381
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
151.101.129.229200 OK 764 B URL HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
IP 151.101.129.229:0
File type JSON data\012- , ASCII text, with very long lines (1594), with no line terminators
Hash 846047465b50cf783ec908227af00c22
125040aef1b94498988ef2a375fb5e9b7d2b085d
120c15ce9ef264822cdbde4fb6b48fd5bc76a39ebad8dd0f5f4c9779df2aabb6
GET /gh/prebid/currency-file@1/latest.json HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1581
x-jsd-version-type: version
etag: W/"63a-fcG4Sbk9iTqmsf8TX3+T4bUE3aM"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 08 Jan 2023 23:36:31 GMT
age: 27343
x-served-by: cache-fra-eddf8230021-FRA, cache-bma1663-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 764
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
172.217.21.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
IP 172.217.21.168:0
File type ASCII text, with very long lines (13929)
Hash 48368360625c824b0cdf70b46347c890
14c379e1a280e803e34c597ba8e38705a1e92408
8c557593da0ecb367762163e75f0fa65814c2491e9cec60ec4a5b15083b1c5a9
GET /gtm.js?id=GTM-KXJCD57 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 08 Jan 2023 23:36:31 GMT
expires: Sun, 08 Jan 2023 23:36:31 GMT
cache-control: private, max-age=900
last-modified: Sun, 08 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44446
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
player.avplayer.com/script/2/v/avcplayer.js
95.101.10.130200 OK 61 kB URL HTTP/2 player.avplayer.com/script/2/v/avcplayer.js
IP 95.101.10.130:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9dff0335699f04080269947f40c366ae
8447df4f8b168d9c506630f96ef95002c2c6eb28
157b5912ad26a879f38d0dafb1fce2def6df3168a08f991d6203463375fa32fc
GET /script/2/v/avcplayer.js HTTP/1.1
Host: player.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtZ2x7QcCjowFwcgLYXUBzUI8DF40J2wcIgC0alJF1a4mWq2YhfFMaDZbLWP1fid-4S0D62yU8xaNB8EJY5KJRnvrlX0A
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
etag: "9dff0335699f04080269947f40c366ae"
x-goog-generation: 1646327924579580
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 61326
content-type: application/javascript
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=DITkQg==, md5=nf8DNWmfBAgCaZR/QMNmrg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 61326
server: UploadServer
unused62: 8096267
cache-control: public, max-age=300
expires: Sun, 08 Jan 2023 23:41:31 GMT
date: Sun, 08 Jan 2023 23:36:31 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash 44641c366b3fcc17a6a4c10353d4e0fd
14731ef57ba95fab5adf5b7f5fb9472025105b98
997108d07cd384a95fce3503dafb25ecb987208a40dc4053266540a67d4e8c28
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 23:36:31 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "F8580909BD10FBE373A6F1438F5037CD4B88B373"
Expires: Mon, 09 Jan 2023 11:00:00 GMT
Last-Modified: Sun, 08 Jan 2023 23:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 152
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7868c17da9f4b4f4-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 315edeafe1715f46de7d38be371473a8
25e357166d0ddfff3e60f9042d56f37c1ab7163a
9869582721de4f610dca5030b9a703863d2eae2667061b2f722aebdaf60468e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 45773c34877b1ad3f03e0b1d618883f6
614268898fe2e459bcb999cd9bbaf64f582fe0e6
374280f3906dd5f7fbbd9a031a22847662f58e1accd4473d394e11cdc44836bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "374280F3906DD5F7FBBD9A031A22847662F58E1ACCD4473D394E11CDC44836BC"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5121
Expires: Mon, 09 Jan 2023 01:01:52 GMT
Date: Sun, 08 Jan 2023 23:36:31 GMT
Connection: keep-alive
cat.hbwrapper.com/
192.241.157.60200 OK 15 B IP 192.241.157.60:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash 0f0479874bf6f4a7281099b15df27c27
55a490e280d48996e564d00492437eb17faadd28
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
POST / HTTP/1.1
Host: cat.hbwrapper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 147
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 23:36:31 GMT
Server: Apache
Access-Control-Allow-Origin: https://earnme.club
Access-Control-Allow-Credentials: true
Content-Length: 15
Connection: close
Content-Type: text/html; charset=UTF-8
player.avplayer.com/script/2/2.55/libs/hls.min.js
95.101.10.130200 OK 72 kB URL HTTP/2 player.avplayer.com/script/2/2.55/libs/hls.min.js
IP 95.101.10.130:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 7888b98658e8cef4a98786556ccdab66
d52a58a8e2463dba71947783a8485dcd023100d1
ea7bca216f10e44bd3b4febb9f5a6e6e2f72059b55441e2823ceb3a2be03e161
GET /script/2/2.55/libs/hls.min.js HTTP/1.1
Host: player.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdswtXfPobwZQBNRWSaygqgLxMfZKQIyBk4lD4bDeV2HPBpSI8iDPwcdy2rz__Fy4LgZZMP20lrR-Z47sEE3oWVuU1ogFQ
last-modified: Sun, 10 Jan 2021 14:52:52 GMT
etag: "7888b98658e8cef4a98786556ccdab66"
x-goog-generation: 1610290372874389
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 71831
content-type: application/javascript
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 71831
server: UploadServer
unused62: 8096267
cache-control: public, max-age=300
expires: Sun, 08 Jan 2023 23:41:31 GMT
date: Sun, 08 Jan 2023 23:36:31 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 9625ad1e6afeab7baa32d61b006d581e
11114207ed433f67e37a482ae1b2ca155b305e52
a1dac4212584d5254187eff874adb578d1d212ea705e1f023486985fc3c6b30f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122677
Date: Sun, 08 Jan 2023 23:36:31 GMT
Etag: "63ba8207-1d7"
Expires: Tue, 10 Jan 2023 09:41:08 GMT
Last-Modified: Sun, 08 Jan 2023 08:42:47 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GnK6MWo_ISY1AXC9SE5UhZgeqT7RLpDLouLhyH3YZOs5jjH4i8cXig==
Age: 3501
cloudflare.com/cdn-cgi/trace
104.16.132.229200 OK 235 B URL HTTP/2 cloudflare.com/cdn-cgi/trace
IP 104.16.132.229:0
Hash 623ed4ef2402081b46a80fab2e7a0455
6e1c2530fe5281439e535d45076b402fcce40f4a
33e0ad0a21ad4d4fac6966abb08b7bbe3e058fd1ab759ba8b0b0d7fb43b969fa
GET /cdn-cgi/trace HTTP/1.1
Host: cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:31 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 7868c17cde450b3d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2363565dfbac662b8e1cd0719a2bc887
336dd95af97a5adc4031c8cee8d5f1f11a87271a
41b7ba648bea9a0f9f765d01792c85f4376ec5e43c6edcdc13668c3a9665eb9f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5665
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:32 GMT
Last-Modified: Sun, 08 Jan 2023 22:02:07 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
p.gcprivacy.com/t/gcid_s.min.js
54.230.111.12200 OK 9.5 kB URL HTTP/2 p.gcprivacy.com/t/gcid_s.min.js
IP 54.230.111.12:0
File type Unicode text, UTF-8 text, with very long lines (9498)
Hash dac6676675972d00f4ec994de0578005
4b0a99773e109d54cf705ac198930869069e3de6
8548fa5f198e18b0feca552d0f369f4c9fc15b9990ef9d28ab2fc556f3e8153e
GET /t/gcid_s.min.js HTTP/1.1
Host: p.gcprivacy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 9500
date: Sun, 08 Jan 2023 15:38:10 GMT
last-modified: Fri, 06 Jan 2023 15:37:53 GMT
etag: "dac6676675972d00f4ec994de0578005"
x-amz-server-side-encryption: AES256
x-amz-version-id: sbZKwqqxtvM50Otwl3WJaXFYTCAIgKPH
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IzUO-YVFz1LaX5ihOePpM1s_VCKsuqjnDPcq6Utp_qGGIhlbcQ2_Nw==
age: 28703
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d7429ed6442f8354902ae68cdfad4066
62ef0917a04a81d5403df839681ce9d0bcc1b08b
bfbbac6557daa4f4dbe7009f120453ae07036ca06077db34e96190fe25589674
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BFBBAC6557DAA4F4DBE7009F120453AE07036CA06077DB34E96190FE25589674"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5034
Expires: Mon, 09 Jan 2023 01:00:26 GMT
Date: Sun, 08 Jan 2023 23:36:32 GMT
Connection: keep-alive
player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f
2.18.173.99200 OK 118 kB URL HTTP/2 player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f
IP 2.18.173.99:0
File type Unicode text, UTF-8 text, with very long lines (44568), with LF, NEL line terminators
Size 118 kB (118439 bytes)
Hash 2e7713ef8ceb2519e96434505ca796dd
8bf18962041fa14b78d2c24370dad531a50ca767
90653680cc2fb826c7843e5c56ac886d8498a2efd04b4a34448aad1f41391c3d
GET /script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f HTTP/1.1
Host: player.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdubWioJhaXolM6gF9v0m7CrTexCSUO_F6bzk_M68lTJdZjgsOlog_pY1OQXLinKP2CLwcD80xGZ0zNLsEoi-PMqasEoJzEE
last-modified: Tue, 03 Jan 2023 09:10:45 GMT
etag: "2e7713ef8ceb2519e96434505ca796dd"
x-goog-generation: 1672737045117191
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 118439
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=lxrlyQ==, md5=LncT74zrJRnpZDRQXKeW3Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 118439
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
cache-control: public, max-age=600
expires: Sun, 08 Jan 2023 23:46:32 GMT
date: Sun, 08 Jan 2023 23:36:32 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1643
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
cache-control: max-age=0, private, must-revalidate
date: Sun, 08 Jan 2023 23:36:31 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2ed1b027b4896caf979dd2753ee1d764
43866fad9ff37628984656c479f521e6b05f74ab
24117dfc0fc53323dfa65c769bc1b510b72ce7bca03b0c59388037632519d55e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2668
Cache-Control: max-age=139878
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:32 GMT
Etag: "63bac87a-139"
Expires: Tue, 10 Jan 2023 14:27:50 GMT
Last-Modified: Sun, 08 Jan 2023 13:43:22 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash d58dd5b9395dcdec8d83f39b5b743146
3c91b7e75d5c805fc0442cce1da1fc36c856cf16
77cfcae8aff8b76845f3a2c0eb37c729772e17d7a1bfc9d8b25481ec324daa06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5928
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:32 GMT
Last-Modified: Sun, 08 Jan 2023 21:57:44 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 314
htlb.casalemedia.com/openrtb/pbjs?s=773924
172.64.154.237200 OK 37 B URL HTTP/2 htlb.casalemedia.com/openrtb/pbjs?s=773924
IP 172.64.154.237:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1e7d919d55b620075eb56ec4731a6557
bc7a14c2852ba412b08e6d6a929fe5388d093d2e
810d105423b085b4271cf61a1a0d3d138c4f3504c107b6cb5e25bfb93ce88563
POST /openrtb/pbjs?s=773924 HTTP/1.1
Host: htlb.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1542
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:32 GMT
content-type: application/json
content-length: 37
cf-ray: 7868c180aac9fac0-OSL
access-control-allow-origin: https://earnme.club
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=voMqejYESel9F358GDRf2xrsXFMHn9yGTGqB0Wx8EaVwpP6XTkxNR%2Fs3szJK%2BSYsH9119M3zwJtE5FnDOUwYMplKUjGN8zSWqRqNKDUKm7UfCVbgUSLuZuODU80D6cStjvU%2BSU%2Fk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.149200 OK 260 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 007d3f68d8912b849083328e216154c7
46afce69e4a61ac9c0e2adc4dea9d41f4af42ea1
17b3a6a87ebb848d9f329406f0ff0398cddcedaed5cc233e7a292556d4a8f264
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1018
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:32 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 260
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://earnme.club
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 3333f460-ae07-4e76-97c7-b9381c63db73
Set-Cookie: icu=ChgI3uM8EAoYASABKAEwgKftnQY4AUABSAEQgKftnQYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:32 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=3329028217284766883; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:32 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e5336678c17c977c68dce722c73545fa
68f1d4040e7f4948869c2fa05d0d3a5d8ea32365
56b44c2b75914d22abef7f4c1c032ab5b7e001adaa5e0984841e0ce92250d906
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3383
Cache-Control: max-age=144876
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:32 GMT
Etag: "63bad935-1d7"
Expires: Tue, 10 Jan 2023 15:51:08 GMT
Last-Modified: Sun, 08 Jan 2023 14:54:45 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
c.neodatagroup.com/adapex.js
152.199.21.175200 OK 9.0 kB URL HTTP/2 c.neodatagroup.com/adapex.js
IP 152.199.21.175:0
File type ASCII text, with very long lines (1134)
Hash 8602b796117f94af40ee5415f4bb65a3
492ba2ad4438b5089c4e38c5a21b98ef00525fd3
454c67da3d26ab3635924b62a436784998d3be2df208d7e8484bd46837df7f65
GET /adapex.js HTTP/1.1
Host: c.neodatagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
age: 3740
cache-control: max-age=7200
content-md5: OIr+Ki+Hl0Wt1GYJISUy4g==
content-type: text/javascript
date: Sun, 08 Jan 2023 23:36:32 GMT
etag: "0x8DAEE606325EA36+gzip"
expires: Mon, 09 Jan 2023 01:36:32 GMT
last-modified: Wed, 04 Jan 2023 14:31:37 GMT
server: ECAcc (ska/F757)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: d8e5ff2d-401e-0014-64b1-2393aa000000
x-ms-version: 2014-02-14
content-length: 9023
X-Firefox-Spdy: h2
onetag-sys.com/prebid-request
51.38.120.206200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP 51.38.120.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1939
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://earnme.club
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3de89399b7774f220eed3922d6dd283c
e62431b57c768ed4e2cad0d8d3762b00a9b7f659
a9671891ed00135b672d2996dfe1cecf6d3c6b38b0bb53a5eced164eeaba481f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2390
Cache-Control: max-age=171949
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:32 GMT
Etag: "63bb46d7-116"
Expires: Tue, 10 Jan 2023 23:22:21 GMT
Last-Modified: Sun, 08 Jan 2023 22:42:31 GMT
Server: ECS (amb/6BC7)
X-Cache: HIT
Content-Length: 278
flashnetic.com/r/p.html?f=ydejvova&e=1452924796601
54.230.111.81200 OK 2.8 kB URL HTTP/2 flashnetic.com/r/p.html?f=ydejvova&e=1452924796601
IP 54.230.111.81:0
Hash a76a5304108c6537f7b87c81136f2922
117eb11fe1030911e71a352e9ce5d022839f906c
948da205eef8083792fa3cb2702d24aa283257aa9eaeb37ccf8622cd01bc3fa3
GET /r/p.html?f=ydejvova&e=1452924796601 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AcwHIOByU8guoys8tQYb4XH7fltub_CZxzbefITJ7YkDh1cq3W8swA==
age: 65148
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bb46c21e1a21e8eda8c576ecccaa9110
3f1506307cecbf8ebeacc249c263d1a77201989a
5e09573a668d9ab531d57fca1579ee776baefd485287f80197b55b3837b329f2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4452
Cache-Control: max-age=96278
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:32 GMT
Etag: "63ba1732-1d7"
Expires: Tue, 10 Jan 2023 02:21:10 GMT
Last-Modified: Sun, 08 Jan 2023 01:06:58 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.27.0&cb=28356780615&lsavail=1
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.27.0&cb=28356780615&lsavail=1
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.27.0&cb=28356780615&lsavail=1 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1295
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:31 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://earnme.club
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cef9f34e7fbbb559f1b5a930f344e5c4
8a591ae0bb871f3f2d77382032d08e7909b9abd5
20ddb0adbc0c337b57d25af9e74305125b01b8c21be330925e1fa08abd7464ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20DDB0ADBC0C337B57D25AF9E74305125B01B8C21BE330925E1FA08ABD7464FF"
Last-Modified: Sat, 07 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18844
Expires: Mon, 09 Jan 2023 04:50:36 GMT
Date: Sun, 08 Jan 2023 23:36:32 GMT
Connection: keep-alive
digikulture-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ch=UTF-8&res=1280x1024x24&ifr=false&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=66563c08-34c9-48dc-bb7d-f5325b69449e%2C9c4b9ea5-9fef-4264-b6e5-304087c70bd8&nocache=1673220979412&pubcid=b7957d27-c530-47e0-a287-d2b43da6318c&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&aus=970x90%2C728x90%7C300x250%2C336x280&divids=8eadf4f0-542c-4d4d-aff5-936aabf00c3a%2C1da01d59-44d1-4d14-a871-97d20130558d&aucs=%252F22181265%252Femc_300v_1%2C%252F22181265%252Femc_300v_2&auid=556580797%2C556580798&aumfs=10%2C10
34.98.64.218200 OK 78 B URL HTTP/2 digikulture-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ch=UTF-8&res=1280x1024x24&ifr=false&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=66563c08-34c9-48dc-bb7d-f5325b69449e%2C9c4b9ea5-9fef-4264-b6e5-304087c70bd8&nocache=1673220979412&pubcid=b7957d27-c530-47e0-a287-d2b43da6318c&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&aus=970x90%2C728x90%7C300x250%2C336x280&divids=8eadf4f0-542c-4d4d-aff5-936aabf00c3a%2C1da01d59-44d1-4d14-a871-97d20130558d&aucs=%252F22181265%252Femc_300v_1%2C%252F22181265%252Femc_300v_2&auid=556580797%2C556580798&aumfs=10%2C10
IP 34.98.64.218:0
File type JSON data\012- , ASCII text
Hash 71ddb906b12a90cfad3451731410f132
336175b601277c4b8db749de303ec6c94924f09d
2750c38ae8a7575ae12fe5f242698ea47fb1ac498befb5f96b496ffcd6d3df17
GET /w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ch=UTF-8&res=1280x1024x24&ifr=false&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=66563c08-34c9-48dc-bb7d-f5325b69449e%2C9c4b9ea5-9fef-4264-b6e5-304087c70bd8&nocache=1673220979412&pubcid=b7957d27-c530-47e0-a287-d2b43da6318c&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&aus=970x90%2C728x90%7C300x250%2C336x280&divids=8eadf4f0-542c-4d4d-aff5-936aabf00c3a%2C1da01d59-44d1-4d14-a871-97d20130558d&aucs=%252F22181265%252Femc_300v_1%2C%252F22181265%252Femc_300v_2&auid=556580797%2C556580798&aumfs=10%2C10 HTTP/1.1
Host: digikulture-d.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sun, 08 Jan 2023 23:36:32 GMT
content-type: application/json
content-length: 78
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2363565dfbac662b8e1cd0719a2bc887
336dd95af97a5adc4031c8cee8d5f1f11a87271a
41b7ba648bea9a0f9f765d01792c85f4376ec5e43c6edcdc13668c3a9665eb9f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5986
Cache-Control: max-age=137772
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:32 GMT
Etag: "63bab34a-118"
Expires: Tue, 10 Jan 2023 13:52:44 GMT
Last-Modified: Sun, 08 Jan 2023 12:12:58 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e5336678c17c977c68dce722c73545fa
68f1d4040e7f4948869c2fa05d0d3a5d8ea32365
56b44c2b75914d22abef7f4c1c032ab5b7e001adaa5e0984841e0ce92250d906
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 143
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:32 GMT
Last-Modified: Sun, 08 Jan 2023 23:34:10 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
cdn.playstream.media/logo.png
89.187.169.47200 OK 1.3 kB URL HTTP/2 cdn.playstream.media/logo.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 32 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash b0fb81e9e278d867bb73f8a6cde236f2
ca10201696f69919ff9541bb549de2d0b065eb8e
875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b
GET /logo.png HTTP/1.1
Host: cdn.playstream.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:32 GMT
content-type: image/png
content-length: 1265
server: BunnyCDN-DE1-756
cdn-pullzone: 1027527
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 19 Jan 2021 07:48:16 GMT
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 11/21/2022 14:10:19
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 69a4a832401156ddaa827b3ef495c17c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=100&e=cpll&cb=1673220979260
44.212.210.52200 OK 0 B URL HTTP/2 track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=100&e=cpll&cb=1673220979260
IP 44.212.210.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=100&e=cpll&cb=1673220979260 HTTP/1.1
Host: track1.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:32 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294692&size_id=15&alt_size_ids=16&p_pos=btf&rp_schain=1.0,1!adapex.io,s1602,1,1ef60eeb-06f5-4497-a813-2867c59ccdeb,,&eid_pubcid.org=b7957d27-c530-47e0-a287-d2b43da6318c%5E1&rf=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_2&tg_i.gpid=%2F22181265%2Femc_300v_2&tk_flint=pbjs_lite_v7.27.0&x_source.tid=9c4b9ea5-9fef-4264-b6e5-304087c70bd8&l_pb_bid_id=31afd70ffba84df&p_screen_res=1280x1024&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_2&slots=1&rand=0.9160238224496707
213.19.162.21200 OK 443 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294692&size_id=15&alt_size_ids=16&p_pos=btf&rp_schain=1.0,1!adapex.io,s1602,1,1ef60eeb-06f5-4497-a813-2867c59ccdeb,,&eid_pubcid.org=b7957d27-c530-47e0-a287-d2b43da6318c%5E1&rf=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_2&tg_i.gpid=%2F22181265%2Femc_300v_2&tk_flint=pbjs_lite_v7.27.0&x_source.tid=9c4b9ea5-9fef-4264-b6e5-304087c70bd8&l_pb_bid_id=31afd70ffba84df&p_screen_res=1280x1024&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_2&slots=1&rand=0.9160238224496707
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (443), with no line terminators
Hash ab772f8b2a19f707e7b6351bda4b80a8
e3196a0b51b5ce22da32ec600166f278df96b473
18feb018d36bbd3b24d98318c64faa974803bb3e7fa5ff1df9d4cc6bcaecb49e
GET /a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294692&size_id=15&alt_size_ids=16&p_pos=btf&rp_schain=1.0,1!adapex.io,s1602,1,1ef60eeb-06f5-4497-a813-2867c59ccdeb,,&eid_pubcid.org=b7957d27-c530-47e0-a287-d2b43da6318c%5E1&rf=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_2&tg_i.gpid=%2F22181265%2Femc_300v_2&tk_flint=pbjs_lite_v7.27.0&x_source.tid=9c4b9ea5-9fef-4264-b6e5-304087c70bd8&l_pb_bid_id=31afd70ffba84df&p_screen_res=1280x1024&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_2&slots=1&rand=0.9160238224496707 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:32 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0KSHN-Z-CDWZ; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:32 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrVefSmoct86O9DtVM30fCgAsJ0442xJm+cS47VXbZyTnvs5xm8c681tq9R0N6+0FT56RUKFmksN9APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:32 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 443
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294686&size_id=2&alt_size_ids=55&p_pos=atf&rp_schain=1.0,1!adapex.io,s1602,1,1ef60eeb-06f5-4497-a813-2867c59ccdeb,,&eid_pubcid.org=b7957d27-c530-47e0-a287-d2b43da6318c%5E1&rf=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_1&tg_i.gpid=%2F22181265%2Femc_300v_1&tk_flint=pbjs_lite_v7.27.0&x_source.tid=66563c08-34c9-48dc-bb7d-f5325b69449e&l_pb_bid_id=30a213119da1eac&p_screen_res=1280x1024&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_1&slots=1&rand=0.8014846115933355
213.19.162.21200 OK 442 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294686&size_id=2&alt_size_ids=55&p_pos=atf&rp_schain=1.0,1!adapex.io,s1602,1,1ef60eeb-06f5-4497-a813-2867c59ccdeb,,&eid_pubcid.org=b7957d27-c530-47e0-a287-d2b43da6318c%5E1&rf=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_1&tg_i.gpid=%2F22181265%2Femc_300v_1&tk_flint=pbjs_lite_v7.27.0&x_source.tid=66563c08-34c9-48dc-bb7d-f5325b69449e&l_pb_bid_id=30a213119da1eac&p_screen_res=1280x1024&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_1&slots=1&rand=0.8014846115933355
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (442), with no line terminators
Hash 46315752919baa85f51acf639cfb8488
1282337d2ae8de0ab797a62f1ae4f4ba177ceef3
81d0b5045e15d8255cdf90d6cf1321f91ae67fa41cd65514fd5a271b293e7f0f
GET /a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294686&size_id=2&alt_size_ids=55&p_pos=atf&rp_schain=1.0,1!adapex.io,s1602,1,1ef60eeb-06f5-4497-a813-2867c59ccdeb,,&eid_pubcid.org=b7957d27-c530-47e0-a287-d2b43da6318c%5E1&rf=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_1&tg_i.gpid=%2F22181265%2Femc_300v_1&tk_flint=pbjs_lite_v7.27.0&x_source.tid=66563c08-34c9-48dc-bb7d-f5325b69449e&l_pb_bid_id=30a213119da1eac&p_screen_res=1280x1024&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_1&slots=1&rand=0.8014846115933355 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:32 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0KSHU-1B-HKO0; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:32 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qoM2zr4/GD19u9DtVM30fCgAsJ0442xJm+cS47VXbZyTnvs5xm8c681tq9R0N6+0FT56RUKFmksN9APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:32 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 442
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4b05f7de9746bad3fd9cc06663286565
156f95387abbd0a4836ef3d1c63bc0f9f6262c6c
d5abed0da340b1b008eb137e6f31763d2bcb3c5745715ac87f90fe825783f9e1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 23:36:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 01:56:48 GMT
Expires: Sat, 14 Jan 2023 01:56:47 GMT
Etag: "156f95387abbd0a4836ef3d1c63bc0f9f6262c6c"
Cache-Control: max-age=439814,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7868c182ace8b4f7-OSL
flashnetic.com/r/p.html?f=busavdcn&e=1452924796601
54.230.111.81200 OK 2.3 kB URL HTTP/2 flashnetic.com/r/p.html?f=busavdcn&e=1452924796601
IP 54.230.111.81:0
File type HTML document, ASCII text, with CRLF line terminators
Hash a61a069d6a33fb4b48d26dde229f7c1e
0e581c5b9392d34705c28e47f70da6b138f03136
3071ff1f936dcb4f6dee77859bd0d96fd681d17378f4b621e4947de749959f00
GET /r/p.html?f=busavdcn&e=1452924796601 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ik8tJ8rkx07uC0T4L7KyGDUx0V7uAfbgKs94FkMz5HT-TyyUy3I5jg==
age: 65148
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 1b919da0360c3413f80ede0b289380df
bb570058f822a96d7d6dc9ce77022b9a787f819a
f7201f91784a701973092b42b94d91d05e734025961f9d0c7629bc3d027ca7c6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 23:36:32 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 07:45:28 GMT
Expires: Sat, 14 Jan 2023 07:45:27 GMT
Etag: "bb570058f822a96d7d6dc9ce77022b9a787f819a"
Cache-Control: max-age=460734,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7868c181bbd8b50b-OSL
grid.bidswitch.net/hbjson
35.156.77.249200 OK 49 B URL HTTP/2 grid.bidswitch.net/hbjson
IP 35.156.77.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 21abde9d22b7a7498b2d1c722a26b31d
2a128a81a680dba10e45d5821bf1cf981454a573
ede49b9d828d055a3f5bd236fff365e2499ff3ee7b453cdb638e1030e8d1a0fd
POST /hbjson HTTP/1.1
Host: grid.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1122
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:32 GMT
content-type: application/json
content-length: 49
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=56434996354&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=56434996354&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=56434996354&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:32 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://earnme.club
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 40e3f0b02ca1b2d588857fcefdf543ac
a74be965534efd6c0071fe329adff03f22177d2b
60a3448b4f68a0e9816a37ec8a2b892c01cad7fec2357005ffb09c2450f4de69
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2825
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:32 GMT
Last-Modified: Sun, 08 Jan 2023 22:49:28 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f4de05cd104c1b2b4efa2cc9dd03b16
ee5130e0807595d354b876a50f9930aa3c1da147
c88444af51d536aadcc2aa957835407087ddc9104862c79aecaaf87256fe3cc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1669
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:32 GMT
Last-Modified: Sun, 08 Jan 2023 23:08:43 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F21671350435%2C22687820958%2F300x250-earnme.club_._2&tk_flint=pbjs_lite_v7.19.0&x_source.tid=348db43f-84c4-45a9-8cbb-1e74305a9203&l_pb_bid_id=16ec53e01c6cdae8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4718383014049625
213.19.162.21200 OK 421 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F21671350435%2C22687820958%2F300x250-earnme.club_._2&tk_flint=pbjs_lite_v7.19.0&x_source.tid=348db43f-84c4-45a9-8cbb-1e74305a9203&l_pb_bid_id=16ec53e01c6cdae8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4718383014049625
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (421), with no line terminators
Hash e6d83d47643fb803351b2f1dac0850ca
56ebf469c52ab91ea9178cb3f2df7e787d83973c
2658f58b1abffdbaa2d95d2b8a28a985125532e638049195feddb5911e69450f
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F21671350435%2C22687820958%2F300x250-earnme.club_._2&tk_flint=pbjs_lite_v7.19.0&x_source.tid=348db43f-84c4-45a9-8cbb-1e74305a9203&l_pb_bid_id=16ec53e01c6cdae8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4718383014049625 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:32 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0KSP6-11-F0HG; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:32 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qoWFW/LrNSkse9DtVM30fCgAsJ0442xJm+cS47VXbZyTnvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:32 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 421
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.149200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 07545237b21b9396d6cf899c743ad179
071d8ef70f616a96a6687fcf7419c94e8567654d
357db67faabb2a685eef89085caf84167acc5cd182bbb0dec032d6044832486e
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 740
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:32 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://earnme.club
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: fe92c641-3e5f-44d3-a7d0-2158c7eea47d
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMICn7Z0GOAFAAUgBEICn7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:32 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=8064877416512341337; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:32 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 80bbd09fbb243fbd954bb8c166ad540c
e7d8c584dc531644833ef11fd2fd91a7907f51b7
c8f1eeb1f8abae0da9f569a1678f04e331d55a83098e6c0c4cb30987f51bdd7b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4328
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:32 GMT
Last-Modified: Sun, 08 Jan 2023 22:24:24 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 532
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:32 GMT
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=b7957d27-c530-47e0-a287-d2b43da6318c&u=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&h=earnme.club&ref=https%3A%2F%2Fwww.google.com%2F
34.203.142.186200 OK 155 B URL HTTP/2 p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=b7957d27-c530-47e0-a287-d2b43da6318c&u=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&h=earnme.club&ref=https%3A%2F%2Fwww.google.com%2F
IP 34.203.142.186:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ef16e003270f6ce4a1b5407b88f42a8b
ad42b6cdc2d25f5d345ed4e85f722e22d6c57b93
04736f9b0da94d305a34e96252cf4215360aede638f66f99310c5c0f8afc4f0c
GET /v2/sync?pid=Q6CV1VBC&uid=b7957d27-c530-47e0-a287-d2b43da6318c&u=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&h=earnme.club&ref=https%3A%2F%2Fwww.google.com%2F HTTP/1.1
Host: p2.gcprivacy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:32 GMT
content-type: application/json
content-length: 155
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
access-control-allow-methods: GET
access-control-allow-origin: https://earnme.club
access-control-max-age: 86400
set-cookie: gcid=33becd71-8ca4-434e-9b0c-4ad640c393f7;Expires=Sat, 08 Apr 2023 23:36:32 UTC; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5826
Expires: Mon, 09 Jan 2023 01:13:38 GMT
Date: Sun, 08 Jan 2023 23:36:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5826
Expires: Mon, 09 Jan 2023 01:13:38 GMT
Date: Sun, 08 Jan 2023 23:36:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5826
Expires: Mon, 09 Jan 2023 01:13:38 GMT
Date: Sun, 08 Jan 2023 23:36:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5826
Expires: Mon, 09 Jan 2023 01:13:38 GMT
Date: Sun, 08 Jan 2023 23:36:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5826
Expires: Mon, 09 Jan 2023 01:13:38 GMT
Date: Sun, 08 Jan 2023 23:36:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a0aac24-0b28-48c6-89a3-cf4a373ab0fa.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a0aac24-0b28-48c6-89a3-cf4a373ab0fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4938f6e4d145d1bb761e7908e97d5424
712c532e08559853db273decf0f3195587b17d11
d80291d9e2471e57181f76a764761f49e643e9b7e8bda3a4e30a87128bb48831
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a0aac24-0b28-48c6-89a3-cf4a373ab0fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: 1c7e11a3-9639-43d0-b177-ae5eab1f2d2c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJ3_2EPaIAMFxxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b3d398-34f3d8f31c9d79e22eaa6c50;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 07:04:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RucoKfN--pH0pODiWBrSnImV2MDjczwowDfnWLWjiBvbQAIKvcCtzw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 13:26:09 GMT
age: 36623
etag: "712c532e08559853db273decf0f3195587b17d11"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 9f388939-cfb7-432e-a921-e9188736bb45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTw5QGZ6oAMFxQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c83b-4f9d5bfc30e5ee126333d54e;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:05:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wAgalvw3qNlWJt6Lw_jVbpTzh9OSvLB9u58IGEBT_unCOwWAXHvx7g==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 23:14:00 GMT
age: 1352
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71367d17-5f39-4d68-acc2-9e84cc70b6ee.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71367d17-5f39-4d68-acc2-9e84cc70b6ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 958d699fe0e01f8f1e6002637f87ab63
9feb324f4c37992e68e04762494841d532b3da2b
a20dce10643f6cb9aed206ca177c54538076e61568528e5fdc2744d8cc25846a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71367d17-5f39-4d68-acc2-9e84cc70b6ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10157
x-amzn-requestid: cc023618-8a3b-452e-84cc-04c8b5f48a3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ8Es5IAMFYtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-6d9f330a4b3df85c661c1bd6;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: yaahmIYHAzMWPmbF_6RRTXc-boEiyV4AgS6BLMUTxVhSOos78xvtYQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 03:38:38 GMT
age: 71874
etag: "9feb324f4c37992e68e04762494841d532b3da2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ffb256-d515-4bd7-8804-5c32e070765c.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ffb256-d515-4bd7-8804-5c32e070765c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0ac656cdf72279d8aab7e906f067ecb
fd70a88299221cbbf71242e572a507bcb1ee45d8
fc6e1e38162173b45ddf5bd0838495fe05a8c12ac50b7977fd66281ed0a7a1cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ffb256-d515-4bd7-8804-5c32e070765c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7842
x-amzn-requestid: 2fea5ef4-795f-4d81-ad13-1d9cb738524c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ7FYVoAMFURA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-6f87591428c52a1a0afc7dee;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: bRuAqoco3FJIe17GiZYAqBPatACNgfbA37mmppM8KzQqRhVUoScksw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 04:10:37 GMT
age: 69955
etag: "fd70a88299221cbbf71242e572a507bcb1ee45d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47a0e7dd-37cd-4bec-8133-1c67d450aded.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47a0e7dd-37cd-4bec-8133-1c67d450aded.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 412c9be19a182a70270af3885bdacc80
51382789a4b3fb643748514985ab94c9f0a045e0
b3c4a8845abf221ae234d12441525419346c08f47bf5ba8b0e3ada59d9f04986
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47a0e7dd-37cd-4bec-8133-1c67d450aded.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11322
x-amzn-requestid: fecf6c9b-54e3-4320-897b-0e74117c6d98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecWFgEEpIAMFgMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb36ef-53935876772cbb0a1eb1a1e2;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lqGS287bx4l8uOXA45DvLzwGRRftXEbFkRfegumNL7j9zBmyGQHiUg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 22:01:35 GMT
age: 5697
etag: "51382789a4b3fb643748514985ab94c9f0a045e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7478553b-0929-4671-8115-a5fd59ca43a1.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7478553b-0929-4671-8115-a5fd59ca43a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 921da729b03484c8525882e0689f13f9
1de15df26541c49b829c5bc1c8e59eb1be7051c1
b3cfbac9089c6a086cc78dca0c0eeb74d7a2ea8b781e6e78de1f327fef67fd53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7478553b-0929-4671-8115-a5fd59ca43a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13257
x-amzn-requestid: f73bd9e9-5576-4430-800c-b6137894046d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eaAirEFXoAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba47aa-04958f082a507ed607216cb3;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 04:33:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: v3x6P8QkYxGA43tAesN-p01OpifPEPkNTGiVLfV7_2BQA5Dh8bGx9A==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 21:41:03 GMT
age: 6929
etag: "1de15df26541c49b829c5bc1c8e59eb1be7051c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash bd47d480177832e51cb740ae1f577f85
2998fd93ca01c928ac7ccdc3ad4fe8d9cf7c328e
b4c8d946d4269cbaf6ad1100d9d2cdcddbb5c4002612ce9aaad1e92bb095c20f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4178
Cache-Control: max-age=149272
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:32 GMT
Etag: "63bae746-139"
Expires: Tue, 10 Jan 2023 17:04:24 GMT
Last-Modified: Sun, 08 Jan 2023 15:54:46 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash bd47d480177832e51cb740ae1f577f85
2998fd93ca01c928ac7ccdc3ad4fe8d9cf7c328e
b4c8d946d4269cbaf6ad1100d9d2cdcddbb5c4002612ce9aaad1e92bb095c20f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4365
Cache-Control: max-age=149459
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:32 GMT
Etag: "63bae746-139"
Expires: Tue, 10 Jan 2023 17:07:31 GMT
Last-Modified: Sun, 08 Jan 2023 15:54:46 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 313
prg.smartadserver.com/prebid/v1
185.86.138.32200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.32:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 399
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:32 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
prg.smartadserver.com/prebid/v1
185.86.138.32200 OK 440 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.32:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (959), with no line terminators
Hash e521c98162fec3daeebaeb7e8e6339e9
d8132c16647e9d9c23e1e37efa0ebb1116a97013
6f36d7a1e713698c6d29419480d6feb3f70d2301519a537a12921dcc43877220
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 398
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:32 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:32 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:32 GMT; domain=.smartadserver.com; path=/
pid=3803784481270261882; expires=Mon, 08 Jan 2024 23:36:32 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088177928248082&o=1; expires=Mon, 09 Jan 2023 23:36:32 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:32 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 66176e50895129d304d5f5956c20cc58
de651f8f2abbb4b0372cb9bd64a94a7554106ea3
516f10bb4b465e652c933f29689afa90c87041f1656be57167877cf3ef3c4968
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 499
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:33 GMT
Etag: "63ba7f62-1d7"
Last-Modified: Sun, 08 Jan 2023 23:28:14 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 66176e50895129d304d5f5956c20cc58
de651f8f2abbb4b0372cb9bd64a94a7554106ea3
516f10bb4b465e652c933f29689afa90c87041f1656be57167877cf3ef3c4968
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 392
Cache-Control: max-age=118888
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:33 GMT
Etag: "63ba7f62-1d7"
Expires: Tue, 10 Jan 2023 08:38:01 GMT
Last-Modified: Sun, 08 Jan 2023 08:31:30 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 66176e50895129d304d5f5956c20cc58
de651f8f2abbb4b0372cb9bd64a94a7554106ea3
516f10bb4b465e652c933f29689afa90c87041f1656be57167877cf3ef3c4968
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 392
Cache-Control: max-age=118888
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:33 GMT
Etag: "63ba7f62-1d7"
Expires: Tue, 10 Jan 2023 08:38:01 GMT
Last-Modified: Sun, 08 Jan 2023 08:31:30 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 66176e50895129d304d5f5956c20cc58
de651f8f2abbb4b0372cb9bd64a94a7554106ea3
516f10bb4b465e652c933f29689afa90c87041f1656be57167877cf3ef3c4968
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 499
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:33 GMT
Etag: "63ba7f62-1d7"
Last-Modified: Sun, 08 Jan 2023 23:28:14 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:33 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:33 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.149200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d0624f581d9b45f88517aa07281467ef
cab52c5db5035212e6f7cb4c7fbb0ab8c0f2bf3d
33c5e592482bbdffac3ac53dcc94725e4a1810d4c785d2b259711cd71523a1f3
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 640
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 51d4572d-bcae-40d7-853e-7e9b065934f4
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMIGn7Z0GOAFAAUgBEIGn7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=2297850833292831007; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:33 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.32200 OK 450 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.32:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (885), with no line terminators
Hash edc8388045b5d9d9a3d2fd2df73eb208
1604710a6e468d0662856190d79d2d598f290374
e93ac283313f4c682b3c7d938dabe60062fb7aa6ecb4a3720940bfdccfcc32b3
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:32 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
vs=555020=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
pid=7596577732801194086; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088177932594168&o=1; expires=Mon, 09 Jan 2023 23:36:33 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:33 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=54101581975&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=54101581975&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=54101581975&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:33 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 66 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4313a135fbf7443e32e3c977b5f42354
156fead6fec7ffa05aa1dc9311160d518ae9c40c
a368a261dc62c92cef1c038f8e400483606a7c5d3e2c7de1ceb2ada2838a2e05
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1248
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: application/json;charset=utf-8
content-length: 66
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 66 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 711e3190251ca0bdd5e58c2a38407dce
493ec8098db2dcbe12266088e7b725290e296295
95e6139b2ebe2c9f11296dcd80c7f5094b7708882d8dcdf92136fe60ec06a0e9
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1251
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: application/json;charset=utf-8
content-length: 66
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
age: 0
X-Firefox-Spdy: h2
secure.gravatar.com/avatar/ce2e698c2ff496a6f5158d5390376c88?s=40&d=mm&r=g
192.0.73.2200 OK 983 B URL HTTP/2 secure.gravatar.com/avatar/ce2e698c2ff496a6f5158d5390376c88?s=40&d=mm&r=g
IP 192.0.73.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 40x40, components 3\012- data
Hash 75dfb23da6e6730d066e698773b3fd45
3b45961e6fcf7708b89f59d28b18edc96a641016
ca775cd8ab837239f9497e8afe90403d78cb37581c0adfe4003012d24bea020e
GET /avatar/ce2e698c2ff496a6f5158d5390376c88?s=40&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: image/jpeg
content-length: 983
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://www.gravatar.com/avatar/ce2e698c2ff496a6f5158d5390376c88?s=40&d=mm&r=g>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="ce2e698c2ff496a6f5158d5390376c88.png"
expires: Sun, 08 Jan 2023 23:41:33 GMT
cache-control: max-age=300
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 66 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 093abd83f2508f244982601f3d4cd85b
1438c7ccbaa285d92aa936e6810401b38487f73f
637de13fd0cbdc7b2722f04e78914fba2796418c6539efa7dc843699aac84a1b
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1249
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: application/json;charset=utf-8
content-length: 66
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
age: 0
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.32200 OK 612 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.32:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1186), with no line terminators
Hash a99f29085d38f1a475cb0ceea32d746e
6e29235972f6004827ac84114f3ed33a684f53e8
284f34be223accf08ea4b0b7fadb87dfd868f9b33c99e4a90ad7188c73edb391
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 354
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
pid=3952515105626908842; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088177932559185&o=1; expires=Mon, 09 Jan 2023 23:36:33 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:33 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
prg.smartadserver.com/prebid/v1
185.86.138.32200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.32:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 490
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.149200 OK 143 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fc6b72ecca6a1ebd8a8d1a0e021618a2
7f1e104b7984a0f7fc994dac15d4c12448d16b89
2c7aeceb429f153893c262dd58dfc76d808e403d8327e6fce342247431e23bdd
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 642
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 143
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 3ff8da6f-2375-4600-a584-b7961b6880fb
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMIGn7Z0GOAFAAUgBEIGn7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=5689448343378161089; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=87033006258&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=87033006258&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=87033006258&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:32 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 66 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b5d7c5e65f9b7041ff6379e63229a166
d1d905f60b32fd1d1d852c01e174165b718082ac
898f20204176e91a44e25c6385cc088b1a03998c3c7af615f811eb39ae80eb61
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1250
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: application/json;charset=utf-8
content-length: 66
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
age: 0
X-Firefox-Spdy: h2
c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fearnme.club&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
143.204.46.73200 OK 2.0 kB URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fearnme.club&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
IP 143.204.46.73:0
File type JSON data\012- , ASCII text, with very long lines (1960), with no line terminators
Hash 17bc5a6a6cd052ec3cb6afca08829022
f9e8354a014c00fea4507744fd03e14150eed35a
ae48e1202874ebd04205306f97593913e40592e5996faeaca4d7f1cbde36e688
GET /cdn/prod/config?src=600&u=https%3A%2F%2Fearnme.club&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75 HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
content-length: 1960
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Sun, 08 Jan 2023 23:36:32 GMT
server: Server
x-cache: Miss from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HmIVvOv16YRM3LJNwa0ncqKj8J5Y9h_if3Iz30sHU8qWZiIz-IA3Hw==
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220980516&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3b13385c-0dc0-4b53-9edf-ff3dd4752abd&l_pb_bid_id=226aaf1c1187fb&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3267086966263656
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220980516&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3b13385c-0dc0-4b53-9edf-ff3dd4752abd&l_pb_bid_id=226aaf1c1187fb&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3267086966263656
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash e7d9ce98de3c183bafc00910553c8554
9c4eadef29d3cef567a670a012c5613fd2b7f0d6
3bf02b1c08be5cd5cfdc146ad11ac943c3f3d9bad2a79e7bc1838d8728746586
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220980516&tk_flint=pbjs_lite_v7.19.0&x_source.tid=3b13385c-0dc0-4b53-9edf-ff3dd4752abd&l_pb_bid_id=226aaf1c1187fb&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3267086966263656 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0KT9C-1I-AUKO; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:33 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qoAzEBAtO7mWe9DtVM30fCgAsJ0442xJm/UH8RcxJHm5Hvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:33 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.149200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b9d954839346320601e66238cbdc9616
db81a0c24ac9c3e04bca96b52ae635602223cb88
d4de845c3ff6221f1eb8df12948481101a4ffcb883fb017515b13a1354d8e595
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 643
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: fe05d412-bb1d-43d6-9788-07e9d2d8d6c8
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMIGn7Z0GOAFAAUgBEIGn7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=4402697745590623642; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
adx.adform.net/adx/openrtb
37.157.4.25200 OK 1.1 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (1848), with no line terminators
Hash 76f68aa3764cafe5f03268ae04e2c1b2
9fec1bd59089352a49af2c9dc5b52c96827be9c0
d52f55c56b7188e7cfb77596338d5be765b15bf822683f1462852cf29888176f
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.32200 OK 526 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.32:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1012), with no line terminators
Hash 67326bf4a5ce61da722dd4844729cf73
8eaed1a80949ccf5e464fce88da84fcc3b262101
dd6247385c12347e2ca972e6cacdfe5b61f9e66834ef9611d68af89cdb2c06ee
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 354
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:32 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
pid=996379451837245557; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088177933522172&o=1; expires=Mon, 09 Jan 2023 23:36:33 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:33 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=4105763567&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=4105763567&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=4105763567&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:33 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220980570&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5b0ceabb-8efa-4fcf-bacd-aed1c35f5291&l_pb_bid_id=127a3fda7d4bf06&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4477850946638219
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220980570&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5b0ceabb-8efa-4fcf-bacd-aed1c35f5291&l_pb_bid_id=127a3fda7d4bf06&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4477850946638219
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 749e08f893d1f579b26665d4186ea603
85141bf6a45a2e1ed5e2ef306d57e6c18a51ba00
acaa45a8541f30a4df48797c2a4f4ce25b519f6137241d45b9aaa65930880001
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220980570&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5b0ceabb-8efa-4fcf-bacd-aed1c35f5291&l_pb_bid_id=127a3fda7d4bf06&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4477850946638219 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0KTC4-3-HZ25; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:33 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qoZi1EyqXKTAe9DtVM30fCgAsJ0442xJm/UH8RcxJHm5Hvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:33 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.32200 OK 572 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.32:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (889), with no line terminators
Hash 43789b6801d7ee156c12c01509936f35
878bc7c7dc22dc908deb7a4059149236d8df9c07
da96f8b86ca86ff599bcac62bcd77c0728f1d502d153d355950ebde5ac75d803
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
pid=8282645848635074732; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088177934095581&o=1; expires=Mon, 09 Jan 2023 23:36:33 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:33 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=7DkNp59IQ748Q&cb=0&ws=1280x939&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%228eadf4f0-542c-4d4d-aff5-936aabf00c3a%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_1%22%7D%2C%7B%22sd%22%3A%221da01d59-44d1-4d14-a871-97d20130558d%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_2%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
143.204.52.189200 OK 191 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=7DkNp59IQ748Q&cb=0&ws=1280x939&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%228eadf4f0-542c-4d4d-aff5-936aabf00c3a%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_1%22%7D%2C%7B%22sd%22%3A%221da01d59-44d1-4d14-a871-97d20130558d%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_2%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
IP 143.204.52.189:0
File type ASCII text, with no line terminators
Hash e052ef4180ff6374cab02385a283f8d1
5ede963598254d47659db157c28156b428f1f615
c78544693548249dd7d9e907618f4710f09b6366af5b482bc05e2453b9086a15
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=7DkNp59IQ748Q&cb=0&ws=1280x939&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%228eadf4f0-542c-4d4d-aff5-936aabf00c3a%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_1%22%7D%2C%7B%22sd%22%3A%221da01d59-44d1-4d14-a871-97d20130558d%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_2%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 191
server: Server
date: Sun, 08 Jan 2023 23:36:33 GMT
x-amz-rid: BZ3FK4AKBQJ11718B41S
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lqh0UDjVdKjNPqlTM7UOzmdxfa7j7M9LrkkyEVN0IE37USDN1X38Xg==
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm=&pv=dbm&sid=1&rt=img&rnd=191425158873&google_tc=
172.217.21.162302 Found 300 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm=&pv=dbm&sid=1&rt=img&rnd=191425158873&google_tc=
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 5862eb3848ebfe44568ce2ebc01f9947
36e4ec490b13829c80c3b4e41f9002245127ab7d
1a62159891c408f37778d56938bba498111d1ceb9f4fcbd6ac08c0932617d157
GET /pixel?google_nid=neodata_dmp&google_cm=&pv=dbm&sid=1&rt=img&rnd=191425158873&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=191425158873&google_error=3
date: Sun, 08 Jan 2023 23:36:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 300
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tra.neodatagroup.com/pv?sid=2033&rnd=191425158873&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&ids=b7957d27-c530-47e0-a287-d2b43da6318c;pubcid;PublisherCommonId&pbs=true
20.73.234.141302 0 B URL HTTP/1.1 tra.neodatagroup.com/pv?sid=2033&rnd=191425158873&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&ids=b7957d27-c530-47e0-a287-d2b43da6318c;pubcid;PublisherCommonId&pbs=true
IP 20.73.234.141:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv?sid=2033&rnd=191425158873&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&ids=b7957d27-c530-47e0-a287-d2b43da6318c;pubcid;PublisherCommonId&pbs=true HTTP/1.1
Host: tra.neodatagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Sun, 08 Jan 2023 23:36:33 GMT
Content-Type: text/richtext;charset=UTF-8
Content-Length: 0
Connection: keep-alive
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
Access-Control-Allow-Origin: *
Set-Cookie: cProfile=AQMLJ3xkogWHAAAAAAAEAAABhahXolEAB2RlZmF1bHQ=; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 23 Jan 2023 23:36:33 GMT;
Location: /pv?sid=2033&rnd=191425158873&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&ids=b7957d27-c530-47e0-a287-d2b43da6318c;pubcid;PublisherCommonId&pbs=true&neoid=30b277c64a20587
ib.adnxs.com/ut/v3/prebid
37.252.171.149200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b0d6170da1a4d2550f5fdefb6a31dae5
7e3d519916f35c27a91748b6ed0df9cf2eabeb9e
0b8c9cc0b714196fef61e25a51f5a9968d1b92762a772e70690ac60c989cb2ef
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 641
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 5489b850-1d34-4327-a9a8-7f691dc82b75
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMIGn7Z0GOAFAAUgBEIGn7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=7846139907828959185; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 490
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.32200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.32:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 354
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
adx.adform.net/adx/openrtb
37.157.4.25200 OK 1.2 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (1877), with no line terminators
Hash c60828fbec223b8f1e9480c7ea103e77
a2a045a56c28f622b16c6a5929d1c47c676db951
d6225f24f8acea38d4cedd5d9a00e09e28127b825013d09c77302237bc7bcdc6
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.149200 OK 146 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 100dcad187e5489e62242657c19c814a
a56928fab35032d12b307d3b7cf6b1e08b0584bb
e6cbdafc7a0cbef116cce437fea220b1f95c8d99c36b8b67a86be5c250c2c767
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 644
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 146
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 1fdd1399-e81f-4799-b554-27e288c74825
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMIGn7Z0GOAFAAUgBEIGn7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=204076786517641092; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=88311043407&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=88311043407&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=88311043407&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:32 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 491
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=191425158873
213.19.162.21200 OK 334 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=191425158873
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 29500fc72060116400028262accfa1a9
c375d4bccce28d78937dd5dfb806ee8dda49e89e
332adbd2003792a03f99b6cbc329770509ed823a164b821031f8576a57871a1a
GET /pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=191425158873 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0KTJH-8-20DC; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:33 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qr1IT66CkMTou9DtVM30fCgAsJ0442xJm/UH8RcxJHm5Hvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:33 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.32200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.32:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
prg.smartadserver.com/prebid/v1
185.86.138.32200 OK 544 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.32:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1077), with no line terminators
Hash eb287621f732fe91a1fe9c4923851b16
de70f0ef9585db0e03e8e49d229d45c93420ecdf
5e83103f4170aad0085702ab9da617edf556c37e83daf9e7982eb0ee0cbce990
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:32 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
pid=5295034076045109464; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088177936989029&o=1; expires=Mon, 09 Jan 2023 23:36:33 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:33 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ib.adnxs.com/ut/v3/prebid
37.252.171.149200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c5e96dccd0c4681a64e9d26649b33352
dfb053f537b9113c3ffafe6c57aa00de1482602e
e5eee2c45e08161905d0e9bf30dccfb1576f89e804abb6a9751fce164752e6db
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 643
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 700fcc18-59f2-4e5c-b3ea-da1f5e9f6b59
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMIGn7Z0GOAFAAUgBEIGn7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=4018912160358232206; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prg.smartadserver.com/prebid/v1
185.86.139.96200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.96:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
143.204.46.73200 OK 2.7 kB URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 143.204.46.73:0
File type ASCII text, with very long lines (6500), with no line terminators
Hash 836ce0035739e83a4ff067f6d0d11c16
301701b9bd399d25a3a07dfb7b6d52f240f5dfdf
4b4a109d3a9aa987219674ee30743e4850402797d15c71a815f714d23668b134
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 02:54:08 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KzTKLTCzyrhReMIJgE2ts2YQJ-JigYwlHKHR4_9qIMTSlJU-G_8KrQ==
age: 74546
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.96200 OK 500 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.96:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1054), with no line terminators
Hash bee900e3515b04ad08bb7ebd61ff2f68
be917ac68f690fb873862d8fd09dcf30d6437b15
3aac538aa37b85f12882989c560d60579bfde6e371911d3fd6635aa1cb5a864e
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 352
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
pid=5858428631596001443; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088177937282230&o=1; expires=Mon, 09 Jan 2023 23:36:33 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:33 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220980973&tk_flint=pbjs_lite_v7.19.0&x_source.tid=0307cc47-8116-410c-9774-4797ca6bdcbb&l_pb_bid_id=8be9a5204a03348&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6845674085159762
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220980973&tk_flint=pbjs_lite_v7.19.0&x_source.tid=0307cc47-8116-410c-9774-4797ca6bdcbb&l_pb_bid_id=8be9a5204a03348&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6845674085159762
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash ce3ee415b7d7b2c27d03256c9faf9a94
0d900004337c9fc819d59044f4c74aeecb9a8acb
ee8550178618ceacff9ed26f5b8c7deb8cbe91018a587e1b532e3233671c7745
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220980973&tk_flint=pbjs_lite_v7.19.0&x_source.tid=0307cc47-8116-410c-9774-4797ca6bdcbb&l_pb_bid_id=8be9a5204a03348&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6845674085159762 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0KTKZ-D-CEDP; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:33 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qp+bIOIUaEb3+9DtVM30fCgAsJ0442xJm/UH8RcxJHm5Hvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:33 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 491
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.25200 OK 1.3 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (2080), with no line terminators
Hash 33b19d56dc2b673cf0f689a281f2bf67
2ddd0fe282a9c1fc61211489be8163089e3bba22
ebd136b71e3ba8241d74307e8ab2dc5fe044a43124282696dff968dfb59b85e2
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981007&tk_flint=pbjs_lite_v7.19.0&x_source.tid=43f1a573-8aa2-4db3-a90e-9cbcbca69fef&l_pb_bid_id=82c4184b3ea5838&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5199186764366294
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981007&tk_flint=pbjs_lite_v7.19.0&x_source.tid=43f1a573-8aa2-4db3-a90e-9cbcbca69fef&l_pb_bid_id=82c4184b3ea5838&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5199186764366294
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 03247cecf38e5579151a3ed01bc43a9e
e8ec2387db711548510da10b7a55c690bc4fcc60
263cd6cb772364b9eb475f2561fbec6714e124fe4d1eba93c8d05b0bbdd1e4cc
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981007&tk_flint=pbjs_lite_v7.19.0&x_source.tid=43f1a573-8aa2-4db3-a90e-9cbcbca69fef&l_pb_bid_id=82c4184b3ea5838&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5199186764366294 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0KTML-14-1WKY; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:33 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qpC6+3c2Xh2bu9DtVM30fCgAsJ0442xJm/UH8RcxJHm5Hvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:33 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.32200 OK 456 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.32:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (777), with no line terminators
Hash db7270bef56aa7e9ed02385ba02ce129
ff0dec2f745f2952777a676df1058e6a78b1fe55
5b699a99aee7764a8a698421600f9cd8f449e751c8b3db4f2fd20c7dfd1c6a2e
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
pid=8702722997695408354; expires=Mon, 08 Jan 2024 23:36:33 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088177938014474&o=1; expires=Mon, 09 Jan 2023 23:36:33 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:33 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ib.adnxs.com/ut/v3/prebid
37.252.171.149200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c251e5b727920a1d8382234885b67c4f
401ccf764259717c6325dfd180088e2002e9b051
07b5fb3779110eca1aa7c376bf7ba11afa45cfd2ea6745feadee3886bbbc1d4b
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 643
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:33 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 9ba2e93c-1993-4429-b2d7-f41a45dda583
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMIGn7Z0GOAFAAUgBEIGn7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=6069971098782896508; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:33 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=12671369380&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=12671369380&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=12671369380&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:33 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981205&tk_flint=pbjs_lite_v7.19.0&x_source.tid=fa464c31-12df-41cc-a538-70e7160281d0&l_pb_bid_id=80bf50cbcea665&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.11480628643302271
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981205&tk_flint=pbjs_lite_v7.19.0&x_source.tid=fa464c31-12df-41cc-a538-70e7160281d0&l_pb_bid_id=80bf50cbcea665&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.11480628643302271
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash bea69b44803ba9a7a64aa33fc73fec79
f37069b40fcfd623822e651a09f8acb790785d67
c4e6b11b9851ab6320eea50146c2b54c0ba56d5f176eb1c5ee5856a451454c09
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981205&tk_flint=pbjs_lite_v7.19.0&x_source.tid=fa464c31-12df-41cc-a538-70e7160281d0&l_pb_bid_id=80bf50cbcea665&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.11480628643302271 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0KTQ5-6-8VBO; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:33 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qpxBvaqZtdRSu9DtVM30fCgAsJ0442xJm/UH8RcxJHm5Hvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:33 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.25200 OK 1.6 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
Hash b6a2acae74aeff6a879bcff57b3b96c0
556a49d3864e025d6d87938d28170e5c4da44988
5ed6213a5243c26de74cc1d56378c49daa8d26176b333afbb114890b6b140462
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.149200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 44b6a97523d6a34df4c9b2aa2dc27151
dace3265ef5c67c9f74f7aad03139a523b70c92d
4fc590c0f6d8055732a79eff4dc4f86897d1bfbd730b1c50554c8d4c1e8f96fe
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 643
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 2802a614-c3a1-47a2-b416-0f7370a6f3d5
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMIKn7Z0GOAFAAUgBEIKn7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=7531508674171518797; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 490
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:34 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=90792366426&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=90792366426&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=90792366426&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:33 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981331&tk_flint=pbjs_lite_v7.19.0&x_source.tid=8144a5b4-b29b-4f24-915e-5d974a58761f&l_pb_bid_id=10d219208b7e6758&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2716617136163807
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981331&tk_flint=pbjs_lite_v7.19.0&x_source.tid=8144a5b4-b29b-4f24-915e-5d974a58761f&l_pb_bid_id=10d219208b7e6758&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2716617136163807
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 217dc5964f6232f943db691b6927a6a9
15ac64b31b0f6f93cc60d90b75026d0ee9f26d51
f483a5d0266286d2c3f0fd681e5e9dca1864ad0b93ada042d357a7e7c9b3c175
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981331&tk_flint=pbjs_lite_v7.19.0&x_source.tid=8144a5b4-b29b-4f24-915e-5d974a58761f&l_pb_bid_id=10d219208b7e6758&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2716617136163807 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:34 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0KTUL-1A-9KMY; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:34 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqw4EecYlg58e9DtVM30fCgAsJ0442xJm+eJIefUK4liXvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:34 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.25200 OK 2.9 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
Hash c6231b25d6c45a8e768866cbc4baee4a
d4b8e6e20e1b01faa2030147e142cfe8d6b50318
0c26e3f0d84783a8b950b164f3f1ab484e1d76dcd4c254b56c7ea3aedf34303b
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55e53421385ceedabb535dd0c7a1d33c
9f0f6582d1a32cff4f20e3d12cde12d7e806bdb5
d464bb28c90b156d99ae6223ee5052ce1cd922b748352c21b5d90df9521de620
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D464BB28C90B156D99AE6223EE5052CE1CD922B748352C21B5D90DF9521DE620"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14645
Expires: Mon, 09 Jan 2023 03:40:39 GMT
Date: Sun, 08 Jan 2023 23:36:34 GMT
Connection: keep-alive
prg.smartadserver.com/prebid/v1
185.86.138.32200 OK 411 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.32:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (739), with no line terminators
Hash 1c4da90222d607fb45af373884abfd86
782d0a227f83f5fe33b81a7f780a629d027ba406
6f69af65da3e53364889ede4fca248d844aae742fdb81006fb13abcfd807deed
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 352
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:34 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:34 GMT; domain=.smartadserver.com; path=/
pid=593141959011461349; expires=Mon, 08 Jan 2024 23:36:34 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088177940790371&o=1; expires=Mon, 09 Jan 2023 23:36:34 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:34 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=191425158873&google_error=3
20.73.234.141200 1 B URL HTTP/1.1 tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=191425158873&google_error=3
IP 20.73.234.141:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /cm?pv=dbm&sid=1&rt=img&rnd=191425158873&google_error=3 HTTP/1.1
Host: tracker.neodatagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Cookie: cProfile=AQMLJ3xkogWHAAAAAAAEAAABhahXolEAB2RlZmF1bHQ=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Sun, 08 Jan 2023 23:36:34 GMT
Content-Type: image/gif;charset=UTF-8
Content-Length: 1
Connection: keep-alive
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
Access-Control-Allow-Origin: *
Set-Cookie: cP=AQcDCyd8ZKIFhwAAAAABqYWp; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 08 Jan 2024 23:36:34 GMT;
tr=loCAwIGjREJNAIDA; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 08 Jan 2024 23:36:34 GMT;
tr=loCAwIGjREJNzmO8pQKAwA==; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 08 Jan 2024 23:36:34 GMT;
at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
23.38.201.50200 OK 56 B URL HTTP/1.1 at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1
IP 23.38.201.50:0
File type ASCII text, with no line terminators
Hash e3144eea438d7d7f7e016d0bba479883
603815c649ce125a6f677e8a25c9c8fdab0e5b61
f09394d0e47f40b616816b8d9b651f9624b9dea5944cc06c3098d1063dd378bc
GET /fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_consent=&gdpr_status=22&gdpr_reason=220&ccpa_consent=&sv=prebid-v1 HTTP/1.1
Host: at.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
Content-Length: 56
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://earnme.club
Expires: Sun, 08 Jan 2023 23:36:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 08 Jan 2023 23:36:34 GMT
Connection: keep-alive
adx.adform.net/adx/openrtb
37.157.4.25200 OK 1.3 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
Hash 0ccd9ac68ddf05b29920abbd424612a6
5e627beda26f5824e394d8ec295c6e452b03a324
98be1c91fe716b2cee8398dbef615dbecfab9f510c33dc5060042484bf3062ab
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 600
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:32 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 491
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:34 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=19910825575&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=19910825575&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=19910825575&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:33 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
id5-sync.com/api/config/prebid
162.19.138.82200 135 B URL HTTP/1.1 id5-sync.com/api/config/prebid
IP 162.19.138.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4eb43de05ae4ccf9197d91167f082dae
d6cd93e31f2d6bcbf9aae42e82680950a1c9ea6f
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
POST /api/config/prebid HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 121
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 08 Jan 2023 23:36:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=81bc30ae-e37f-4d63-ab58-db17ebb41810&cid=8CUQWX43D&crid=938687138|938687138|938687138|938687138&adunit_count=4&dn=earnme.club&requrl=https://earnme.club/nord-n1-from-oneplus/&istop=true&event=client_timeout&value=4&rd=2000
23.33.119.24200 OK 35 B URL HTTP/1.1 qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=81bc30ae-e37f-4d63-ab58-db17ebb41810&cid=8CUQWX43D&crid=938687138|938687138|938687138|938687138&adunit_count=4&dn=earnme.club&requrl=https://earnme.club/nord-n1-from-oneplus/&istop=true&event=client_timeout&value=4&rd=2000
IP 23.33.119.24:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 349909ce1e0bc971d452284590236b09
adfc01f8a9de68b9b27e6f98a68737c162167066
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
GET /log?logid=kfk&evtid=projectevents&project=prebid&acid=81bc30ae-e37f-4d63-ab58-db17ebb41810&cid=8CUQWX43D&crid=938687138|938687138|938687138|938687138&adunit_count=4&dn=earnme.club&requrl=https://earnme.club/nord-n1-from-oneplus/&istop=true&event=client_timeout&value=4&rd=2000 HTTP/1.1
Host: qsearch-a.akamaihd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Access-Control-Allow-Origin: *
Content-Length: 35
Expires: Sun, 08 Jan 2023 23:36:34 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 08 Jan 2023 23:36:34 GMT
Connection: keep-alive
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981401&tk_flint=pbjs_lite_v7.19.0&x_source.tid=4b849cb1-f86a-4909-8a2f-39428e4febff&l_pb_bid_id=28def4df228cca&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3201463031709122
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981401&tk_flint=pbjs_lite_v7.19.0&x_source.tid=4b849cb1-f86a-4909-8a2f-39428e4febff&l_pb_bid_id=28def4df228cca&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3201463031709122
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash aa4901150e59d0fee615d3258efdf684
fd1e2fbf8160b3679c76d9e1d9b8e78950276857
2c14046fe932892e2dcedf9407319eef58f95fe1d36dfad17d8f6f0c864b7948
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981401&tk_flint=pbjs_lite_v7.19.0&x_source.tid=4b849cb1-f86a-4909-8a2f-39428e4febff&l_pb_bid_id=28def4df228cca&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3201463031709122 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:34 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0KTXD-14-FPLP; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:34 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qoCLT1kOFNZ+O9DtVM30fCgAsJ0442xJm+eJIefUK4liXvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:34 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.32200 OK 563 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.32:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1168), with no line terminators
Hash 937c6cb317842215df14740c26088cc2
023907aa3e51d939aae7aadf3b509a2db78c4e3b
feaf199090995e89a5e2c1e4020597fbd8973a0bca338817704783dc2a46d8aa
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:34 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:34 GMT; domain=.smartadserver.com; path=/
pid=3018885134981130298; expires=Mon, 08 Jan 2024 23:36:34 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088177941769208&o=1; expires=Mon, 09 Jan 2023 23:36:34 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:34 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash a8e4127c892f7c8fbcf37e72ceb407d1
ce09b1fea171ce2a8ff5b3e388f187c5812e82b9
616bf3872a8033586f6179734cf52a16da3940f5bcf26bf91f1c46f4928232d3
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 08 Jan 2023 23:36:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 08 Jan 2023 22:46:04 GMT
Expires: Mon, 09 Jan 2023 22:46:04 GMT
ETag: "ce09b1fea171ce2a8ff5b3e388f187c5812e82b9"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
id.crwdcntrl.net/id
52.49.185.121200 OK 43 B IP 52.49.185.121:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 90eeff5111bbbdce769d4130cc3cca3c
d62886c1a85d51814cb7f124761c5e6aca6d8933
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
GET /id HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:34 GMT
content-type: application/json;charset=utf-8
content-length: 43
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.23.195
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2166f11e11d12ebe46705ce853e14730
d7f16494d91106243c0e88ecb828ad8b1ce8c1c6
cb89c9055df1c17e1c586168f4b31bc5fe421ba19a0a0da72dd75669de045c62
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 23:36:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 08 Jan 2023 01:42:54 GMT
Expires: Sun, 15 Jan 2023 01:42:53 GMT
Etag: "d7f16494d91106243c0e88ecb828ad8b1ce8c1c6"
Cache-Control: max-age=525378,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7868c18d6e69b50b-OSL
ocsp.pki.goog/s/gts1d4/fXs_L39cqkM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/fXs_L39cqkM
IP 142.250.74.131:0
Hash 231bc334e7d2a5e67269cf371972bd4b
64ea570786f1c57487f09524665452621e452b71
643efcabf37884276751b8a7b8173dbd78de193fbe2e948d70179bc01fcdf3ef
POST /s/gts1d4/fXs_L39cqkM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.rlcdn.com/api/identity/envelope?pid=1323
34.120.133.55401 Unauthorized 19 B URL HTTP/2 api.rlcdn.com/api/identity/envelope?pid=1323
IP 34.120.133.55:0
Hash 63dfbd2b39fe4f536a04e7b32ada47b4
207298c4a215ad5d97d888522927910ae772ba48
26e51290d12b4fea0bb98da3ed118837b744555ba723061771ab3df30000b6b7
GET /api/identity/envelope?pid=1323 HTTP/1.1
Host: api.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 401 Unauthorized
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Sun, 08 Jan 2023 23:36:34 GMT
content-length: 19
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 8c3a99d827b45f7b17b6146b35713ed2
94f5a1f3c2e500669e658a19dd0944e8697bcff1
3de448216ab74dc9cd072db251a0a13bdfb1d67f974ffaa365cb73083f676d3a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 08 Jan 2023 23:36:34 GMT
Last-Modified: Sun, 08 Jan 2023 22:01:04 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZLLIHyWSzmTQpoTH7w2SukvESazrt5HtSMI_ZUcLG5ab-j5LmmKVPw==
Age: 5730
ib.adnxs.com/ut/v3/prebid
37.252.171.149200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3b318d74b7a808ba62cd9a6ba30c2e55
0da118315f1312e0a840ef7ff36cb16142da8f51
f4ca9c9238966083fc5e75dc1a6c76e4b6d84ee6ecd228276e3c20e324805cb1
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 644
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 16be3281-f2df-43a2-abb4-58bd33c391c5
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMIKn7Z0GOAFAAUgBEIKn7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=8335468216289966615; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 69fe89e47df7ec6d4cc602dea46878f9
76ff956c2f53ede8c94c4f2f99117f36a0e82c29
3594f4002876a4dad11f0be075f2fc9e53ec690c914a9d647266c1d1bed8b3e3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 08 Jan 2023 23:36:34 GMT
Last-Modified: Sun, 08 Jan 2023 22:12:57 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BS3cFxm2Gq5wEW_48oaPZ6jpnssIyy4_eIPpEkPiNZ9N01dc88ChhA==
Age: 5018
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:34 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.32200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.32:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 352
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:34 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
shb.richaudience.com/hb/
162.55.101.208200 OK 471 B IP 162.55.101.208:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text, with very long lines (510), with no line terminators
Hash d3a431fe52fabb1a92b9fbb088ab0edb
162e8e8445ebb2af0b28501e19165b5a6f084e51
b44cb77044d9984158d01956dbe7df9611a8086fef0384bb59079bdc1fc61d63
POST /hb/ HTTP/1.1
Host: shb.richaudience.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 673
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 08 Jan 2023 23:36:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: gzip
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:34 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0
35.244.193.51200 OK 49 B URL HTTP/2 lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0
IP 35.244.193.51:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c466bd434db29cf02793f8522fde5f3a
f39a01bb0264479dbe9a4bfb0b80ae0b3b0e8154
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
GET /v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0 HTTP/1.1
Host: lexicon.33across.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: origin
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
cache-control: private, must-revalidate, max-age=28800
content-type: application/json
content-length: 49
date: Sun, 08 Jan 2023 23:36:34 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 2166f11e11d12ebe46705ce853e14730
d7f16494d91106243c0e88ecb828ad8b1ce8c1c6
cb89c9055df1c17e1c586168f4b31bc5fe421ba19a0a0da72dd75669de045c62
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 23:36:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 08 Jan 2023 01:42:54 GMT
Expires: Sun, 15 Jan 2023 01:42:53 GMT
Etag: "d7f16494d91106243c0e88ecb828ad8b1ce8c1c6"
Cache-Control: max-age=525378,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7868c18f382cb50b-OSL
ib.adnxs.com/ut/v3/prebid
37.252.171.149200 OK 146 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b7ac79a87dbf8707e1a30c10cfbded03
0d339e3e5425d1766d25919e474bef89aadc91de
5fe0070c389c459d8c4441ef3906a315e9196af7a08aad7baccc4508f8e47cd2
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 642
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 146
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 89cd7651-4214-4151-8a1d-8b6031646d35
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMIKn7Z0GOAFAAUgBEIKn7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=3222501209288064275; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prg.smartadserver.com/prebid/v1
185.86.139.96200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.96:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 352
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=20478397700&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=20478397700&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=20478397700&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:34 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981643&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2982a426-3981-46ed-8e55-fdb4966dd47a&l_pb_bid_id=14c83f43606646b&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8410098891579197
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981643&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2982a426-3981-46ed-8e55-fdb4966dd47a&l_pb_bid_id=14c83f43606646b&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8410098891579197
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 01cb7d682264f7ef9452578fdca6b3f7
2a3efa44942e0f20898a845fe82bba3396364a94
3e6d6a3301b9edc2993e7b14afd7d1e4a6a9668576ed04619ccb1ce5ed6b8cf7
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981643&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2982a426-3981-46ed-8e55-fdb4966dd47a&l_pb_bid_id=14c83f43606646b&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8410098891579197 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:34 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0KU4K-1C-G79W; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:34 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqcaRYyzXLcru9DtVM30fCgAsJ0442xJm+eJIefUK4liXvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:34 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/fXs_L39cqkM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/fXs_L39cqkM
IP 142.250.74.131:0
Hash 231bc334e7d2a5e67269cf371972bd4b
64ea570786f1c57487f09524665452621e452b71
643efcabf37884276751b8a7b8173dbd78de193fbe2e948d70179bc01fcdf3ef
POST /s/gts1d4/fXs_L39cqkM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:34 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
idx.liadm.com/idex/prebid/any?resolve=nonId
54.161.113.72200 OK 50 B URL HTTP/2 idx.liadm.com/idex/prebid/any?resolve=nonId
IP 54.161.113.72:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0e427fd12f998fc60cf7cc9dfdcc72b6
ab10b80f8cc27af8a1ea2ec0cd38bf4948cd948f
baf09a428d2981893b1aafedf68078c6ad5ba48de002c692b758912e87dfcbc4
GET /idex/prebid/any?resolve=nonId HTTP/1.1
Host: idx.liadm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:34 GMT
content-type: application/json
content-length: 50
trace-id: 45b1cebc9775589d
vary: Origin
expires: Mon, 09 Jan 2023 23:36:34 GMT
set-cookie: lidid=85c24c37-75a7-4e81-be97-2e760cae71f1; Max-Age=63072000; Expires=Tue, 07 Jan 2025 23:36:34 GMT; SameSite=None; Path=/; Domain=liadm.com; Secure
request-time: 1
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981687&tk_flint=pbjs_lite_v7.19.0&x_source.tid=22d7efa7-02ff-409c-880b-a499f8487049&l_pb_bid_id=6d40cceb617aa2&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7884607822951969
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981687&tk_flint=pbjs_lite_v7.19.0&x_source.tid=22d7efa7-02ff-409c-880b-a499f8487049&l_pb_bid_id=6d40cceb617aa2&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7884607822951969
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash cc80dfd48a128829c59321a35c8e335d
44802f984942d565a37dcbb2a044be8b723635b7
6214831c0a05be3d602e65116ecd8bc87776596a4f5d3921082914571a7f0e28
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981687&tk_flint=pbjs_lite_v7.19.0&x_source.tid=22d7efa7-02ff-409c-880b-a499f8487049&l_pb_bid_id=6d40cceb617aa2&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7884607822951969 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:34 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0KU57-1X-A7VF; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:34 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qr5IZN9qsx06e9DtVM30fCgAsJ0442xJm+eJIefUK4liXvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:34 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.32200 OK 504 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.32:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (907), with no line terminators
Hash 2c69cf6f4f526b1a763bad19df8b9fa4
a9291b52ad15480ef396fa487fb229f6db0fe737
32b075237841cf2e19215c4434725a8a9ca64dfebf412f3b00110e59080ce9cf
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 354
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:34 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:34 GMT; domain=.smartadserver.com; path=/
pid=7144353191616964774; expires=Mon, 08 Jan 2024 23:36:34 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088177944467921&o=1; expires=Mon, 09 Jan 2023 23:36:34 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:34 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1673220981496&eid=40deffe35728add
3.225.225.178204 No Content 0 B URL HTTP/2 1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1673220981496&eid=40deffe35728add
IP 3.225.225.178:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1673220981496&eid=40deffe35728add HTTP/1.1
Host: 1x1.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:34 GMT
cache-control: max-age=0, private, must-revalidate
server: MonetEngine
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.96200 OK 480 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.96:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (916), with no line terminators
Hash 2a6d0a2170ac17d70f802073125be525
e499b173cd2b661656d901363117e613b5826ead
3c57dff3af55c9845c39d9379212c2bf9f1fa828b63283b30a09250e7fb9416f
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 352
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:34 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:34 GMT; domain=.smartadserver.com; path=/
pid=1566561541774502064; expires=Mon, 08 Jan 2024 23:36:34 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088177944632551&o=1; expires=Mon, 09 Jan 2023 23:36:34 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:34 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 255b0965958620bb4bd2a34a3933ff40
156378b2aed85f3c5b1f535022db505d0a3274f3
89e1e40bfbab2c24a867f577f8b3738bd0cfca63d9cbf3fb0fd09d1ec920d3d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4756
Cache-Control: max-age=170762
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:34 GMT
Etag: "63bb38f8-139"
Expires: Tue, 10 Jan 2023 23:02:36 GMT
Last-Modified: Sun, 08 Jan 2023 21:43:20 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 313
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:34 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.25200 OK 1.3 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
Hash aa2912b72990ea069efbb8b4e93edf33
2faff4bf97ed72c2fd207007fa9469a5307fadfa
849d5aa8a43f6df2a9fc295a2c2ab2f86175eb21414065eae173f723416f603f
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:34 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981972&tk_flint=pbjs_lite_v7.19.0&x_source.tid=6544bbc8-b9d5-4ae6-b3d6-4df02cc13eed&l_pb_bid_id=86b33af34a3cc28&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2417829971072446
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981972&tk_flint=pbjs_lite_v7.19.0&x_source.tid=6544bbc8-b9d5-4ae6-b3d6-4df02cc13eed&l_pb_bid_id=86b33af34a3cc28&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2417829971072446
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 81f72c7ab9b77f22fb31da912ca48a4d
672ffd57c7fe99548961af65371c190dfe20b312
7a6808b28ff0c3f1c0991449cc27c940782efbc67ffbf10c02346253f84e4a5d
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220981972&tk_flint=pbjs_lite_v7.19.0&x_source.tid=6544bbc8-b9d5-4ae6-b3d6-4df02cc13eed&l_pb_bid_id=86b33af34a3cc28&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2417829971072446 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:34 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0KUCT-15-BPSC; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:34 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqrAX4Pqyh/gO9DtVM30fCgAsJ0442xJm+eJIefUK4liXvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:34 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:34 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.32200 OK 478 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.32:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (792), with no line terminators
Hash ef25d7364bddbc1c11c287c2d0be24e1
fe9cb56dc55659739ed2ef9edec935ba7bc9ace2
554080199b9b522fcc22a2171e6df014d67f357868f5a24b46c9a1590b9e5857
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:34 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:34 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:34 GMT; domain=.smartadserver.com; path=/
pid=459208446177306721; expires=Mon, 08 Jan 2024 23:36:34 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088177947489341&o=1; expires=Mon, 09 Jan 2023 23:36:34 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:34 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=38384972483&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=38384972483&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=38384972483&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:34 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220982058&tk_flint=pbjs_lite_v7.19.0&x_source.tid=57b9c793-e262-4fb1-890e-9312101fd050&l_pb_bid_id=45651affcdc2e28&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.025603982370186573
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220982058&tk_flint=pbjs_lite_v7.19.0&x_source.tid=57b9c793-e262-4fb1-890e-9312101fd050&l_pb_bid_id=45651affcdc2e28&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.025603982370186573
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 2a72a2bf86b773045bd3b5255ec366fe
bd1d319fea2cbb9e544320d4170343c0435e12ce
b4f776b7d88a47fd4a2d2994e50ad78f2bf486287732f1879b97e47a725b2993
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220982058&tk_flint=pbjs_lite_v7.19.0&x_source.tid=57b9c793-e262-4fb1-890e-9312101fd050&l_pb_bid_id=45651affcdc2e28&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.025603982370186573 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:34 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0KUF2-1N-FUTR; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:34 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|SDziDG3X/EhsSdtm9DJDH+9DtVM30fCgAsJ0442xJm+eJIefUK4liXvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:34 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:34 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=62193104530&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=62193104530&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=62193104530&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:34 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220982133&tk_flint=pbjs_lite_v7.19.0&x_source.tid=9b2c6a08-7575-45c9-8c31-340e4211678f&l_pb_bid_id=8d4896670afa&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6037221991090383
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220982133&tk_flint=pbjs_lite_v7.19.0&x_source.tid=9b2c6a08-7575-45c9-8c31-340e4211678f&l_pb_bid_id=8d4896670afa&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6037221991090383
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 12bc92ed8dba058f08f287a9d882daee
3097b3859602801863ff7483584842b9a946fcf4
fd360c35330fb11e8d86b4290af579c8135e2f8412132f06a7719394b9419d73
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220982133&tk_flint=pbjs_lite_v7.19.0&x_source.tid=9b2c6a08-7575-45c9-8c31-340e4211678f&l_pb_bid_id=8d4896670afa&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6037221991090383 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:34 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0KUHD-N-L0VV; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:34 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qoLBoooawSTYO9DtVM30fCgAsJ0442xJm+eJIefUK4liXvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:34 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.138.32200 OK 499 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.32:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1030), with no line terminators
Hash 8686dabf18dac6433ba6ea2088785138
18102901ca3d50ef08e43f3287b3d95b9f66a455
29b1481538b472e06bcddd9baeda73a0faa085825ac1d4dce7da55c3c8f8e6d3
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:34 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:34 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:34 GMT; domain=.smartadserver.com; path=/
pid=6551326535704504557; expires=Mon, 08 Jan 2024 23:36:34 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088177948969145&o=1; expires=Mon, 09 Jan 2023 23:36:34 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:34 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ib.adnxs.com/ut/v3/prebid
37.252.171.149200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1082406c0c4c95af946129e83d4472bf
63732f7214dd6505a2be81bf7ff59d1641c259c9
429c036f6bfdaad9461e76488b9895e0b61c4a5e1abd0e3c120e4465bf15e257
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 642
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:34 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 177b2454-1c44-4f98-bdcd-a15de72b639d
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMIKn7Z0GOAFAAUgBEIKn7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=1244313038212092797; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
37.252.171.149200 OK 146 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.149:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8fd82160f0a4d957b246b5f27fea252d
a2ebdc08b80377756b0355bfe008697df486b7e4
f342d3a120b2854bb48fe6c6f268d7802235d3682a32ee2278b63a702a1e6770
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 646
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:35 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 146
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 4538ba21-730b-46c9-be91-2dd24e827157
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMIOn7Z0GOAFAAUgBEIOn7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:35 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=4539049360765319824; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:35 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=36628109466&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=36628109466&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=36628109466&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:34 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.25200 OK 1.7 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
Hash e812ad76dc82d44a6715665265d635c8
3136399af7d76129e36f40310d9f82b739ef9086
8ae6012d6b63b4c34b23fe2b03ddb370df9069aacdb54b5d003a5bdda74f3139
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:34 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8fd95f99c767ca2559dfa76e78fa1ddd
1bcfa611a72225e6cd9cfedf6d03a43aa525946f
01595b34ecb16f26e964615a0b43bc3a886e2c15a027314af991d4ccd56e64cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 53e4963971e19408d4cf264bd653599d
271fa6d9b5843b97d579a713fbb48b388c61eba0
c3245e3793f7aab542ba2b4b719f5145a45ba29d536456ad629a364ab2df400b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=earnme.club
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=earnme.club
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=earnme.club HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 08 Jan 2023 23:36:35 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=earnme.club
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=earnme.club
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=earnme.club HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 08 Jan 2023 23:36:35 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8fd95f99c767ca2559dfa76e78fa1ddd
1bcfa611a72225e6cd9cfedf6d03a43aa525946f
01595b34ecb16f26e964615a0b43bc3a886e2c15a027314af991d4ccd56e64cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023010406&st=env
142.250.74.162200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023010406&st=env
IP 142.250.74.162:0
File type JSON data\012- , ASCII text, with very long lines (14453), with no line terminators
Hash 570b407d5d893ec32cc9683aa2216d6a
781db188f3e0547a02f417c85031525056a23b86
b085769cde07019687c33ce9e7daf42ff8adb9f2eb45f19fb4a6034d98af16cc
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023010406&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sun, 08 Jan 2023 23:36:36 GMT
server: cafe
content-length: 10910
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e8a288323d4121af32fd853bf9a0f0e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
216.58.207.193200 OK 2.7 kB URL HTTP/2 e8a288323d4121af32fd853bf9a0f0e0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html?n=1 HTTP/1.1
Host: e8a288323d4121af32fd853bf9a0f0e0.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Sun, 08 Jan 2023 23:36:36 GMT
expires: Mon, 08 Jan 2024 23:36:36 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/pwt/157742/7600
2.18.172.200301 Moved Permanently 261 B URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/157742/7600
IP 2.18.172.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 062136e3a621e033fe962c1b279eec4c
d38b6ab78d6b6ccf1cc926379e426c9780c90eb2
c0ab28cf312ba7e04fdeabf8173ca9e1809281aa9fde276981842e71020c2c41
GET /AdServer/js/pwt/157742/7600 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: Apache
location: https://ads.pubmatic.com/AdServer/js/pwt/157742/7600/
content-length: 261
content-type: text/html; charset=iso-8859-1
cache-control: max-age=97131
expires: Tue, 10 Jan 2023 02:35:27 GMT
date: Sun, 08 Jan 2023 23:36:36 GMT
X-Firefox-Spdy: h2
track1.aniview.com/track?d=Firefox&cou=NO&cos=Windows&r=earnme.club&rs=earnme.club&sid=24401&t=1673220992&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=&d64=41a6b2f219cafbe61508568fc0a78595&d63=41a6b2f219cafbe61508568fc0a78595&aafaid=&proto=https&uid=1673220992775-983049509137-006469-013-002289&cha=0.7&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.71&cb=20829863519&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361&&ppid=62176a72a06fe80ba569d18f&nid=5e7b9048180bd02ded4b0937&pcid=6278fd47e6b0901a49776895&ncid=627a0e8f76eb182bd8758ee8&pasid=627a0ec5d3a48b4af3605f6c&e=request&cb=1673220983705&asid=63720057d528eb2645079ab5%2C63a987c1780a4b73f009af75%2C62fcc8551f0d537b70642b47%2C62a9a257b1f7be14705f5586%2C6332ef55cd0fcf1ceb506cc4%2C63a987aaf31103e0780c6cb4%2C62a9a3044f8b3f11bf3a5058%2C62a9a26be8c62b7a753672a4%2C62a9a2daf85a765d16158238%2C62a9a29da987b3169d027596%2C6295fa3e088d8a77b2698777&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1
3.229.18.68200 OK 0 B URL HTTP/2 track1.aniview.com/track?d=Firefox&cou=NO&cos=Windows&r=earnme.club&rs=earnme.club&sid=24401&t=1673220992&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=&d64=41a6b2f219cafbe61508568fc0a78595&d63=41a6b2f219cafbe61508568fc0a78595&aafaid=&proto=https&uid=1673220992775-983049509137-006469-013-002289&cha=0.7&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.71&cb=20829863519&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361&&ppid=62176a72a06fe80ba569d18f&nid=5e7b9048180bd02ded4b0937&pcid=6278fd47e6b0901a49776895&ncid=627a0e8f76eb182bd8758ee8&pasid=627a0ec5d3a48b4af3605f6c&e=request&cb=1673220983705&asid=63720057d528eb2645079ab5%2C63a987c1780a4b73f009af75%2C62fcc8551f0d537b70642b47%2C62a9a257b1f7be14705f5586%2C6332ef55cd0fcf1ceb506cc4%2C63a987aaf31103e0780c6cb4%2C62a9a3044f8b3f11bf3a5058%2C62a9a26be8c62b7a753672a4%2C62a9a2daf85a765d16158238%2C62a9a29da987b3169d027596%2C6295fa3e088d8a77b2698777&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1
IP 3.229.18.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track?d=Firefox&cou=NO&cos=Windows&r=earnme.club&rs=earnme.club&sid=24401&t=1673220992&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=&d64=41a6b2f219cafbe61508568fc0a78595&d63=41a6b2f219cafbe61508568fc0a78595&aafaid=&proto=https&uid=1673220992775-983049509137-006469-013-002289&cha=0.7&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.71&cb=20829863519&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361&&ppid=62176a72a06fe80ba569d18f&nid=5e7b9048180bd02ded4b0937&pcid=6278fd47e6b0901a49776895&ncid=627a0e8f76eb182bd8758ee8&pasid=627a0ec5d3a48b4af3605f6c&e=request&cb=1673220983705&asid=63720057d528eb2645079ab5%2C63a987c1780a4b73f009af75%2C62fcc8551f0d537b70642b47%2C62a9a257b1f7be14705f5586%2C6332ef55cd0fcf1ceb506cc4%2C63a987aaf31103e0780c6cb4%2C62a9a3044f8b3f11bf3a5058%2C62a9a26be8c62b7a753672a4%2C62a9a2daf85a765d16158238%2C62a9a29da987b3169d027596%2C6295fa3e088d8a77b2698777&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1 HTTP/1.1
Host: track1.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Cookie: aniC=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:36 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/ima3.js
216.58.211.10200 OK 127 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (2791)
Size 127 kB (127165 bytes)
Hash 43f9f7256078a6280391d8ddf65d34c6
7313fb4491f9b413dbbab03c75f42780c1a22baf
e95c555d5756aac136cc38e122f09f6d222c74e06928ce8d11af20de3f3f0556
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 127165
date: Sun, 08 Jan 2023 23:36:36 GMT
expires: Sun, 08 Jan 2023 23:36:36 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=erosan&e=1452924796601
54.230.111.81200 OK 5.0 kB URL HTTP/2 flashnetic.com/r/p.html?f=erosan&e=1452924796601
IP 54.230.111.81:0
Hash a7677708aa2d2d07728fd973ea4247eb
164dd3626d73bcc09d7390467a00801db17da21d
11697059e9e00dfa4e7e56506db2fbb94a4f5e137e8d063e552e02f02536026c
GET /r/p.html?f=erosan&e=1452924796601 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ujLyxTe5yYmXwVRCOFj7SIB2ucPZBAR28I16YdiCIgAIO2IcnNwz2w==
age: 65148
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a43d4b38e31309767aba3958eace2640
0bdcfdba185f3a2198ad91112f53d85238413759
64c7429f74d38bba6b3a6d911876cc3a537bc2079286bcffff8cf85bed742f88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
216.58.211.1200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (21224)
Hash f9c7ccf8a881c621afee8eb4202ec2c4
fb2e16928794f4233e0bec16c2e75975ac5cee97
db7c652e8b46bc8b277eb57b299541ea7cbef676f141a907bc9fb1c3844a4693
GET /safeframe/1-0-40/js/ext.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8a288323d4121af32fd853bf9a0f0e0.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 6402
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 06:49:33 GMT
expires: Mon, 08 Jan 2024 06:49:33 GMT
cache-control: public, immutable, max-age=31536000
age: 60423
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.34200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.34:0
File type ASCII text, with very long lines (3504)
Hash 819fce3c34bc8a479f4c924f5b6dfca4
9cd0d630892c498df3624f93e9cb7bef1339f81d
a8dc9568049a65aac30153a1a2f04a7c2b17325e5627f38ff4b27f3a83802046
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8a288323d4121af32fd853bf9a0f0e0.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 48907
date: Sun, 08 Jan 2023 23:36:36 GMT
expires: Sun, 08 Jan 2023 23:36:36 GMT
cache-control: private, max-age=3000
etag: "1672933789069018"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e137d91ff1d52f2f3b37045da9db2690
58c93405e90f191e6405bb09b75b6b795a033e4e
fd8ab1fc158dc32f9754fa9866d43b040baf45796feac5bdd96e9d1cc9336b72
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e137d91ff1d52f2f3b37045da9db2690
58c93405e90f191e6405bb09b75b6b795a033e4e
fd8ab1fc158dc32f9754fa9866d43b040baf45796feac5bdd96e9d1cc9336b72
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youronlinechoices.com/wp-content/plugins/optout/callback/?status=nocookie&token=HtUTWsuw1EmU-uVIXo7jWoQmuEI
40.85.112.191200 OK 796 B URL HTTP/1.1 www.youronlinechoices.com/wp-content/plugins/optout/callback/?status=nocookie&token=HtUTWsuw1EmU-uVIXo7jWoQmuEI
IP 40.85.112.191:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document, ASCII text
Hash c9c34423dbd3df541365e2e3ec3e728b
dfa3986b0c80376c71cdc418f45c8aedb3e7111a
c847b44b3a75d72eca3b2d4f2806905b498cc25c8a18a46be98604029a2e704a
GET /wp-content/plugins/optout/callback/?status=nocookie&token=HtUTWsuw1EmU-uVIXo7jWoQmuEI HTTP/1.1
Host: www.youronlinechoices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 23:36:34 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
X-Powered-By: PHP/7.4.16
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=631138519; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;
Content-Length: 796
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
s0.2mdn.net/instream/video/client.js
142.250.74.70200 OK 17 kB URL HTTP/2 s0.2mdn.net/instream/video/client.js
IP 142.250.74.70:0
File type ASCII text, with very long lines (2156)
Hash 49295de6ccd23cf80b6418a2d209868f
42a955b4560bb22cb9b5b39577f7a691ea345018
d5a29c73c6200af2ed6918a61106e649b92098ecd476830d725ed4d2ea5a8efa
GET /instream/video/client.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 16746
date: Sun, 08 Jan 2023 23:36:36 GMT
expires: Sun, 08 Jan 2023 23:36:36 GMT
cache-control: private, max-age=900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e137d91ff1d52f2f3b37045da9db2690
58c93405e90f191e6405bb09b75b6b795a033e4e
fd8ab1fc158dc32f9754fa9866d43b040baf45796feac5bdd96e9d1cc9336b72
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.prod.uidapi.com/uid2SecureSignal.js
54.230.82.163200 OK 1.9 kB URL HTTP/1.1 cdn.prod.uidapi.com/uid2SecureSignal.js
IP 54.230.82.163:0
File type ASCII text, with very long lines (1859), with no line terminators
Hash aded621b17723f487b3c9d0e43cf2f94
90fbec381aa4a6ae2a2bb37eb082291432a1ab18
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
GET /uid2SecureSignal.js HTTP/1.1
Host: cdn.prod.uidapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1859
Connection: keep-alive
Last-Modified: Thu, 22 Dec 2022 00:57:19 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 08 Jan 2023 00:57:39 GMT
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JVQrOOWsSjXn0rHVQs_0oAF_cfbIgnBfih1zJl_iSd14uNlVig0p8A==
Age: 81539
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c07e2e8891a74abba36bed61343f81ff
850b6697cfe2861bf24caf5ae764b3a4f14be060
a0620e6d88fc7663e7748939d839080438d13b7b9fffb4c142f7ba395378a53d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 01cf5d59730f5eeefb35fde3df9a0b25
59d38cbf821de0aefe29836faeac63933cb199b4
c448ebb12c6b1d799a427e611cba6af08fcd275d21ecd83a1f9fe3527428edb8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 01cf5d59730f5eeefb35fde3df9a0b25
59d38cbf821de0aefe29836faeac63933cb199b4
c448ebb12c6b1d799a427e611cba6af08fcd275d21ecd83a1f9fe3527428edb8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 01cf5d59730f5eeefb35fde3df9a0b25
59d38cbf821de0aefe29836faeac63933cb199b4
c448ebb12c6b1d799a427e611cba6af08fcd275d21ecd83a1f9fe3527428edb8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 01cf5d59730f5eeefb35fde3df9a0b25
59d38cbf821de0aefe29836faeac63933cb199b4
c448ebb12c6b1d799a427e611cba6af08fcd275d21ecd83a1f9fe3527428edb8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
142.250.74.161200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
IP 142.250.74.161:0
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash 190bcb4c44fd9e0e93baa80c9b2535b8
97bda56ddc8d6a00d19e1747d63325051f3fd144
b7677f820f06329e357561f570729fe4110af4ac5fb741b97567e20a0f533301
GET /rtv/012211060024000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61592
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 02 Jan 2023 18:08:55 GMT
expires: Tue, 02 Jan 2024 18:08:55 GMT
cache-control: public, max-age=31536000
age: 538062
etag: "a2fca7132416d151"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
142.250.74.161200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
IP 142.250.74.161:0
File type ASCII text, with very long lines (14697)
Hash ae1a9f090984c448deb0629cc2304ee3
e601825ccec746695f370ed68fa33325152e0d9f
6a947bfcdeea64faa6c795caea11ee09dbe00f5d4003b7b9d47e4945c05ac1e4
GET /rtv/012211060024000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5218
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 03 Jan 2023 10:51:50 GMT
expires: Wed, 03 Jan 2024 10:51:50 GMT
cache-control: public, max-age=31536000
age: 477887
etag: "abd4378f71571d78"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
142.250.74.161200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
IP 142.250.74.161:0
File type Unicode text, UTF-8 text, with very long lines (41057)
Hash 2f873064835eed23708bde2a16830216
7559437b82b9b761e02549d8d51f9e3571e5ed2c
0f5d00ac674cc34652997f2e0dd7fb6eb1a5b22010989c35a81cd7a388c84fdd
GET /rtv/012211060024000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12946
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 17:54:43 GMT
expires: Sat, 06 Jan 2024 17:54:43 GMT
cache-control: public, max-age=31536000
age: 193314
etag: "0bacd3f1ce38a7db"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a70f4ba8af50cca717b378c190a68690
e849143786b922bf6d8ba82b8bf09d86c9d6f011
2abc781b5e1c00318a2d224dc14ff5e5d0f854cf46f3cb9e9d94019a902254cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6595
Cache-Control: max-age=139817
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:37 GMT
Etag: "63bab8eb-116"
Expires: Tue, 10 Jan 2023 14:26:54 GMT
Last-Modified: Sun, 08 Jan 2023 12:36:59 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 278
cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
142.250.74.161200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
IP 142.250.74.161:0
File type ASCII text, with very long lines (65534)
Hash c88b4e73b12307e42222d337bdd646a2
621233bf4e777b2d44b1bc143187111aca2fe718
ef6935537cd5a603b79bc98d4274b70ee5608955792523fc58e818c8ddbb7b48
GET /rtv/012211060024000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28809
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 17:37:12 GMT
expires: Mon, 08 Jan 2024 17:37:12 GMT
cache-control: public, max-age=31536000
age: 21565
etag: "dd6615029de85e23"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c07e2e8891a74abba36bed61343f81ff
850b6697cfe2861bf24caf5ae764b3a4f14be060
a0620e6d88fc7663e7748939d839080438d13b7b9fffb4c142f7ba395378a53d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.sunmedia.tv/integrations/f8503832-54f6-457c-a1c4-6afc0491ccc9/f8503832-54f6-457c-a1c4-6afc0491ccc9.js
141.94.102.46200 OK 66 kB URL HTTP/1.1 static.sunmedia.tv/integrations/f8503832-54f6-457c-a1c4-6afc0491ccc9/f8503832-54f6-457c-a1c4-6afc0491ccc9.js
IP 141.94.102.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a2561e22ecff5454de2ed35d39f2e1bf
8106751401950d7ff5ee73840864364812835609
4781d74c9b44f73dfce10a46bfa38af00f926eba89b196251a2070cbbe86a9ce
GET /integrations/f8503832-54f6-457c-a1c4-6afc0491ccc9/f8503832-54f6-457c-a1c4-6afc0491ccc9.js HTTP/1.1
Host: static.sunmedia.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8a288323d4121af32fd853bf9a0f0e0.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 23:36:37 GMT
Content-Type: application/javascript
Content-Length: 65720
Connection: keep-alive
Last-Modified: Tue, 20 Dec 2022 14:53:59 GMT
Content-Encoding: gzip
Cache-control: max-age=0, s-maxage=2592001
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
X-Device: mobile
Accept-Ranges: bytes
Age: 5083
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
id5-sync.com/api/esp/increment?counter=no-config
162.19.138.82204 0 B URL HTTP/1.1 id5-sync.com/api/esp/increment?counter=no-config
IP 162.19.138.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/esp/increment?counter=no-config HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
date: Sun, 08 Jan 2023 23:36:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ads.pubmatic.com/AdServer/js/pwt/157742/7600/
2.18.172.200403 Forbidden 199 B URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/157742/7600/
IP 2.18.172.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bb8f534fbff5ee61a95af9c4740ae043
832e403d42aac1fec93e4f602338544d3fd2e4f1
5b13fb5957b84ef7bb9d0b6cd509c947ff6a37d67efdac2b896ddd3b908aad10
GET /AdServer/js/pwt/157742/7600/ HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
server: Apache
content-length: 199
content-type: text/html; charset=iso-8859-1
date: Sun, 08 Jan 2023 23:36:38 GMT
X-Firefox-Spdy: h2
static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?ref=https%3A%2F%2Fe8a288323d4121af32fd853bf9a0f0e0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1
141.94.102.46200 OK 1.6 kB URL HTTP/1.1 static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?ref=https%3A%2F%2Fe8a288323d4121af32fd853bf9a0f0e0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1
IP 141.94.102.46:0
File type ASCII text, with very long lines (3471), with no line terminators
Hash 50599b9643f617d2342a633b55656365
9b030cb8fd664d09d8a4cf4a2d31df2149c92d78
0e044e959c4a15e8e023471b246e000315d9542f201523ebfd5409e761969a19
GET /AdBlockDetection/adblockDetector.min.js?ref=https%3A%2F%2Fe8a288323d4121af32fd853bf9a0f0e0.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1 HTTP/1.1
Host: static.sunmedia.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://e8a288323d4121af32fd853bf9a0f0e0.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 23:36:38 GMT
Content-Type: application/javascript
Content-Length: 1634
Connection: keep-alive
Last-Modified: Mon, 21 Dec 2020 17:00:21 GMT
Content-Encoding: gzip
Cache-control: max-age=3600, s-maxage=2592000
X-Device: mobile
Accept-Ranges: bytes
Age: 5083
TP-Cache: HIT
Vary: Accept-Encoding
bcp.crwdcntrl.net/6/map
3.248.51.132200 OK 60 B IP 3.248.51.132:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c0806ffee0db0733395b1647768c4005
43931bfd7e8911f811be7a13296b9883e29579e3
2d9a3df531dd1db817f52bf4b8e419d3eb652a05914f5f5c096d958ae726f44b
POST /6/map HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 50
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:38 GMT
content-type: application/json;charset=utf-8
content-length: 60
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.11.152
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earnme.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:33:54 GMT
expires: Thu, 04 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 360164
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earnme.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 13:33:13 GMT
expires: Sat, 06 Jan 2024 13:33:13 GMT
cache-control: public, max-age=31536000
age: 209005
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
142.250.74.35200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earnme.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 20:35:00 GMT
expires: Thu, 04 Jan 2024 20:35:00 GMT
cache-control: public, max-age=31536000
age: 356498
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60455003;rtbwp=dxoq_OnbpV76pD3KpCg-FqzboUFQG3yp0;rtbdata=KEfFc34P3_1fdLkKXjakTAAvjBIgR29qbiPmyvYgqLmw_Pymg2oPUzN9KlWqfrAlDG4NzZKw3C-J1Dd4XMa1XJ9keqY_JAvBkannd3dtg7bJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai_LE3S2rryBEWOQVE8EsHd1hi4DG-eYpfKnqGuhAbga6kWLg8AcERWAmqq0Gg2xcaynvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ChmPyxrVDE942u1ywTJ-2heUr2W-sa-SObDnJ6InZsQpLIPyFoVMq5G4dWAZeGGwwz0LEq8kKVxhzE5eE5hIO_9xwTH1eDd9ZwWIJCwWci43MxQvb59qojnyDYICA7biQ4W-QSDMdr0KCVV4X7DG8XtKe4kVMSO0m1cbjYLvpyq487kQPD7qPMfMEX5By_Xskui0bMBUl7GyYmSykju8kgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.25200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60455003;rtbwp=dxoq_OnbpV76pD3KpCg-FqzboUFQG3yp0;rtbdata=KEfFc34P3_1fdLkKXjakTAAvjBIgR29qbiPmyvYgqLmw_Pymg2oPUzN9KlWqfrAlDG4NzZKw3C-J1Dd4XMa1XJ9keqY_JAvBkannd3dtg7bJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai_LE3S2rryBEWOQVE8EsHd1hi4DG-eYpfKnqGuhAbga6kWLg8AcERWAmqq0Gg2xcaynvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ChmPyxrVDE942u1ywTJ-2heUr2W-sa-SObDnJ6InZsQpLIPyFoVMq5G4dWAZeGGwwz0LEq8kKVxhzE5eE5hIO_9xwTH1eDd9ZwWIJCwWci43MxQvb59qojnyDYICA7biQ4W-QSDMdr0KCVV4X7DG8XtKe4kVMSO0m1cbjYLvpyq487kQPD7qPMfMEX5By_Xskui0bMBUl7GyYmSykju8kgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.25:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash ad55d9b8539c6ceef91facdd5f354a8f
fa36c16bae163ffb16b4c309ca4894eda22a5b73
de9d8f1f79861dc9a49d5486acd02b3008e11aa24333015a26f4b8c4593930b8
GET /adfscript/?bn=60455003;rtbwp=dxoq_OnbpV76pD3KpCg-FqzboUFQG3yp0;rtbdata=KEfFc34P3_1fdLkKXjakTAAvjBIgR29qbiPmyvYgqLmw_Pymg2oPUzN9KlWqfrAlDG4NzZKw3C-J1Dd4XMa1XJ9keqY_JAvBkannd3dtg7bJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai_LE3S2rryBEWOQVE8EsHd1hi4DG-eYpfKnqGuhAbga6kWLg8AcERWAmqq0Gg2xcaynvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ChmPyxrVDE942u1ywTJ-2heUr2W-sa-SObDnJ6InZsQpLIPyFoVMq5G4dWAZeGGwwz0LEq8kKVxhzE5eE5hIO_9xwTH1eDd9ZwWIJCwWci43MxQvb59qojnyDYICA7biQ4W-QSDMdr0KCVV4X7DG8XtKe4kVMSO0m1cbjYLvpyq487kQPD7qPMfMEX5By_Xskui0bMBUl7GyYmSykju8kgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:38 GMT
content-type: text/javascript; charset=utf-8
content-length: 1231
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:38 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60455003;rtbwp=gTLwGrKuZpPg3kIWWEc2aazboUFQG3yp0;rtbdata=el6TqoVMDqYYHNHC3UN3KyUjXYGVkH3Q0iRlxJ8CJOTuxR8di5DB8xmhi8XDu_Q2kbIXjxaMCwYpZTW1Xj59Q7TvHPXZhNRfrh4D_Ks-riLJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpCVUwwTYEO8lHSgYC6ZfhIOXqZmw_CW-DovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=mbOA-WizNfF42u1ywTJ-2mG6Npu2up-2ZUw3_edo-aQvy-_EBH67fpG4dWAZeGGwwz0LEq8kKVyOC33FQEAmmPlJYawUJcsJKvla3mIPggzPCea_UgsOISKZRVlMkpzxQ8ISLCUjVigKw7yiTMftA9Icgsf88ZUvPgcyAutqISC487kQPD7qPMfMEX5By_Xskui0bMBUl7Hc8efWIe0wKAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.25200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60455003;rtbwp=gTLwGrKuZpPg3kIWWEc2aazboUFQG3yp0;rtbdata=el6TqoVMDqYYHNHC3UN3KyUjXYGVkH3Q0iRlxJ8CJOTuxR8di5DB8xmhi8XDu_Q2kbIXjxaMCwYpZTW1Xj59Q7TvHPXZhNRfrh4D_Ks-riLJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpCVUwwTYEO8lHSgYC6ZfhIOXqZmw_CW-DovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=mbOA-WizNfF42u1ywTJ-2mG6Npu2up-2ZUw3_edo-aQvy-_EBH67fpG4dWAZeGGwwz0LEq8kKVyOC33FQEAmmPlJYawUJcsJKvla3mIPggzPCea_UgsOISKZRVlMkpzxQ8ISLCUjVigKw7yiTMftA9Icgsf88ZUvPgcyAutqISC487kQPD7qPMfMEX5By_Xskui0bMBUl7Hc8efWIe0wKAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.25:0
File type ASCII text, with very long lines (844), with CRLF line terminators
Hash d3765424ff014fc276e93bccabdf1d89
962ece60006501a58d76a2911f116e78f538e8b9
bf61f23ea986911c8301df7651fe2d6d24008ba5c015b0df92c9cc4348318dd8
GET /adfscript/?bn=60455003;rtbwp=gTLwGrKuZpPg3kIWWEc2aazboUFQG3yp0;rtbdata=el6TqoVMDqYYHNHC3UN3KyUjXYGVkH3Q0iRlxJ8CJOTuxR8di5DB8xmhi8XDu_Q2kbIXjxaMCwYpZTW1Xj59Q7TvHPXZhNRfrh4D_Ks-riLJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpCVUwwTYEO8lHSgYC6ZfhIOXqZmw_CW-DovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=mbOA-WizNfF42u1ywTJ-2mG6Npu2up-2ZUw3_edo-aQvy-_EBH67fpG4dWAZeGGwwz0LEq8kKVyOC33FQEAmmPlJYawUJcsJKvla3mIPggzPCea_UgsOISKZRVlMkpzxQ8ISLCUjVigKw7yiTMftA9Icgsf88ZUvPgcyAutqISC487kQPD7qPMfMEX5By_Xskui0bMBUl7Hc8efWIe0wKAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:38 GMT
content-type: text/javascript; charset=utf-8
content-length: 1230
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:38 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/9O8VcKlZFo8
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/9O8VcKlZFo8
IP 142.250.74.131:0
Hash dd5310adc4762c4571779e97b83e8132
049e5c7e03c22eb9be2d57e05592b15956371fab
43766cd4d339bf8018072dc5a3b829ae66013ed75c06b622a751f2e97eb11b35
POST /s/gts1p5/9O8VcKlZFo8 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
services.sunmedia.tv/geotarget/geocity.php
51.91.154.17200 OK 409 B URL HTTP/1.1 services.sunmedia.tv/geotarget/geocity.php
IP 51.91.154.17:0
File type JSON data\012- , ASCII text, with very long lines (409), with no line terminators
Hash 53697d72e2376df96dd2968767666086
cb0769943d1491dcff89e5dfa4a873416d3a733b
4e1917c9fb7bebcacc074d36a7ca8cc394f9689ad8132006e050972c7ccfa2c9
GET /geotarget/geocity.php HTTP/1.1
Host: services.sunmedia.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://e8a288323d4121af32fd853bf9a0f0e0.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://e8a288323d4121af32fd853bf9a0f0e0.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 23:36:38 GMT
Content-Type: application/json
Content-Length: 409
Connection: keep-alive
Cache-control: max-age=0, s-maxage=3600
X-Device: mobile
Accept-Ranges: bytes
Age: 2184
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://e8a288323d4121af32fd853bf9a0f0e0.safeframe.googlesyndication.com
flashnetic.com/r/p.html?f=vntvizvk&e=1452924796601
54.230.111.81200 OK 9.9 kB URL HTTP/2 flashnetic.com/r/p.html?f=vntvizvk&e=1452924796601
IP 54.230.111.81:0
Hash 0c2b991747ff725418602ce38b0c9e63
162e673f5435a2d2b63fe0496d52b1e4c3f1e77a
41368e2d612e41924df9ac2c41c060c45982998dc9fd9f310095e3011673bf1f
GET /r/p.html?f=vntvizvk&e=1452924796601 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZR-CagdbF92I0Djd6dWsFUQhqP4bBn5Ci7Lndcq1yXLPYlAvyQAO7Q==
age: 65148
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=405
104.26.11.25200 OK 28 kB URL HTTP/2 cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=405
IP 104.26.11.25:0
File type ASCII text, with very long lines (55891), with no line terminators
Hash 5bb9aec15ffb53d6e940213587c09ab1
d12817894fd63be90e160b7e186a2ff0b8287352
4d4004d3970287c4000589e79d7d011900585a25399181db151d2fd3bb8804e0
GET /hadron.js?url=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=405 HTTP/1.1
Host: cdn.hadronid.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:38 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"2280e2148e4ee3c06f679f8fac039778"
last-modified: Fri, 18 Nov 2022 10:57:44 GMT
x-amz-id-2: AlHhfnaYFu7DcAqm/AZXcFZz8Z4At5Hcn9XqhUxeA24L5T6B/l+VTePOXZCvBx0dhJEtzYQ2PVA=
x-amz-request-id: FNK044PCM9Y7VVCR
cache-control: max-age=3600
cf-cache-status: HIT
age: 4606
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W43wzDLNanKzGN9rLW0OXWuk%2Bt7zyV0HJHi6GutmQ6Fp1zU6tDESBAFGcDNNNYBD1QpEfK%2FAzJuaY8nX5yOPY%2BBCuNBiun6xEbu15piLseUQ8rjzwf0JQG08q%2B1GNXOL5oY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7868c1a8de72b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3260d451945a130cd2d142b067464b4d
a540e1f498fd3aa9b062c4f94b09d4381620af07
9b18f8d76ec12ad3a03cff27ac0addff661d581ede42fde59969510df5813c9d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6223
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:38 GMT
Last-Modified: Sun, 08 Jan 2023 21:52:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3260d451945a130cd2d142b067464b4d
a540e1f498fd3aa9b062c4f94b09d4381620af07
9b18f8d76ec12ad3a03cff27ac0addff661d581ede42fde59969510df5813c9d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5324
Cache-Control: max-age=164481
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:38 GMT
Etag: "63bb1e3b-116"
Expires: Tue, 10 Jan 2023 21:17:59 GMT
Last-Modified: Sun, 08 Jan 2023 19:49:15 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 278
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F
162.55.236.225200 OK 155 B URL HTTP/2 sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F
IP 162.55.236.225:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 83609225295be3e30717a49527b481c6
4030a9e8b82362574fef7cf35481e9e9a6dfd4e9
a6e97f50a2705c103b8386411526abbc56df62556cb47397ba1e123c14bc169f
GET /bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F HTTP/1.1
Host: sync.richaudience.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.2
date: Sun, 08 Jan 2023 23:36:38 GMT
content-type: image/png
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60454987;rtbwp=gTLwGrKuZpPg3kIWWEc2aazboUFQG3yp0;rtbdata=R0qCEcXgZSFa2PtET8i7rPQJPHKQgnzCeCT-AIHGUspkgMdm9nOWGjZ9JNJrNRQTOwD_MoLW88EAJ2NSRlZOi36hH_2Q104Mc7SWIgtcFn_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpYpaJQyk9JytHSgYC6ZfhIOXqZmw_CW-DovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=FO6mKt3TuiN42u1ywTJ-2mG6Npu2up-2ZUw3_edo-aQvy-_EBH67fpG4dWAZeGGwwz0LEq8kKVwboy2LvreEkdwcePyWY-IMOCgKQPQDrjuncurC0MKdMXS2AosrhWhwhwx3PhdvHlotfKd7ffUr8kdPrTSVMW9nI-AfVZuOiYC487kQPD7qPMfMEX5By_Xskui0bMBUl7H7sq92WBEqVQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.25200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60454987;rtbwp=gTLwGrKuZpPg3kIWWEc2aazboUFQG3yp0;rtbdata=R0qCEcXgZSFa2PtET8i7rPQJPHKQgnzCeCT-AIHGUspkgMdm9nOWGjZ9JNJrNRQTOwD_MoLW88EAJ2NSRlZOi36hH_2Q104Mc7SWIgtcFn_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpYpaJQyk9JytHSgYC6ZfhIOXqZmw_CW-DovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=FO6mKt3TuiN42u1ywTJ-2mG6Npu2up-2ZUw3_edo-aQvy-_EBH67fpG4dWAZeGGwwz0LEq8kKVwboy2LvreEkdwcePyWY-IMOCgKQPQDrjuncurC0MKdMXS2AosrhWhwhwx3PhdvHlotfKd7ffUr8kdPrTSVMW9nI-AfVZuOiYC487kQPD7qPMfMEX5By_Xskui0bMBUl7H7sq92WBEqVQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.25:0
File type ASCII text, with very long lines (844), with CRLF line terminators
Hash ea7199adcf33ce0c5b8f46748368d9db
3d849fd1c86cf078f34bdbd66beff9291a3af3ed
fd638606752224c9d020fe8db2fb04972e8cea7df237d529bc5a7f47aad33609
GET /adfscript/?bn=60454987;rtbwp=gTLwGrKuZpPg3kIWWEc2aazboUFQG3yp0;rtbdata=R0qCEcXgZSFa2PtET8i7rPQJPHKQgnzCeCT-AIHGUspkgMdm9nOWGjZ9JNJrNRQTOwD_MoLW88EAJ2NSRlZOi36hH_2Q104Mc7SWIgtcFn_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpYpaJQyk9JytHSgYC6ZfhIOXqZmw_CW-DovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=FO6mKt3TuiN42u1ywTJ-2mG6Npu2up-2ZUw3_edo-aQvy-_EBH67fpG4dWAZeGGwwz0LEq8kKVwboy2LvreEkdwcePyWY-IMOCgKQPQDrjuncurC0MKdMXS2AosrhWhwhwx3PhdvHlotfKd7ffUr8kdPrTSVMW9nI-AfVZuOiYC487kQPD7qPMfMEX5By_Xskui0bMBUl7H7sq92WBEqVQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:39 GMT
content-type: text/javascript; charset=utf-8
content-length: 1224
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:39 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 1.1 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, max compression\012- data
Hash 507128542a5a12b8831eb70ec522b291
213a68b01cbc4c16dfd51af3216d2c085e57f192
0da3fee55434764218272fac419d9070c314c70918c27ced492a91c35a63b598
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "489E187DA2D5DA37658B40BAD195104377CF47E46EDAC056A63DA7CFA3BE7E85"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7185
Expires: Mon, 09 Jan 2023 01:36:24 GMT
Date: Sun, 08 Jan 2023 23:36:39 GMT
Connection: keep-alive
flashnetic.com/r/p.html?f=emhdmje&e=1452924796601
54.230.111.81200 OK 2.9 kB URL HTTP/2 flashnetic.com/r/p.html?f=emhdmje&e=1452924796601
IP 54.230.111.81:0
Hash 230a2e4bc31bed04e6fac1299ebf32c9
1c81501903eb78ba1195a5750b143d9e45a4095e
ab9e378457184a5e9566a3f60cd1f0e14b73460be39dbda62d9c9be170016cfd
GET /r/p.html?f=emhdmje&e=1452924796601 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PiOl8zCVTDBFrQm7mPM6tzIl1U1gHli3f9Jh37W55IfJk9ShtgHGVA==
age: 65148
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60455003;rtbwp=gTLwGrKuZpPg3kIWWEc2aazboUFQG3yp0;rtbdata=6hySndOYzXXUgBAk_x5YR8scLtG0LG3E-KFZ-P4eFRsjOrRSUrL9nzN9KlWqfrAl4vIw-3RNyman2acnl_7tb4uxNxVeUAMnakPp8AAiNQrJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpVLciPffYZ4VHSgYC6ZfhIOXqZmw_CW-DovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=EWf90gnRsn142u1ywTJ-2mG6Npu2up-2ZUw3_edo-aQvy-_EBH67fpG4dWAZeGGwwz0LEq8kKVzrY7YgkHTbHcGAER2HddSv0t6Pf6mAp1QmOefVCmjC1ljLUQ0iXRvpYwb2b41c17k4ZdMz_TYQgRAhsNnOZJYlkUp2eCtvET2487kQPD7qPMfMEX5By_Xskui0bMBUl7HFYYdfbg06qQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.25200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60455003;rtbwp=gTLwGrKuZpPg3kIWWEc2aazboUFQG3yp0;rtbdata=6hySndOYzXXUgBAk_x5YR8scLtG0LG3E-KFZ-P4eFRsjOrRSUrL9nzN9KlWqfrAl4vIw-3RNyman2acnl_7tb4uxNxVeUAMnakPp8AAiNQrJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpVLciPffYZ4VHSgYC6ZfhIOXqZmw_CW-DovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=EWf90gnRsn142u1ywTJ-2mG6Npu2up-2ZUw3_edo-aQvy-_EBH67fpG4dWAZeGGwwz0LEq8kKVzrY7YgkHTbHcGAER2HddSv0t6Pf6mAp1QmOefVCmjC1ljLUQ0iXRvpYwb2b41c17k4ZdMz_TYQgRAhsNnOZJYlkUp2eCtvET2487kQPD7qPMfMEX5By_Xskui0bMBUl7HFYYdfbg06qQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.25:0
File type ASCII text, with very long lines (844), with CRLF line terminators
Hash 64a93e2e5eb671655e765346945ec86a
5cd471537bfad455095b87e8eb67b4d211c15e36
a1dd377e277dfad14a0d3d53e8d934ce44317df48cd28440ac660ec89c366759
GET /adfscript/?bn=60455003;rtbwp=gTLwGrKuZpPg3kIWWEc2aazboUFQG3yp0;rtbdata=6hySndOYzXXUgBAk_x5YR8scLtG0LG3E-KFZ-P4eFRsjOrRSUrL9nzN9KlWqfrAl4vIw-3RNyman2acnl_7tb4uxNxVeUAMnakPp8AAiNQrJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpVLciPffYZ4VHSgYC6ZfhIOXqZmw_CW-DovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=EWf90gnRsn142u1ywTJ-2mG6Npu2up-2ZUw3_edo-aQvy-_EBH67fpG4dWAZeGGwwz0LEq8kKVzrY7YgkHTbHcGAER2HddSv0t6Pf6mAp1QmOefVCmjC1ljLUQ0iXRvpYwb2b41c17k4ZdMz_TYQgRAhsNnOZJYlkUp2eCtvET2487kQPD7qPMfMEX5By_Xskui0bMBUl7HFYYdfbg06qQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:39 GMT
content-type: text/javascript; charset=utf-8
content-length: 1225
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:39 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=ddfrrzpcb&e=1452924796601
54.230.111.81200 OK 2.4 kB URL HTTP/2 flashnetic.com/r/p.html?f=ddfrrzpcb&e=1452924796601
IP 54.230.111.81:0
Hash 377490aa093dc7a3fe2cc8dacd8477af
b0a71d3f79c5e12b218c7121ab94c0e7b73f5cf0
29d2f2897e2fcf229bd457ab2c8e2ea16172475b2ce85767254dae1e3c6e6fff
GET /r/p.html?f=ddfrrzpcb&e=1452924796601 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4wda1QUNRYAbEB_WaHC07CyejTrw99pGXvhGkiOChbNdvIssTEz9Qw==
age: 65148
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=xqfegksxi&e=1452924796601
54.230.111.81200 OK 2.4 kB URL HTTP/2 flashnetic.com/r/p.html?f=xqfegksxi&e=1452924796601
IP 54.230.111.81:0
Hash 0d7bb7828869616e0856c4ed45bdcfe6
0129382ecf3827f12b3a96c3a7b7909d181a47a8
b101ff1583cc66c1848d0a264bc5bca0502a30918c060937590d50744e1cd4fd
GET /r/p.html?f=xqfegksxi&e=1452924796601 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4XJiCVPxGqr3kp6JxPDNgvZiWtAAj9WGJXUZdOSHpnvI6eviegielg==
age: 65148
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=dxoq_OnbpV76pD3KpCg-FqzboUFQG3yp0;rtbdata=R0qCEcXgZSFVE83qZ4Bk1mbBNGhSz8KcH3j9hfNYlznIW5o_NFfjepEOAGbjPBIs9QWR371xKcoFk4_FiaoxKO3RS6cVtVuGSr50LyYIdl3JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai8iszpewbGPtWOQVE8EsHd1hi4DG-eYpfKnqGuhAbga6kWLg8AcERWAmqq0Gg2xcaynvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=yidNCiXlTEp42u1ywTJ-2heUr2W-sa-SObDnJ6InZsQpLIPyFoVMq5G4dWAZeGGwwz0LEq8kKVxHKwTZhBEcIdbDhRLY1uHEvcmy-cXv_BrwVY-7y7eDqwes5PO7qX744bgQ8aocl8dVgGgaSuQhvyx80tCeFjiogXhsS6uNNPS487kQPD7qPMfMEX5By_Xskui0bMBUl7G8DKPTRB1CuwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=1x;6173;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.4.25200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=dxoq_OnbpV76pD3KpCg-FqzboUFQG3yp0;rtbdata=R0qCEcXgZSFVE83qZ4Bk1mbBNGhSz8KcH3j9hfNYlznIW5o_NFfjepEOAGbjPBIs9QWR371xKcoFk4_FiaoxKO3RS6cVtVuGSr50LyYIdl3JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai8iszpewbGPtWOQVE8EsHd1hi4DG-eYpfKnqGuhAbga6kWLg8AcERWAmqq0Gg2xcaynvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=yidNCiXlTEp42u1ywTJ-2heUr2W-sa-SObDnJ6InZsQpLIPyFoVMq5G4dWAZeGGwwz0LEq8kKVxHKwTZhBEcIdbDhRLY1uHEvcmy-cXv_BrwVY-7y7eDqwes5PO7qX744bgQ8aocl8dVgGgaSuQhvyx80tCeFjiogXhsS6uNNPS487kQPD7qPMfMEX5By_Xskui0bMBUl7G8DKPTRB1CuwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=1x;6173;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.4.25:0
File type ASCII text, with very long lines (4214), with CRLF line terminators
Hash a1ea7816c8b1e97e2b7d84a868fef3ea
1ef2558bc6efe9e12e29508b0a77648d1b9cea85
eb9aa493d0921acd59d0ca0e45c4377948ce9af5473efb33b16cca119370495f
GET /adfserve/?CC=1&bn=60454987;rtbwp=dxoq_OnbpV76pD3KpCg-FqzboUFQG3yp0;rtbdata=R0qCEcXgZSFVE83qZ4Bk1mbBNGhSz8KcH3j9hfNYlznIW5o_NFfjepEOAGbjPBIs9QWR371xKcoFk4_FiaoxKO3RS6cVtVuGSr50LyYIdl3JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai8iszpewbGPtWOQVE8EsHd1hi4DG-eYpfKnqGuhAbga6kWLg8AcERWAmqq0Gg2xcaynvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=yidNCiXlTEp42u1ywTJ-2heUr2W-sa-SObDnJ6InZsQpLIPyFoVMq5G4dWAZeGGwwz0LEq8kKVxHKwTZhBEcIdbDhRLY1uHEvcmy-cXv_BrwVY-7y7eDqwes5PO7qX744bgQ8aocl8dVgGgaSuQhvyx80tCeFjiogXhsS6uNNPS487kQPD7qPMfMEX5By_Xskui0bMBUl7G8DKPTRB1CuwO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=1x;6173;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:39 GMT
content-type: text/javascript; charset=utf-8
content-length: 3186
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60454987A502848A10148559A84999; domain=adform.net; expires=Mon, 09-Jan-2023 23:36:39 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=dxoq_OnbpV76pD3KpCg-FqzboUFQG3yp0;rtbdata=KEfFc34P3_1fdLkKXjakTAAvjBIgR29qbiPmyvYgqLmw_Pymg2oPUzN9KlWqfrAlDG4NzZKw3C-J1Dd4XMa1XJ9keqY_JAvBkannd3dtg7bJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai_LE3S2rryBEWOQVE8EsHd1hi4DG-eYpfKnqGuhAbga6kWLg8AcERWAmqq0Gg2xcaynvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ChmPyxrVDE942u1ywTJ-2heUr2W-sa-SObDnJ6InZsQpLIPyFoVMq5G4dWAZeGGwwz0LEq8kKVxhzE5eE5hIO_9xwTH1eDd9ZwWIJCwWci43MxQvb59qojnyDYICA7biQ4W-QSDMdr0KCVV4X7DG8XtKe4kVMSO0m1cbjYLvpyq487kQPD7qPMfMEX5By_Xskui0bMBUl7GyYmSykju8kgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=2x;10734;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.4.25200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=dxoq_OnbpV76pD3KpCg-FqzboUFQG3yp0;rtbdata=KEfFc34P3_1fdLkKXjakTAAvjBIgR29qbiPmyvYgqLmw_Pymg2oPUzN9KlWqfrAlDG4NzZKw3C-J1Dd4XMa1XJ9keqY_JAvBkannd3dtg7bJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai_LE3S2rryBEWOQVE8EsHd1hi4DG-eYpfKnqGuhAbga6kWLg8AcERWAmqq0Gg2xcaynvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ChmPyxrVDE942u1ywTJ-2heUr2W-sa-SObDnJ6InZsQpLIPyFoVMq5G4dWAZeGGwwz0LEq8kKVxhzE5eE5hIO_9xwTH1eDd9ZwWIJCwWci43MxQvb59qojnyDYICA7biQ4W-QSDMdr0KCVV4X7DG8XtKe4kVMSO0m1cbjYLvpyq487kQPD7qPMfMEX5By_Xskui0bMBUl7GyYmSykju8kgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=2x;10734;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.4.25:0
File type ASCII text, with very long lines (4214), with CRLF line terminators
Hash 972fb18bfb220a7e2eef8f424b03ce3f
d1ba786264965c93a3ac8c7368fb95b144cb3d23
ab3d659982c61bdf7e829d6129bd25dd72aa3c7327dfddcc9d6f266458f4b3b2
GET /adfserve/?CC=1&bn=60455003;rtbwp=dxoq_OnbpV76pD3KpCg-FqzboUFQG3yp0;rtbdata=KEfFc34P3_1fdLkKXjakTAAvjBIgR29qbiPmyvYgqLmw_Pymg2oPUzN9KlWqfrAlDG4NzZKw3C-J1Dd4XMa1XJ9keqY_JAvBkannd3dtg7bJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai_LE3S2rryBEWOQVE8EsHd1hi4DG-eYpfKnqGuhAbga6kWLg8AcERWAmqq0Gg2xcaynvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ChmPyxrVDE942u1ywTJ-2heUr2W-sa-SObDnJ6InZsQpLIPyFoVMq5G4dWAZeGGwwz0LEq8kKVxhzE5eE5hIO_9xwTH1eDd9ZwWIJCwWci43MxQvb59qojnyDYICA7biQ4W-QSDMdr0KCVV4X7DG8XtKe4kVMSO0m1cbjYLvpyq487kQPD7qPMfMEX5By_Xskui0bMBUl7GyYmSykju8kgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=2x;10734;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:39 GMT
content-type: text/javascript; charset=utf-8
content-length: 3186
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60455003A502848A10148559A84999; domain=adform.net; expires=Mon, 09-Jan-2023 23:36:39 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=gTLwGrKuZpPg3kIWWEc2aazboUFQG3yp0;rtbdata=el6TqoVMDqYYHNHC3UN3KyUjXYGVkH3Q0iRlxJ8CJOTuxR8di5DB8xmhi8XDu_Q2kbIXjxaMCwYpZTW1Xj59Q7TvHPXZhNRfrh4D_Ks-riLJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpCVUwwTYEO8lHSgYC6ZfhIOXqZmw_CW-DovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=mbOA-WizNfF42u1ywTJ-2mG6Npu2up-2ZUw3_edo-aQvy-_EBH67fpG4dWAZeGGwwz0LEq8kKVyOC33FQEAmmPlJYawUJcsJKvla3mIPggzPCea_UgsOISKZRVlMkpzxQ8ISLCUjVigKw7yiTMftA9Icgsf88ZUvPgcyAutqISC487kQPD7qPMfMEX5By_Xskui0bMBUl7Hc8efWIe0wKAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=3x;7140;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.4.25200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=gTLwGrKuZpPg3kIWWEc2aazboUFQG3yp0;rtbdata=el6TqoVMDqYYHNHC3UN3KyUjXYGVkH3Q0iRlxJ8CJOTuxR8di5DB8xmhi8XDu_Q2kbIXjxaMCwYpZTW1Xj59Q7TvHPXZhNRfrh4D_Ks-riLJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpCVUwwTYEO8lHSgYC6ZfhIOXqZmw_CW-DovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=mbOA-WizNfF42u1ywTJ-2mG6Npu2up-2ZUw3_edo-aQvy-_EBH67fpG4dWAZeGGwwz0LEq8kKVyOC33FQEAmmPlJYawUJcsJKvla3mIPggzPCea_UgsOISKZRVlMkpzxQ8ISLCUjVigKw7yiTMftA9Icgsf88ZUvPgcyAutqISC487kQPD7qPMfMEX5By_Xskui0bMBUl7Hc8efWIe0wKAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=3x;7140;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.4.25:0
File type ASCII text, with very long lines (4181), with CRLF line terminators
Hash c7d0a03e32b8cc3cfd88afeec938b1c7
4691798ef0e1f2aec9480f0124e1439d8d4f39c2
49bf75b38f57783bdfdad455e208bbd6a5f68aff8391821730c0935e18f8a830
GET /adfserve/?CC=1&bn=60455003;rtbwp=gTLwGrKuZpPg3kIWWEc2aazboUFQG3yp0;rtbdata=el6TqoVMDqYYHNHC3UN3KyUjXYGVkH3Q0iRlxJ8CJOTuxR8di5DB8xmhi8XDu_Q2kbIXjxaMCwYpZTW1Xj59Q7TvHPXZhNRfrh4D_Ks-riLJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpCVUwwTYEO8lHSgYC6ZfhIOXqZmw_CW-DovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=mbOA-WizNfF42u1ywTJ-2mG6Npu2up-2ZUw3_edo-aQvy-_EBH67fpG4dWAZeGGwwz0LEq8kKVyOC33FQEAmmPlJYawUJcsJKvla3mIPggzPCea_UgsOISKZRVlMkpzxQ8ISLCUjVigKw7yiTMftA9Icgsf88ZUvPgcyAutqISC487kQPD7qPMfMEX5By_Xskui0bMBUl7Hc8efWIe0wKAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=3x;7140;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:39 GMT
content-type: text/javascript; charset=utf-8
content-length: 3187
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60455003A502848A10148559A84999; domain=adform.net; expires=Mon, 09-Jan-2023 23:36:39 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60455003;rtbwp=gTLwGrKuZpPg3kIWWEc2aazboUFQG3yp0;rtbdata=el6TqoVMDqazkfyrvz6A79uBr0Uqd_W_4p9JcqXmTBA8Zr1IvQK_D32yRoDgrbSg1cvMUQUu3RiMDxfiIKz2cSxBIFfEAXIzHUzlIOKCWd7JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpubsM2lAZNtxHSgYC6ZfhIOXqZmw_CW-DovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ofSwflq73CF42u1ywTJ-2mG6Npu2up-2ZUw3_edo-aQvy-_EBH67fpG4dWAZeGGwwz0LEq8kKVym98aBW2DxkCOXXmRseAL4hPeoaBhkcPteNiT9xNzHbPWLcJwfMNRA6wxgXOT7HlsbeAPb32IOrykArZRySSYya8OPNPmvffy487kQPD7qPMfMEX5By_Xskui0bMBUl7G6h1Y2esLfuAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.25200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60455003;rtbwp=gTLwGrKuZpPg3kIWWEc2aazboUFQG3yp0;rtbdata=el6TqoVMDqazkfyrvz6A79uBr0Uqd_W_4p9JcqXmTBA8Zr1IvQK_D32yRoDgrbSg1cvMUQUu3RiMDxfiIKz2cSxBIFfEAXIzHUzlIOKCWd7JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpubsM2lAZNtxHSgYC6ZfhIOXqZmw_CW-DovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ofSwflq73CF42u1ywTJ-2mG6Npu2up-2ZUw3_edo-aQvy-_EBH67fpG4dWAZeGGwwz0LEq8kKVym98aBW2DxkCOXXmRseAL4hPeoaBhkcPteNiT9xNzHbPWLcJwfMNRA6wxgXOT7HlsbeAPb32IOrykArZRySSYya8OPNPmvffy487kQPD7qPMfMEX5By_Xskui0bMBUl7G6h1Y2esLfuAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.25:0
File type ASCII text, with very long lines (844), with CRLF line terminators
Hash ee6b175c926ddb89049b2ef8f5a3766d
427d49ebf31929944276e05aa0101e9401b67789
5075b1a5dd36140d385e3f846cc790ba8f81e650bcf89dc7d1b72765069f7fae
GET /adfscript/?bn=60455003;rtbwp=gTLwGrKuZpPg3kIWWEc2aazboUFQG3yp0;rtbdata=el6TqoVMDqazkfyrvz6A79uBr0Uqd_W_4p9JcqXmTBA8Zr1IvQK_D32yRoDgrbSg1cvMUQUu3RiMDxfiIKz2cSxBIFfEAXIzHUzlIOKCWd7JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpubsM2lAZNtxHSgYC6ZfhIOXqZmw_CW-DovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ofSwflq73CF42u1ywTJ-2mG6Npu2up-2ZUw3_edo-aQvy-_EBH67fpG4dWAZeGGwwz0LEq8kKVym98aBW2DxkCOXXmRseAL4hPeoaBhkcPteNiT9xNzHbPWLcJwfMNRA6wxgXOT7HlsbeAPb32IOrykArZRySSYya8OPNPmvffy487kQPD7qPMfMEX5By_Xskui0bMBUl7G6h1Y2esLfuAO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:39 GMT
content-type: text/javascript; charset=utf-8
content-length: 1220
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:39 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=yyulhprf&e=1452924796601
54.230.111.81200 OK 323 kB URL HTTP/2 flashnetic.com/r/p.html?f=yyulhprf&e=1452924796601
IP 54.230.111.81:0
Size 323 kB (322901 bytes)
Hash 4b6d364bcdee4f11ab684982dbd9303c
5222ddac6faf828be309cc6d8e3bb39284f7ed90
8a4ff471288cd86b61d254d25b4603b2d3c3172d56467347676e9a27de4caa73
GET /r/p.html?f=yyulhprf&e=1452924796601 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AY7pYXxlVt3eVELrxMe68uJcTqyOxRVsgJ354LVG4UH7A8ULgW87Kw==
age: 65148
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019
216.58.211.3200 OK 14 kB URL HTTP/2 www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019
IP 216.58.211.3:0
File type C++ source, ASCII text, with very long lines (1833)
Hash 5ecfc563c0b88ed44090a2776f05c75e
ec0d2777673e0efcb3b5e4c252c4cb4e248eba19
046597e9372e67a235803498661594732aad533d42cf89afe2ef3994a2b1a60f
GET /mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12a207b443337f2c1864442f10963172.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 14307
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 02:18:40 GMT
expires: Wed, 05 Apr 2023 02:18:40 GMT
cache-control: public, max-age=7776000
age: 335879
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8tpjrmImYZwEn6UUX0DCNmMbd81KdOLk0JpihfnVim6l-nXkBteTN-I3LcbTpHoBlmZJL8nm_jCYeG0PqwKrj9VEdP1JoS96JOprEbLVurHLh7UlUcU-qqdUBYB2vf-p-E1OwTnzU6MsIRlAEPYZ2Y6qHg4VMM8WQ8jOxuaUFbO3091k&dbm_d=AKAmf-BBzjfhxMm9nC97kCaVB2Q_VsSHEuox6Y-XyVPcVR0OuSd7_oXdpl3cX0_FlDpipxb8CDiz8-hT2-5NFQdVZM637zdyYV9V2Hfc16p4JPz9i8GRsblk5cQg9LVgPpyAelq4wP6-bt5CNsX_HYvTrgGEIo7HNXab0qVmAJMjIyZ633WpdZWmKQM7xQHuj2buo9NKEaRSCm_bjtLMCwketsbCotNkjvt4EdcBf02iB-lszSIqzB-uhKoK3tudA-yDDWL7Ci3pXiMvF88vfm6BJWCes6qiTIsP2zhkYR7xph9r_Y2sazf4SlXoR1jjfceFRxMZB4LHMmRRF8fzc-7LrDo6rwl1Ch_N8Vob0TjQF9MsgNA1bruymxXCeRJoug4fGWeHo3KnpCcHVwNKubkgbd3TbZcbxnL921kL_rP5xyv7LQ3VzUXSjd-UHoKBNy91BtRevkA5F9QyJ71ydoRRxs51TEzfv7GOFYJHpII8ntYnZ9Oi8_xxSJaBvkPRKlqyUO41vSBscNy62XQbVLUSl6Et80MM3gG2zjG0w4nMIVvy8LV_Z-1ylj8Uqb1SeOgj69t-ObJExN1iUELVH9PldhWiOeuDVDGbLip1E1008b_YJCJHXqU6oUy7mWUMbDB9ZRY_0VyoxfErnf62A6xUpx7l8g4WuOiml4jaG9DxUTwSXwt6bik0Z5s5qci_MoVBom9LMvzsiBqi-G1D4HDs3TDcy9OfEdcEmxTmEGwZ_naWnDf-ANpj1yntuG27ibZFUoK5sn5b4SYcNNJpCFZnzeCjvsZekihNqWnJs3xfZMQFesgvaegbvfsXLQ07xtyPd7YABVSe8kS75UwqroNU5yMH3l4XldOzU_sS6efd1Dv4T8aCbSfN2j8fGdg0pCwXUdkCG2X6nvtuxof-NRuiDtL4uNZR_wwKqWP1IY9mHwjy0FosjcUMv52YOJXH1QT2sbQLwLxGi1B4p17LBoCgKmzDYDjXU7wesRAiMzK5q-NdEp1qExW0sZourqmjARgMaiXvwkrtIE4GhDQlGtDZgfgwotBiRkfVgn7TETWk0cG3DZDI1C_bPpAItwJtniVS5W6jTvPDyd_lae2Z1wYnUKqw_BkV2uL4kjqunWnWsMlasDyJdLtKd5h_WXuA0c9n2pPfb1BR4J3Fod_svkxJq6E1SfVPWTdqeRjVxH-sktIz0kYFrdEVpsQZs0PhSIIa5QLgxKtbyGOS9eMC6ETWwApK4yehMl4phtrUGjwMkkbvF5zZL3cdaU0xJtObav5HI7jd3RUlzSzQsKXAG3U-2vzU2G-nCtZbCphOLjcpujyAjgWhLjExy7e9-3KAAAlD0ogbtS6h2sC30KqKmaMuExcLKyIuKBX6Ui9dhE5LZKsC74l1obH-HZnw1u5mJXuifl8wS0g072skbg3Q3fsrnDE-6hxIvTeOxc-nz3OO5_xUFjGIb3YVFKRFKSloWJ1S7F45RuDxjofPAZdk8Fj07jgXpwIKwFIWCjmHkfbs2yJz3YsK5K8do5Bu2vbkelSdLTjXVwuwtmM-XBV3Bmrh3OSQhrtmaSdh_WM5zxAyrahov-S_kMhjrikfKG6uMl201bAeX7tq2M76nbvdI1vB6ZOtIoEbr0C3Imsbo7Slbzmyz9S7lEFiIv_Ao7v8Hma1HQAEaAW1L3ThgrGHmjVD4VkE232qvc2zIL62ssX0KJiPsjI4c_6iCy-MpYd2DUfeyAuQZ28ceJK0l8nx-jzM0c4sHclyPUytmkoMSq6G34zOw2IxB_otpwbSwMK6VLW8TovNOMK5lOBoH7VikvKusADArrsdOAgtzKPvB_gFq6d9KsH7u_w788C-uZTu5176kGre_1S4NKgu90MJXlxK-xGDoyto2gX9uruytCwNdgCdrbyG3n-mKCWnMugyHfTWbK6Za-Ark3F9IZDSPXcWXc-jzJl_975zdz57cO8WOoEkmF3wiPVAdRlCQrjVBuMgi7niM3vkE-FD45bnAaIh828zKaUPL_KTRfdKs18ijcsU0bz3iGCzMxAkGQ9PXD4fOwvD0hV_NernigNhRnwvqQ4as9yFacNuBXfrlh7BfHc1G_kERdtAgIEmO7P6HvdUFtdbGZAp7NEcnPcPVHljUkjZhcWLYu9jJiDo-tft90BVxG1x4k4H1mZtzATR93eVzEoSc9a2FzN_hwa8kXJmQeVn4gyzBViKjdTKDvyXOxbz4CQU1_jH5U_IIgaxO3WEpVIXl--ZOg9BbJwdoBYfx6OJtscHXY4bjZgCiYsDzh0XojMZgqT6zJ4DxOKNwsrHNGNevwGW4JE7jNxZA1U3WMQN1uWIDuAMad5fEfX3StCoAkd6g0Jxf_2v-dH0C0F04tvmTGqg5O-dQh44u-ZVRvRkBrgLvG6II1K7UggafT5I4MYZnPFHzuw0vfMl94lYh1Pv6B20Sp0HSA5lFaOexuauXF8896HxD_EyfUygBVuavE9oZ6zTutsuE6XgobhU4Rwu1CdTVtlhkbHt614OLjvTfMOvGskzsn3GwIdwLUlKMRr4slnU-NCkLfshrRgSM4yBXyOYS6nQ-HEOzvINDA6jF-MoxFsYt3x2946_3E-aZnIv1ZrxBPDMpObF_B8qWhXjqYFqosrWBGf-fEI2NTQ7g8YJtsWZALZo5QaYiqOCgBizyarv1CNsJ5pBNjyYsDlNajSdOgZHDKahdBTWRDBmDqepoyPcK_1mgfp6NVqmgqmgIcNp00oijkzl8wAroKsaurEXboenJooqVrARRBQh6NwWj8E-Gug-dcN9KrsjK5WpFzXfVJhvDo_6GwQWBnB8wlJ4sTCp87CGcyHpUfsv-JlP9ZWluAKhIf2XRKlzkWn6GQfsUo8X5jIcK87BrloZgvcCF9Mpdc013jHpl5RWz6ZfALXeNn2Jkqf3EgajQAuLa9C2XDRJkuAf3cVcggcnbQqi7duo1tadLzcHrQaQRWFE4hVu95k7byZ6Y043E2ybAl6qed5pEK8TeNx8nhUQcRUtdqjLsKCbimkx-TkoM11iZOrBGaTURCnqihPmBQbkMJ_8zih_CCkz9xVfPMUqEnNteIXdlObQK-vm0Lgjvkn3Eh3AD-MiOxhnYPXNP_PP4Q8lDLKbTU66rrPYU7CLG-idMwaAXy-rNUfT6ROULfkTGiRVA8KETtieWuNkNHhrB7UIGnIXf0pN2yxVluuViU2kmwah8JMOqNNxF7iD1CvC9yr84qvcuEHn9pTHlxhxSGKE3SdmL6N0lGSvU7_96Co0AqhxIkJ2JwlvB3Q5VofAArQx1BjS-qkpWznIma4QO7_kgNWJ-ei7d2cxi3yjf3mYAPqWIPP0a9uLUkbvjmBvnbbW12vZ4lYrd262UKjh6Ms&cid=CAQSTADq26N9RC4TZp0lEfew7ivAV_RuQEIFO5DitIZDhy-4PcPu24XOoYZxpZI2KX4d6aTDx3Hf46AE4vAsTDLI6wNeTpK-sjgydyLBdl0YASAT&dc_exteid=3655984123700378753&dc_pubid=4
142.250.74.66200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8tpjrmImYZwEn6UUX0DCNmMbd81KdOLk0JpihfnVim6l-nXkBteTN-I3LcbTpHoBlmZJL8nm_jCYeG0PqwKrj9VEdP1JoS96JOprEbLVurHLh7UlUcU-qqdUBYB2vf-p-E1OwTnzU6MsIRlAEPYZ2Y6qHg4VMM8WQ8jOxuaUFbO3091k&dbm_d=AKAmf-BBzjfhxMm9nC97kCaVB2Q_VsSHEuox6Y-XyVPcVR0OuSd7_oXdpl3cX0_FlDpipxb8CDiz8-hT2-5NFQdVZM637zdyYV9V2Hfc16p4JPz9i8GRsblk5cQg9LVgPpyAelq4wP6-bt5CNsX_HYvTrgGEIo7HNXab0qVmAJMjIyZ633WpdZWmKQM7xQHuj2buo9NKEaRSCm_bjtLMCwketsbCotNkjvt4EdcBf02iB-lszSIqzB-uhKoK3tudA-yDDWL7Ci3pXiMvF88vfm6BJWCes6qiTIsP2zhkYR7xph9r_Y2sazf4SlXoR1jjfceFRxMZB4LHMmRRF8fzc-7LrDo6rwl1Ch_N8Vob0TjQF9MsgNA1bruymxXCeRJoug4fGWeHo3KnpCcHVwNKubkgbd3TbZcbxnL921kL_rP5xyv7LQ3VzUXSjd-UHoKBNy91BtRevkA5F9QyJ71ydoRRxs51TEzfv7GOFYJHpII8ntYnZ9Oi8_xxSJaBvkPRKlqyUO41vSBscNy62XQbVLUSl6Et80MM3gG2zjG0w4nMIVvy8LV_Z-1ylj8Uqb1SeOgj69t-ObJExN1iUELVH9PldhWiOeuDVDGbLip1E1008b_YJCJHXqU6oUy7mWUMbDB9ZRY_0VyoxfErnf62A6xUpx7l8g4WuOiml4jaG9DxUTwSXwt6bik0Z5s5qci_MoVBom9LMvzsiBqi-G1D4HDs3TDcy9OfEdcEmxTmEGwZ_naWnDf-ANpj1yntuG27ibZFUoK5sn5b4SYcNNJpCFZnzeCjvsZekihNqWnJs3xfZMQFesgvaegbvfsXLQ07xtyPd7YABVSe8kS75UwqroNU5yMH3l4XldOzU_sS6efd1Dv4T8aCbSfN2j8fGdg0pCwXUdkCG2X6nvtuxof-NRuiDtL4uNZR_wwKqWP1IY9mHwjy0FosjcUMv52YOJXH1QT2sbQLwLxGi1B4p17LBoCgKmzDYDjXU7wesRAiMzK5q-NdEp1qExW0sZourqmjARgMaiXvwkrtIE4GhDQlGtDZgfgwotBiRkfVgn7TETWk0cG3DZDI1C_bPpAItwJtniVS5W6jTvPDyd_lae2Z1wYnUKqw_BkV2uL4kjqunWnWsMlasDyJdLtKd5h_WXuA0c9n2pPfb1BR4J3Fod_svkxJq6E1SfVPWTdqeRjVxH-sktIz0kYFrdEVpsQZs0PhSIIa5QLgxKtbyGOS9eMC6ETWwApK4yehMl4phtrUGjwMkkbvF5zZL3cdaU0xJtObav5HI7jd3RUlzSzQsKXAG3U-2vzU2G-nCtZbCphOLjcpujyAjgWhLjExy7e9-3KAAAlD0ogbtS6h2sC30KqKmaMuExcLKyIuKBX6Ui9dhE5LZKsC74l1obH-HZnw1u5mJXuifl8wS0g072skbg3Q3fsrnDE-6hxIvTeOxc-nz3OO5_xUFjGIb3YVFKRFKSloWJ1S7F45RuDxjofPAZdk8Fj07jgXpwIKwFIWCjmHkfbs2yJz3YsK5K8do5Bu2vbkelSdLTjXVwuwtmM-XBV3Bmrh3OSQhrtmaSdh_WM5zxAyrahov-S_kMhjrikfKG6uMl201bAeX7tq2M76nbvdI1vB6ZOtIoEbr0C3Imsbo7Slbzmyz9S7lEFiIv_Ao7v8Hma1HQAEaAW1L3ThgrGHmjVD4VkE232qvc2zIL62ssX0KJiPsjI4c_6iCy-MpYd2DUfeyAuQZ28ceJK0l8nx-jzM0c4sHclyPUytmkoMSq6G34zOw2IxB_otpwbSwMK6VLW8TovNOMK5lOBoH7VikvKusADArrsdOAgtzKPvB_gFq6d9KsH7u_w788C-uZTu5176kGre_1S4NKgu90MJXlxK-xGDoyto2gX9uruytCwNdgCdrbyG3n-mKCWnMugyHfTWbK6Za-Ark3F9IZDSPXcWXc-jzJl_975zdz57cO8WOoEkmF3wiPVAdRlCQrjVBuMgi7niM3vkE-FD45bnAaIh828zKaUPL_KTRfdKs18ijcsU0bz3iGCzMxAkGQ9PXD4fOwvD0hV_NernigNhRnwvqQ4as9yFacNuBXfrlh7BfHc1G_kERdtAgIEmO7P6HvdUFtdbGZAp7NEcnPcPVHljUkjZhcWLYu9jJiDo-tft90BVxG1x4k4H1mZtzATR93eVzEoSc9a2FzN_hwa8kXJmQeVn4gyzBViKjdTKDvyXOxbz4CQU1_jH5U_IIgaxO3WEpVIXl--ZOg9BbJwdoBYfx6OJtscHXY4bjZgCiYsDzh0XojMZgqT6zJ4DxOKNwsrHNGNevwGW4JE7jNxZA1U3WMQN1uWIDuAMad5fEfX3StCoAkd6g0Jxf_2v-dH0C0F04tvmTGqg5O-dQh44u-ZVRvRkBrgLvG6II1K7UggafT5I4MYZnPFHzuw0vfMl94lYh1Pv6B20Sp0HSA5lFaOexuauXF8896HxD_EyfUygBVuavE9oZ6zTutsuE6XgobhU4Rwu1CdTVtlhkbHt614OLjvTfMOvGskzsn3GwIdwLUlKMRr4slnU-NCkLfshrRgSM4yBXyOYS6nQ-HEOzvINDA6jF-MoxFsYt3x2946_3E-aZnIv1ZrxBPDMpObF_B8qWhXjqYFqosrWBGf-fEI2NTQ7g8YJtsWZALZo5QaYiqOCgBizyarv1CNsJ5pBNjyYsDlNajSdOgZHDKahdBTWRDBmDqepoyPcK_1mgfp6NVqmgqmgIcNp00oijkzl8wAroKsaurEXboenJooqVrARRBQh6NwWj8E-Gug-dcN9KrsjK5WpFzXfVJhvDo_6GwQWBnB8wlJ4sTCp87CGcyHpUfsv-JlP9ZWluAKhIf2XRKlzkWn6GQfsUo8X5jIcK87BrloZgvcCF9Mpdc013jHpl5RWz6ZfALXeNn2Jkqf3EgajQAuLa9C2XDRJkuAf3cVcggcnbQqi7duo1tadLzcHrQaQRWFE4hVu95k7byZ6Y043E2ybAl6qed5pEK8TeNx8nhUQcRUtdqjLsKCbimkx-TkoM11iZOrBGaTURCnqihPmBQbkMJ_8zih_CCkz9xVfPMUqEnNteIXdlObQK-vm0Lgjvkn3Eh3AD-MiOxhnYPXNP_PP4Q8lDLKbTU66rrPYU7CLG-idMwaAXy-rNUfT6ROULfkTGiRVA8KETtieWuNkNHhrB7UIGnIXf0pN2yxVluuViU2kmwah8JMOqNNxF7iD1CvC9yr84qvcuEHn9pTHlxhxSGKE3SdmL6N0lGSvU7_96Co0AqhxIkJ2JwlvB3Q5VofAArQx1BjS-qkpWznIma4QO7_kgNWJ-ei7d2cxi3yjf3mYAPqWIPP0a9uLUkbvjmBvnbbW12vZ4lYrd262UKjh6Ms&cid=CAQSTADq26N9RC4TZp0lEfew7ivAV_RuQEIFO5DitIZDhy-4PcPu24XOoYZxpZI2KX4d6aTDx3Hf46AE4vAsTDLI6wNeTpK-sjgydyLBdl0YASAT&dc_exteid=3655984123700378753&dc_pubid=4
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /dbm/ad?dbm_c=AKAmf-C8tpjrmImYZwEn6UUX0DCNmMbd81KdOLk0JpihfnVim6l-nXkBteTN-I3LcbTpHoBlmZJL8nm_jCYeG0PqwKrj9VEdP1JoS96JOprEbLVurHLh7UlUcU-qqdUBYB2vf-p-E1OwTnzU6MsIRlAEPYZ2Y6qHg4VMM8WQ8jOxuaUFbO3091k&dbm_d=AKAmf-BBzjfhxMm9nC97kCaVB2Q_VsSHEuox6Y-XyVPcVR0OuSd7_oXdpl3cX0_FlDpipxb8CDiz8-hT2-5NFQdVZM637zdyYV9V2Hfc16p4JPz9i8GRsblk5cQg9LVgPpyAelq4wP6-bt5CNsX_HYvTrgGEIo7HNXab0qVmAJMjIyZ633WpdZWmKQM7xQHuj2buo9NKEaRSCm_bjtLMCwketsbCotNkjvt4EdcBf02iB-lszSIqzB-uhKoK3tudA-yDDWL7Ci3pXiMvF88vfm6BJWCes6qiTIsP2zhkYR7xph9r_Y2sazf4SlXoR1jjfceFRxMZB4LHMmRRF8fzc-7LrDo6rwl1Ch_N8Vob0TjQF9MsgNA1bruymxXCeRJoug4fGWeHo3KnpCcHVwNKubkgbd3TbZcbxnL921kL_rP5xyv7LQ3VzUXSjd-UHoKBNy91BtRevkA5F9QyJ71ydoRRxs51TEzfv7GOFYJHpII8ntYnZ9Oi8_xxSJaBvkPRKlqyUO41vSBscNy62XQbVLUSl6Et80MM3gG2zjG0w4nMIVvy8LV_Z-1ylj8Uqb1SeOgj69t-ObJExN1iUELVH9PldhWiOeuDVDGbLip1E1008b_YJCJHXqU6oUy7mWUMbDB9ZRY_0VyoxfErnf62A6xUpx7l8g4WuOiml4jaG9DxUTwSXwt6bik0Z5s5qci_MoVBom9LMvzsiBqi-G1D4HDs3TDcy9OfEdcEmxTmEGwZ_naWnDf-ANpj1yntuG27ibZFUoK5sn5b4SYcNNJpCFZnzeCjvsZekihNqWnJs3xfZMQFesgvaegbvfsXLQ07xtyPd7YABVSe8kS75UwqroNU5yMH3l4XldOzU_sS6efd1Dv4T8aCbSfN2j8fGdg0pCwXUdkCG2X6nvtuxof-NRuiDtL4uNZR_wwKqWP1IY9mHwjy0FosjcUMv52YOJXH1QT2sbQLwLxGi1B4p17LBoCgKmzDYDjXU7wesRAiMzK5q-NdEp1qExW0sZourqmjARgMaiXvwkrtIE4GhDQlGtDZgfgwotBiRkfVgn7TETWk0cG3DZDI1C_bPpAItwJtniVS5W6jTvPDyd_lae2Z1wYnUKqw_BkV2uL4kjqunWnWsMlasDyJdLtKd5h_WXuA0c9n2pPfb1BR4J3Fod_svkxJq6E1SfVPWTdqeRjVxH-sktIz0kYFrdEVpsQZs0PhSIIa5QLgxKtbyGOS9eMC6ETWwApK4yehMl4phtrUGjwMkkbvF5zZL3cdaU0xJtObav5HI7jd3RUlzSzQsKXAG3U-2vzU2G-nCtZbCphOLjcpujyAjgWhLjExy7e9-3KAAAlD0ogbtS6h2sC30KqKmaMuExcLKyIuKBX6Ui9dhE5LZKsC74l1obH-HZnw1u5mJXuifl8wS0g072skbg3Q3fsrnDE-6hxIvTeOxc-nz3OO5_xUFjGIb3YVFKRFKSloWJ1S7F45RuDxjofPAZdk8Fj07jgXpwIKwFIWCjmHkfbs2yJz3YsK5K8do5Bu2vbkelSdLTjXVwuwtmM-XBV3Bmrh3OSQhrtmaSdh_WM5zxAyrahov-S_kMhjrikfKG6uMl201bAeX7tq2M76nbvdI1vB6ZOtIoEbr0C3Imsbo7Slbzmyz9S7lEFiIv_Ao7v8Hma1HQAEaAW1L3ThgrGHmjVD4VkE232qvc2zIL62ssX0KJiPsjI4c_6iCy-MpYd2DUfeyAuQZ28ceJK0l8nx-jzM0c4sHclyPUytmkoMSq6G34zOw2IxB_otpwbSwMK6VLW8TovNOMK5lOBoH7VikvKusADArrsdOAgtzKPvB_gFq6d9KsH7u_w788C-uZTu5176kGre_1S4NKgu90MJXlxK-xGDoyto2gX9uruytCwNdgCdrbyG3n-mKCWnMugyHfTWbK6Za-Ark3F9IZDSPXcWXc-jzJl_975zdz57cO8WOoEkmF3wiPVAdRlCQrjVBuMgi7niM3vkE-FD45bnAaIh828zKaUPL_KTRfdKs18ijcsU0bz3iGCzMxAkGQ9PXD4fOwvD0hV_NernigNhRnwvqQ4as9yFacNuBXfrlh7BfHc1G_kERdtAgIEmO7P6HvdUFtdbGZAp7NEcnPcPVHljUkjZhcWLYu9jJiDo-tft90BVxG1x4k4H1mZtzATR93eVzEoSc9a2FzN_hwa8kXJmQeVn4gyzBViKjdTKDvyXOxbz4CQU1_jH5U_IIgaxO3WEpVIXl--ZOg9BbJwdoBYfx6OJtscHXY4bjZgCiYsDzh0XojMZgqT6zJ4DxOKNwsrHNGNevwGW4JE7jNxZA1U3WMQN1uWIDuAMad5fEfX3StCoAkd6g0Jxf_2v-dH0C0F04tvmTGqg5O-dQh44u-ZVRvRkBrgLvG6II1K7UggafT5I4MYZnPFHzuw0vfMl94lYh1Pv6B20Sp0HSA5lFaOexuauXF8896HxD_EyfUygBVuavE9oZ6zTutsuE6XgobhU4Rwu1CdTVtlhkbHt614OLjvTfMOvGskzsn3GwIdwLUlKMRr4slnU-NCkLfshrRgSM4yBXyOYS6nQ-HEOzvINDA6jF-MoxFsYt3x2946_3E-aZnIv1ZrxBPDMpObF_B8qWhXjqYFqosrWBGf-fEI2NTQ7g8YJtsWZALZo5QaYiqOCgBizyarv1CNsJ5pBNjyYsDlNajSdOgZHDKahdBTWRDBmDqepoyPcK_1mgfp6NVqmgqmgIcNp00oijkzl8wAroKsaurEXboenJooqVrARRBQh6NwWj8E-Gug-dcN9KrsjK5WpFzXfVJhvDo_6GwQWBnB8wlJ4sTCp87CGcyHpUfsv-JlP9ZWluAKhIf2XRKlzkWn6GQfsUo8X5jIcK87BrloZgvcCF9Mpdc013jHpl5RWz6ZfALXeNn2Jkqf3EgajQAuLa9C2XDRJkuAf3cVcggcnbQqi7duo1tadLzcHrQaQRWFE4hVu95k7byZ6Y043E2ybAl6qed5pEK8TeNx8nhUQcRUtdqjLsKCbimkx-TkoM11iZOrBGaTURCnqihPmBQbkMJ_8zih_CCkz9xVfPMUqEnNteIXdlObQK-vm0Lgjvkn3Eh3AD-MiOxhnYPXNP_PP4Q8lDLKbTU66rrPYU7CLG-idMwaAXy-rNUfT6ROULfkTGiRVA8KETtieWuNkNHhrB7UIGnIXf0pN2yxVluuViU2kmwah8JMOqNNxF7iD1CvC9yr84qvcuEHn9pTHlxhxSGKE3SdmL6N0lGSvU7_96Co0AqhxIkJ2JwlvB3Q5VofAArQx1BjS-qkpWznIma4QO7_kgNWJ-ei7d2cxi3yjf3mYAPqWIPP0a9uLUkbvjmBvnbbW12vZ4lYrd262UKjh6Ms&cid=CAQSTADq26N9RC4TZp0lEfew7ivAV_RuQEIFO5DitIZDhy-4PcPu24XOoYZxpZI2KX4d6aTDx3Hf46AE4vAsTDLI6wNeTpK-sjgydyLBdl0YASAT&dc_exteid=3655984123700378753&dc_pubid=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12a207b443337f2c1864442f10963172.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 23:36:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 08-Jan-2023 23:51:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=azmpnm&e=1452924796601
54.230.111.81200 OK 2.4 kB URL HTTP/2 flashnetic.com/r/p.html?f=azmpnm&e=1452924796601
IP 54.230.111.81:0
Hash 3e57d490e2c62519c66a332fc31848a6
8d2fcf375aa58571dcf19c6ae73c563807178d20
87104e90375bab6ce94129e99cefbe5cafa2f08f6deccbb8e661aff26c8fc980
GET /r/p.html?f=azmpnm&e=1452924796601 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KULD2H1JdDpMT_xzdiLPfN8wDysGpPnzL07j9nL2GJopbvFFiWaFxQ==
age: 65148
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60455003;rtbwp=gTLwGrKuZpPg3kIWWEc2aazboUFQG3yp0;rtbdata=nedVi83WsnviV93Qnvmhutf7eJ5r4BZkPcIDStMX1OUQWPd6EiOY3TkgZx8X_JVdN0DS3pSO1qadkO-zVCoObkMgNVHVtSMznY5_iRNWos3JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rp6AASpu_98y5HSgYC6ZfhIOXqZmw_CW-DovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=l951h5nGXol42u1ywTJ-2mG6Npu2up-2ZUw3_edo-aQvy-_EBH67fpG4dWAZeGGwwz0LEq8kKVwhPXp_NP3SJJ_D3SD-TndR0G8NIeuiSK3h7Hxy_pAeFCf3Tb3ZkoYvWAIB8nXTmexZPxj9MS-ec9puafB1kP4x13MdCf5bl7e487kQPD7qPMfMEX5By_Xskui0bMBUl7EM-GlobiiETgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.25200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60455003;rtbwp=gTLwGrKuZpPg3kIWWEc2aazboUFQG3yp0;rtbdata=nedVi83WsnviV93Qnvmhutf7eJ5r4BZkPcIDStMX1OUQWPd6EiOY3TkgZx8X_JVdN0DS3pSO1qadkO-zVCoObkMgNVHVtSMznY5_iRNWos3JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rp6AASpu_98y5HSgYC6ZfhIOXqZmw_CW-DovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=l951h5nGXol42u1ywTJ-2mG6Npu2up-2ZUw3_edo-aQvy-_EBH67fpG4dWAZeGGwwz0LEq8kKVwhPXp_NP3SJJ_D3SD-TndR0G8NIeuiSK3h7Hxy_pAeFCf3Tb3ZkoYvWAIB8nXTmexZPxj9MS-ec9puafB1kP4x13MdCf5bl7e487kQPD7qPMfMEX5By_Xskui0bMBUl7EM-GlobiiETgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.25:0
File type ASCII text, with very long lines (844), with CRLF line terminators
Hash 13b4ecbca502dd829c749b9486d88481
40e92f503aa8de3fb34f59233f3435b4dd364e5f
f8b0bb67bf2d40c8f8eee18407e4e16ec13cbcfdeec4307bde865852ac05d416
GET /adfscript/?bn=60455003;rtbwp=gTLwGrKuZpPg3kIWWEc2aazboUFQG3yp0;rtbdata=nedVi83WsnviV93Qnvmhutf7eJ5r4BZkPcIDStMX1OUQWPd6EiOY3TkgZx8X_JVdN0DS3pSO1qadkO-zVCoObkMgNVHVtSMznY5_iRNWos3JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rp6AASpu_98y5HSgYC6ZfhIOXqZmw_CW-DovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=l951h5nGXol42u1ywTJ-2mG6Npu2up-2ZUw3_edo-aQvy-_EBH67fpG4dWAZeGGwwz0LEq8kKVwhPXp_NP3SJJ_D3SD-TndR0G8NIeuiSK3h7Hxy_pAeFCf3Tb3ZkoYvWAIB8nXTmexZPxj9MS-ec9puafB1kP4x13MdCf5bl7e487kQPD7qPMfMEX5By_Xskui0bMBUl7EM-GlobiiETgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:39 GMT
content-type: text/javascript; charset=utf-8
content-length: 1219
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:39 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9rEXUFNnbUxa5FIA45QG5Fqhny6WNTaNqJ43SFquF5pfyEL0v8adAWYVafn7AnieqWYE2reNvpnEoFBE0_NZt1q6UeXIxwInb9iOco3XgLVbrXLDBCRZTanahBA1xc74x1alR2RGFQ9wlmw96iMyf6yt63K-MQ180xI7SthduvHFQpl0&dbm_d=AKAmf-BnFJCXyHsu3PisOpP2ccDsDjBeEK9w5Be-oCZUvM_q1v3U8qZck6B9XoAz3Fhr1NYKiDlaCja0nexWq0GDEq9GnXj_MR2-KEeRchPAh8-QrFgYY8CDkYvtFdnmHChFq_FNvejSFZGDGbhSMbCsuHeh605O2mfQkqdX2D_Nfa4LHULJ1FogG7PpZyXjSaSVtV_0h6KYiMeZo-VsDbsGh9sYJDS7FbSQqbR9hFvNxFkSekFLwWh9AaggVXrAt2EO21sPMTIH7Z-gWGzsGMj5vbVLJHT1I9-VKdwhHREWtGziQHG4-3XdgfzeHYdQjIXT1-2kbDQsKCpAlDXDgUpIcy7FCLvzBQS9lr77qVaLaU8YqazZRfuZh5_58zntcdTl-b6eJScKHijrDzGK1UArJ9V1KCmSgZj-L27Rb_N6cn64-Fsjjubt8aq3EKIhi6x_lezOCXcKAXj46qQRONqBCQJqSbtEYIwFUXJaMXvn9zfMhVW60DqZfweG9GMESajn3TBhtqY79DUKq5IQ-6pNZRGdHLpj6tS6mD_G2U4pNGNHCwxN4RMaJubq4-IKfFlBoZBf40wXi2wpxAS4Uj4kB3pjiqu1Rtq_iu2f2ajOA9Lr4m6YQY2l_MJ1r8DRwg7Di_wtimGBceYEZuQfMoObc_Wc8Q3NDGzex-Qhqe0j9wM_psiZxSdbKUqt3JW8jkF5J1yi7kijRpDgRkGkKXYFBG-UvBbgAXyAkcmPEq4i2mD20ExwrSxR9VEufNv_HQv0oImAqdUMNciOxOFpb7G7amjVGom_0tgP-K22wXaL1lk9I1xQsncKEemKQXV2Z_WrjfITzwp5bOkFm-0CMxj-mdVzGRIavuXaODeCw3rB2MnOvD55YrQpHHoNXby-SJ80zwJP4vUFDmuG-tUsc3_ceOuZ63QdZshOSsp6zJdHSJl7QsoUWJqO3JQ8171lvNGEtPnR5dQOUb_wlcpYaLuKMclj1Jdcw2sM4mb6VDV41Q2_398PL_SGu87EIOE0kotLjI1j7BJlTmVRLaJckw5oPVW9ORjRsmRwrfXEJlWgoAPNIlqt3CsuhbZ1clqG0xXe1MPprh4UtPCrETbGtW9-aQ_1ecsHNBSsYThd1IPEhjAZnPbXb9OVEBa_rhhlPCzSr9tLeh2Aj6-DNjWEItRrH42h9h88PU2rJy_ccpuOV5kgZjYZb-uzB_rDdHcqpmKz-AWP8xCyDgw4fpJ1MH1U_7ShCekIQCA11MRFCwbr8oqTDzkVP9qI7FI1iPVGWJQjL8g-Nh3OdUyH-2QzNhmVNiWxCrkGIXrHORLV5wAoAFLPUlbbLIqEzLAvVWyqvHSM78NMHwJCogg-IzA9sL57x9MReo3glPU23z9yYaZLtuZ8l9KqZf-X1t5yzBgQqDoyGGyKpXz6Buf8-COTtQQDZzK_TE04d3VhNPz-PW-YEOcaRgEgDH_meR8qchKWGExctWsvbtCRIfgnkoNT74zZLiJZKDnGY7e7tS7fR05H8bgOnWR3uPWno9mbVPzV_fhEG3YzQrtbxv-ghWxwu2CmOfrixOSz-NvQecQ8McSnikAOa1c5b6inokBZS6NglruAwb4ofDnObBVV4Ud8QbB9sGdkDkOVIGjDFhscO3G8IErwu_gKLN2PwkzewQZ0LUlODMN9Lfa7Mp0MkcXIzwGe45zjfRVAGXLD-gmzJaE0G-y9js5cTdcB1odj3ILNzuswYXVyK7Qo6j-UAjLFluteOXgm5KNyU74id5cPveFVAdKRd7y955fhQ4IFjW1LhyawgEbJg9hW2iG9tD07Efckc1ygmCjV33_01IYJjc_ERwrfncc2rAcrfgn1o9uMq7Kk_4w8vxZCHTt9oNntq-7N9xvMgS0mn3GGRPgZ_5dOkylTSbQ90NefOqK7j148vcIkFRqBvtEi0xilZ4C0KI_pm0tEbH6aN2jDNvNuGtxV4Ly_mM0xGLY91B_BdpH8VGE9UzFmladVEeHChv9Xx3V8LSM9Kwxz-awKNbtF1iYv2dVs_z5bQuyo2iU-yejUBjJ2q3FdNPUF1EjZZsL_BOPjWuUJZRjt4Zc_MXYQqIM4ZqLWwH8RlIdpMkjsCuExM94-UpJLM5e2YTNKw2_vElcxEMZZ2dOUGt723MMggDCgQ4TiNhErR5M8h-Nb7A1ArUMZtAsqn748Bur1j40DbMgM9vLNBEpNxagqbF5OV-CjZJFCAH1DXIUmZo1iiskeWf5LR1oV80zbFA0V-KZFNkA-GoPixdwHc9DHTke_jL13Xdw5PUMZgmwnRtZRYldOmeuHpEq563Z8hn2_UVCq8Xf4o3LYM_27em4rYLXGDnqkE2BvSyBfoBe5EAsxiCiC5YCtjq_pz_fyyu8_ojUgxr0jMSNxw2A8wsH8OrouRwpxlXDyIIFaaomG0dfMW31b4GZ3KqK3paCK0P8JuC0ss0agVx43X4aatkI5EUBV0_-46Id6BhbCEb1JnsDIa0Q0Rj9ewksFY5CD8t_CP1RLkpEmFxm0gEQpLNKOeklnOgAq9gp1qqQ1R7-SkbP-Fs5W07LZAdYmkzv1X1UDrlAq1VpbpU5yP26bZX4mwl5B5K4Jld41Q35_Q6ns3PzWCNBwxNiGa9sDD9FdsE_E_qKy65nYwSut0ExqxU_P3KpB8JFDLQqqHZ-eXVQhp-2R_ntdBydFZSwXH_HOf1ijUbuBjvt0TXznqBM8a7pifurlJFWX_flcZUHLPGOxz7m7AGzhjPo9NHNbfGmSdYNueWyC8qPup7KXAJEwUn_R5Z6C4NUznLb_XdI41UopQRuUIi00utZbfdlyiwmwzxVwgpzAd8vSf5q3M9gz4gZt5OJgIkRnOOPk2BRL2s-GM02388jCzoKiZrxz1ehmEgZ3LuX4gp0dDli5HhX0OGJUETVS-zm7IbxwIh-kxLXuXAhGPpFF53Tm92PankASRdwPUtgLuPrcgHUf7hPm3yg0WDRp2WLRZTQo7OFjC_nyZIJhT24TZ_g4mWxG7kOS_iV10xtnZOzGaMuO5TP_jJbgnjx9GjGWuFaJMk-5nNrw2STgs-lipMMs9xkORzXqW4avTkCmea4fAzVGCRKoeeCa0jRJLUANRSTGUWNZ8hX2ragXU41SareCqjitjblj_sFOq4YOf6WsnVCQRoZR8AcWVM9mjlQlbqfcP_IJej_4gP01dlfkQGr98kuFeqEzb03tnBIOtCxrPm_3sjtVwmVL5qkOJLMNbFaGH2qgZia32m3Xvkf8S631QQ1dAm-7O_Ac9dAj-8B1NQeyyHb_3Yp28l13nAA7IU7wudiMRQn_4Q9m4xJhgKGkP-CJR_zImVdt2d26npGtO5TuRAMWNLXSUcKUU8_DBleMc3nSF36d6Mb2h7Bvr37cKd5x0YuI&cid=CAQSTADq26N9RC4TZp0lEfew7ivAV_RuQEIFO5DitIZDhy-4PcPu24XOoYZxpZI2KX4d6aTDx3Hf46AE4vAsTDLI6wNeTpK-sjgydyLBdl0YASAT&dc_exteid=3360825654863208456&dc_pubid=4
142.250.74.66200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B9rEXUFNnbUxa5FIA45QG5Fqhny6WNTaNqJ43SFquF5pfyEL0v8adAWYVafn7AnieqWYE2reNvpnEoFBE0_NZt1q6UeXIxwInb9iOco3XgLVbrXLDBCRZTanahBA1xc74x1alR2RGFQ9wlmw96iMyf6yt63K-MQ180xI7SthduvHFQpl0&dbm_d=AKAmf-BnFJCXyHsu3PisOpP2ccDsDjBeEK9w5Be-oCZUvM_q1v3U8qZck6B9XoAz3Fhr1NYKiDlaCja0nexWq0GDEq9GnXj_MR2-KEeRchPAh8-QrFgYY8CDkYvtFdnmHChFq_FNvejSFZGDGbhSMbCsuHeh605O2mfQkqdX2D_Nfa4LHULJ1FogG7PpZyXjSaSVtV_0h6KYiMeZo-VsDbsGh9sYJDS7FbSQqbR9hFvNxFkSekFLwWh9AaggVXrAt2EO21sPMTIH7Z-gWGzsGMj5vbVLJHT1I9-VKdwhHREWtGziQHG4-3XdgfzeHYdQjIXT1-2kbDQsKCpAlDXDgUpIcy7FCLvzBQS9lr77qVaLaU8YqazZRfuZh5_58zntcdTl-b6eJScKHijrDzGK1UArJ9V1KCmSgZj-L27Rb_N6cn64-Fsjjubt8aq3EKIhi6x_lezOCXcKAXj46qQRONqBCQJqSbtEYIwFUXJaMXvn9zfMhVW60DqZfweG9GMESajn3TBhtqY79DUKq5IQ-6pNZRGdHLpj6tS6mD_G2U4pNGNHCwxN4RMaJubq4-IKfFlBoZBf40wXi2wpxAS4Uj4kB3pjiqu1Rtq_iu2f2ajOA9Lr4m6YQY2l_MJ1r8DRwg7Di_wtimGBceYEZuQfMoObc_Wc8Q3NDGzex-Qhqe0j9wM_psiZxSdbKUqt3JW8jkF5J1yi7kijRpDgRkGkKXYFBG-UvBbgAXyAkcmPEq4i2mD20ExwrSxR9VEufNv_HQv0oImAqdUMNciOxOFpb7G7amjVGom_0tgP-K22wXaL1lk9I1xQsncKEemKQXV2Z_WrjfITzwp5bOkFm-0CMxj-mdVzGRIavuXaODeCw3rB2MnOvD55YrQpHHoNXby-SJ80zwJP4vUFDmuG-tUsc3_ceOuZ63QdZshOSsp6zJdHSJl7QsoUWJqO3JQ8171lvNGEtPnR5dQOUb_wlcpYaLuKMclj1Jdcw2sM4mb6VDV41Q2_398PL_SGu87EIOE0kotLjI1j7BJlTmVRLaJckw5oPVW9ORjRsmRwrfXEJlWgoAPNIlqt3CsuhbZ1clqG0xXe1MPprh4UtPCrETbGtW9-aQ_1ecsHNBSsYThd1IPEhjAZnPbXb9OVEBa_rhhlPCzSr9tLeh2Aj6-DNjWEItRrH42h9h88PU2rJy_ccpuOV5kgZjYZb-uzB_rDdHcqpmKz-AWP8xCyDgw4fpJ1MH1U_7ShCekIQCA11MRFCwbr8oqTDzkVP9qI7FI1iPVGWJQjL8g-Nh3OdUyH-2QzNhmVNiWxCrkGIXrHORLV5wAoAFLPUlbbLIqEzLAvVWyqvHSM78NMHwJCogg-IzA9sL57x9MReo3glPU23z9yYaZLtuZ8l9KqZf-X1t5yzBgQqDoyGGyKpXz6Buf8-COTtQQDZzK_TE04d3VhNPz-PW-YEOcaRgEgDH_meR8qchKWGExctWsvbtCRIfgnkoNT74zZLiJZKDnGY7e7tS7fR05H8bgOnWR3uPWno9mbVPzV_fhEG3YzQrtbxv-ghWxwu2CmOfrixOSz-NvQecQ8McSnikAOa1c5b6inokBZS6NglruAwb4ofDnObBVV4Ud8QbB9sGdkDkOVIGjDFhscO3G8IErwu_gKLN2PwkzewQZ0LUlODMN9Lfa7Mp0MkcXIzwGe45zjfRVAGXLD-gmzJaE0G-y9js5cTdcB1odj3ILNzuswYXVyK7Qo6j-UAjLFluteOXgm5KNyU74id5cPveFVAdKRd7y955fhQ4IFjW1LhyawgEbJg9hW2iG9tD07Efckc1ygmCjV33_01IYJjc_ERwrfncc2rAcrfgn1o9uMq7Kk_4w8vxZCHTt9oNntq-7N9xvMgS0mn3GGRPgZ_5dOkylTSbQ90NefOqK7j148vcIkFRqBvtEi0xilZ4C0KI_pm0tEbH6aN2jDNvNuGtxV4Ly_mM0xGLY91B_BdpH8VGE9UzFmladVEeHChv9Xx3V8LSM9Kwxz-awKNbtF1iYv2dVs_z5bQuyo2iU-yejUBjJ2q3FdNPUF1EjZZsL_BOPjWuUJZRjt4Zc_MXYQqIM4ZqLWwH8RlIdpMkjsCuExM94-UpJLM5e2YTNKw2_vElcxEMZZ2dOUGt723MMggDCgQ4TiNhErR5M8h-Nb7A1ArUMZtAsqn748Bur1j40DbMgM9vLNBEpNxagqbF5OV-CjZJFCAH1DXIUmZo1iiskeWf5LR1oV80zbFA0V-KZFNkA-GoPixdwHc9DHTke_jL13Xdw5PUMZgmwnRtZRYldOmeuHpEq563Z8hn2_UVCq8Xf4o3LYM_27em4rYLXGDnqkE2BvSyBfoBe5EAsxiCiC5YCtjq_pz_fyyu8_ojUgxr0jMSNxw2A8wsH8OrouRwpxlXDyIIFaaomG0dfMW31b4GZ3KqK3paCK0P8JuC0ss0agVx43X4aatkI5EUBV0_-46Id6BhbCEb1JnsDIa0Q0Rj9ewksFY5CD8t_CP1RLkpEmFxm0gEQpLNKOeklnOgAq9gp1qqQ1R7-SkbP-Fs5W07LZAdYmkzv1X1UDrlAq1VpbpU5yP26bZX4mwl5B5K4Jld41Q35_Q6ns3PzWCNBwxNiGa9sDD9FdsE_E_qKy65nYwSut0ExqxU_P3KpB8JFDLQqqHZ-eXVQhp-2R_ntdBydFZSwXH_HOf1ijUbuBjvt0TXznqBM8a7pifurlJFWX_flcZUHLPGOxz7m7AGzhjPo9NHNbfGmSdYNueWyC8qPup7KXAJEwUn_R5Z6C4NUznLb_XdI41UopQRuUIi00utZbfdlyiwmwzxVwgpzAd8vSf5q3M9gz4gZt5OJgIkRnOOPk2BRL2s-GM02388jCzoKiZrxz1ehmEgZ3LuX4gp0dDli5HhX0OGJUETVS-zm7IbxwIh-kxLXuXAhGPpFF53Tm92PankASRdwPUtgLuPrcgHUf7hPm3yg0WDRp2WLRZTQo7OFjC_nyZIJhT24TZ_g4mWxG7kOS_iV10xtnZOzGaMuO5TP_jJbgnjx9GjGWuFaJMk-5nNrw2STgs-lipMMs9xkORzXqW4avTkCmea4fAzVGCRKoeeCa0jRJLUANRSTGUWNZ8hX2ragXU41SareCqjitjblj_sFOq4YOf6WsnVCQRoZR8AcWVM9mjlQlbqfcP_IJej_4gP01dlfkQGr98kuFeqEzb03tnBIOtCxrPm_3sjtVwmVL5qkOJLMNbFaGH2qgZia32m3Xvkf8S631QQ1dAm-7O_Ac9dAj-8B1NQeyyHb_3Yp28l13nAA7IU7wudiMRQn_4Q9m4xJhgKGkP-CJR_zImVdt2d26npGtO5TuRAMWNLXSUcKUU8_DBleMc3nSF36d6Mb2h7Bvr37cKd5x0YuI&cid=CAQSTADq26N9RC4TZp0lEfew7ivAV_RuQEIFO5DitIZDhy-4PcPu24XOoYZxpZI2KX4d6aTDx3Hf46AE4vAsTDLI6wNeTpK-sjgydyLBdl0YASAT&dc_exteid=3360825654863208456&dc_pubid=4
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /dbm/ad?dbm_c=AKAmf-B9rEXUFNnbUxa5FIA45QG5Fqhny6WNTaNqJ43SFquF5pfyEL0v8adAWYVafn7AnieqWYE2reNvpnEoFBE0_NZt1q6UeXIxwInb9iOco3XgLVbrXLDBCRZTanahBA1xc74x1alR2RGFQ9wlmw96iMyf6yt63K-MQ180xI7SthduvHFQpl0&dbm_d=AKAmf-BnFJCXyHsu3PisOpP2ccDsDjBeEK9w5Be-oCZUvM_q1v3U8qZck6B9XoAz3Fhr1NYKiDlaCja0nexWq0GDEq9GnXj_MR2-KEeRchPAh8-QrFgYY8CDkYvtFdnmHChFq_FNvejSFZGDGbhSMbCsuHeh605O2mfQkqdX2D_Nfa4LHULJ1FogG7PpZyXjSaSVtV_0h6KYiMeZo-VsDbsGh9sYJDS7FbSQqbR9hFvNxFkSekFLwWh9AaggVXrAt2EO21sPMTIH7Z-gWGzsGMj5vbVLJHT1I9-VKdwhHREWtGziQHG4-3XdgfzeHYdQjIXT1-2kbDQsKCpAlDXDgUpIcy7FCLvzBQS9lr77qVaLaU8YqazZRfuZh5_58zntcdTl-b6eJScKHijrDzGK1UArJ9V1KCmSgZj-L27Rb_N6cn64-Fsjjubt8aq3EKIhi6x_lezOCXcKAXj46qQRONqBCQJqSbtEYIwFUXJaMXvn9zfMhVW60DqZfweG9GMESajn3TBhtqY79DUKq5IQ-6pNZRGdHLpj6tS6mD_G2U4pNGNHCwxN4RMaJubq4-IKfFlBoZBf40wXi2wpxAS4Uj4kB3pjiqu1Rtq_iu2f2ajOA9Lr4m6YQY2l_MJ1r8DRwg7Di_wtimGBceYEZuQfMoObc_Wc8Q3NDGzex-Qhqe0j9wM_psiZxSdbKUqt3JW8jkF5J1yi7kijRpDgRkGkKXYFBG-UvBbgAXyAkcmPEq4i2mD20ExwrSxR9VEufNv_HQv0oImAqdUMNciOxOFpb7G7amjVGom_0tgP-K22wXaL1lk9I1xQsncKEemKQXV2Z_WrjfITzwp5bOkFm-0CMxj-mdVzGRIavuXaODeCw3rB2MnOvD55YrQpHHoNXby-SJ80zwJP4vUFDmuG-tUsc3_ceOuZ63QdZshOSsp6zJdHSJl7QsoUWJqO3JQ8171lvNGEtPnR5dQOUb_wlcpYaLuKMclj1Jdcw2sM4mb6VDV41Q2_398PL_SGu87EIOE0kotLjI1j7BJlTmVRLaJckw5oPVW9ORjRsmRwrfXEJlWgoAPNIlqt3CsuhbZ1clqG0xXe1MPprh4UtPCrETbGtW9-aQ_1ecsHNBSsYThd1IPEhjAZnPbXb9OVEBa_rhhlPCzSr9tLeh2Aj6-DNjWEItRrH42h9h88PU2rJy_ccpuOV5kgZjYZb-uzB_rDdHcqpmKz-AWP8xCyDgw4fpJ1MH1U_7ShCekIQCA11MRFCwbr8oqTDzkVP9qI7FI1iPVGWJQjL8g-Nh3OdUyH-2QzNhmVNiWxCrkGIXrHORLV5wAoAFLPUlbbLIqEzLAvVWyqvHSM78NMHwJCogg-IzA9sL57x9MReo3glPU23z9yYaZLtuZ8l9KqZf-X1t5yzBgQqDoyGGyKpXz6Buf8-COTtQQDZzK_TE04d3VhNPz-PW-YEOcaRgEgDH_meR8qchKWGExctWsvbtCRIfgnkoNT74zZLiJZKDnGY7e7tS7fR05H8bgOnWR3uPWno9mbVPzV_fhEG3YzQrtbxv-ghWxwu2CmOfrixOSz-NvQecQ8McSnikAOa1c5b6inokBZS6NglruAwb4ofDnObBVV4Ud8QbB9sGdkDkOVIGjDFhscO3G8IErwu_gKLN2PwkzewQZ0LUlODMN9Lfa7Mp0MkcXIzwGe45zjfRVAGXLD-gmzJaE0G-y9js5cTdcB1odj3ILNzuswYXVyK7Qo6j-UAjLFluteOXgm5KNyU74id5cPveFVAdKRd7y955fhQ4IFjW1LhyawgEbJg9hW2iG9tD07Efckc1ygmCjV33_01IYJjc_ERwrfncc2rAcrfgn1o9uMq7Kk_4w8vxZCHTt9oNntq-7N9xvMgS0mn3GGRPgZ_5dOkylTSbQ90NefOqK7j148vcIkFRqBvtEi0xilZ4C0KI_pm0tEbH6aN2jDNvNuGtxV4Ly_mM0xGLY91B_BdpH8VGE9UzFmladVEeHChv9Xx3V8LSM9Kwxz-awKNbtF1iYv2dVs_z5bQuyo2iU-yejUBjJ2q3FdNPUF1EjZZsL_BOPjWuUJZRjt4Zc_MXYQqIM4ZqLWwH8RlIdpMkjsCuExM94-UpJLM5e2YTNKw2_vElcxEMZZ2dOUGt723MMggDCgQ4TiNhErR5M8h-Nb7A1ArUMZtAsqn748Bur1j40DbMgM9vLNBEpNxagqbF5OV-CjZJFCAH1DXIUmZo1iiskeWf5LR1oV80zbFA0V-KZFNkA-GoPixdwHc9DHTke_jL13Xdw5PUMZgmwnRtZRYldOmeuHpEq563Z8hn2_UVCq8Xf4o3LYM_27em4rYLXGDnqkE2BvSyBfoBe5EAsxiCiC5YCtjq_pz_fyyu8_ojUgxr0jMSNxw2A8wsH8OrouRwpxlXDyIIFaaomG0dfMW31b4GZ3KqK3paCK0P8JuC0ss0agVx43X4aatkI5EUBV0_-46Id6BhbCEb1JnsDIa0Q0Rj9ewksFY5CD8t_CP1RLkpEmFxm0gEQpLNKOeklnOgAq9gp1qqQ1R7-SkbP-Fs5W07LZAdYmkzv1X1UDrlAq1VpbpU5yP26bZX4mwl5B5K4Jld41Q35_Q6ns3PzWCNBwxNiGa9sDD9FdsE_E_qKy65nYwSut0ExqxU_P3KpB8JFDLQqqHZ-eXVQhp-2R_ntdBydFZSwXH_HOf1ijUbuBjvt0TXznqBM8a7pifurlJFWX_flcZUHLPGOxz7m7AGzhjPo9NHNbfGmSdYNueWyC8qPup7KXAJEwUn_R5Z6C4NUznLb_XdI41UopQRuUIi00utZbfdlyiwmwzxVwgpzAd8vSf5q3M9gz4gZt5OJgIkRnOOPk2BRL2s-GM02388jCzoKiZrxz1ehmEgZ3LuX4gp0dDli5HhX0OGJUETVS-zm7IbxwIh-kxLXuXAhGPpFF53Tm92PankASRdwPUtgLuPrcgHUf7hPm3yg0WDRp2WLRZTQo7OFjC_nyZIJhT24TZ_g4mWxG7kOS_iV10xtnZOzGaMuO5TP_jJbgnjx9GjGWuFaJMk-5nNrw2STgs-lipMMs9xkORzXqW4avTkCmea4fAzVGCRKoeeCa0jRJLUANRSTGUWNZ8hX2ragXU41SareCqjitjblj_sFOq4YOf6WsnVCQRoZR8AcWVM9mjlQlbqfcP_IJej_4gP01dlfkQGr98kuFeqEzb03tnBIOtCxrPm_3sjtVwmVL5qkOJLMNbFaGH2qgZia32m3Xvkf8S631QQ1dAm-7O_Ac9dAj-8B1NQeyyHb_3Yp28l13nAA7IU7wudiMRQn_4Q9m4xJhgKGkP-CJR_zImVdt2d26npGtO5TuRAMWNLXSUcKUU8_DBleMc3nSF36d6Mb2h7Bvr37cKd5x0YuI&cid=CAQSTADq26N9RC4TZp0lEfew7ivAV_RuQEIFO5DitIZDhy-4PcPu24XOoYZxpZI2KX4d6aTDx3Hf46AE4vAsTDLI6wNeTpK-sjgydyLBdl0YASAT&dc_exteid=3360825654863208456&dc_pubid=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12a207b443337f2c1864442f10963172.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 23:36:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 08-Jan-2023 23:51:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=nycywqhzbj&e=1452924796601
54.230.111.81200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=nycywqhzbj&e=1452924796601
IP 54.230.111.81:0
GET /r/p.html?f=nycywqhzbj&e=1452924796601 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EyJxEvtV-UpvJtvLJjWhcN9rrrPmTs2r_K8Piok6GhULLj-uxq0U4A==
age: 65148
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
tags.crwdcntrl.net/lt/c/16576/sync.min.js
54.230.111.37200 OK 0 B URL HTTP/2 tags.crwdcntrl.net/lt/c/16576/sync.min.js
IP 54.230.111.37:0
GET /lt/c/16576/sync.min.js HTTP/1.1
Host: tags.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 20:15:08 GMT
cache-control: max-age: 86400
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hgX68UUrpOJT6rQiuBULTyCz8D8yZRFNH-3KA18nOdksp0CidF77tQ==
age: 12091
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.ids.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.ids.js
IP 178.250.0.130:0
GET /js/ld/publishertag.ids.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:37 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-9c1f"
expires: Mon, 09 Jan 2023 23:36:37 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/esp.js
104.22.52.86200 OK 0 B URL HTTP/2 cdn.id5-sync.com/api/1.0/esp.js
IP 104.22.52.86:0
GET /api/1.0/esp.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:37 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: br8ocj5fWmQgOqNy/Y5LiIH5q+MAwLmtxoIHmumKrdJnVOflpFk2DrvLlhRMxH1N156iQZCmWrRJmSpedVGlPA==
x-amz-request-id: 9KT5DTFKEWY7HC5S
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
etag: W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 704
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7868c1a3ba77b503-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/id5-api.js
104.22.52.86200 OK 0 B URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP 104.22.52.86:0
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:38 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: NzzDMQRIzsXNjVR7/B6e4yrrDcazBk60q2/S2QH7YxwqiaX7/iQchWRPdgPY0BswypKEPiqaJg8=
x-amz-request-id: EK159HTWSS7GNBQ8
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
etag: W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 655
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7868c1a8eeb9b503-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3090371673220978750
54.230.111.81200 OK 0 B URL HTTP/2 flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3090371673220978750
IP 54.230.111.81:0
GET /t.js?i=tvdi2ru09cf0ymc0mwei9&cb=3090371673220978750 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 11 Nov 2022 10:14:17 GMT
x-amz-version-id: _w3ae0RYCGBlDTPjQPIQB8LKoj64xOVc
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 17:57:30 GMT
etag: W/"57c945f3c1feba973398debac47b1341"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9Dy5q5qdYyrs7SN6MqWJ2wey_-XVh12LakGLYuR9FtDGLkaJipuLUg==
age: 20342
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 0 B URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27702
date: Sun, 08 Jan 2023 23:36:31 GMT
expires: Sun, 08 Jan 2023 23:36:31 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1446 / 560 of 1000 / last-modified: 1673046381"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=bxxtzsfpu&e=1452924796601
54.230.111.81200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=bxxtzsfpu&e=1452924796601
IP 54.230.111.81:0
GET /r/p.html?f=bxxtzsfpu&e=1452924796601 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: P79-95HJ9pIeZp6PJZQKn25drOFz4L4tMgSFkrSlljSsRnaq7e5zhA==
age: 65148
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1
IP 178.250.2.146:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://earnme.club
server-processing-duration-in-ticks: 420492
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
c.amazon-adsystem.com/aax2/apstag.js
143.204.46.73200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP 143.204.46.73:0
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 08 Jan 2023 23:00:57 GMT
last-modified: Thu, 22 Dec 2022 18:13:53 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront), 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
etag: W/"b2496fcafcf1daf6223aefe99a0cf048"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-C1
x-amz-cf-id: 5eyAa9fe-IB11OF7l3z-k8NwyDiqqDOTOFKvU6C01EIuwP2cecRYDA==
age: 2135
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=avkmqfnb&e=1452924796601
54.230.111.81200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=avkmqfnb&e=1452924796601
IP 54.230.111.81:0
GET /r/p.html?f=avkmqfnb&e=1452924796601 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EmTiVI_ydFDgYBubuaiEde7AP9iQE-GZwlaTwseiJmZozqqHFsJyEA==
age: 65148
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=rhhkfjph&e=1452924796601
54.230.111.81200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=rhhkfjph&e=1452924796601
IP 54.230.111.81:0
GET /r/p.html?f=rhhkfjph&e=1452924796601 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EEJ-BYnNpxZGDnrgsA4EfB5FPL7i9xc7rMVVEaLbRqvM3ffU0MD2EQ==
age: 65148
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.25200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.25200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:34 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.25200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:34 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.132.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.132.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.132.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:34 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Mon, 09 Jan 2023 23:36:34 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=1.3.4
216.58.207.202200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=1.3.4
IP 216.58.207.202:0
GET /css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=1.3.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 08 Jan 2023 23:36:31 GMT
date: Sun, 08 Jan 2023 23:36:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=oyjike&e=1452924796601
54.230.111.81200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=oyjike&e=1452924796601
IP 54.230.111.81:0
GET /r/p.html?f=oyjike&e=1452924796601 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NkgZMFZlmSc0yL0qhAywLvbJRRpZ9nFaz6RwCLIwXjpnEDPBs1jZFg==
age: 65148
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.25200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:34 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
s1.adform.net/banners/scripts/adx.js
37.157.5.71200 OK 0 B URL HTTP/2 s1.adform.net/banners/scripts/adx.js
IP 37.157.5.71:0
GET /banners/scripts/adx.js HTTP/1.1
Host: s1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:38 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
x-rgw-object-type: Normal
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-amz-request-id: tx00000cfa1f558e560dc31-0063858c9b-32941e2b-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.adapex.io/hb/aaw.emc.js
172.67.154.237200 OK 0 B URL HTTP/2 cdn.adapex.io/hb/aaw.emc.js
IP 172.67.154.237:0
GET /hb/aaw.emc.js HTTP/1.1
Host: cdn.adapex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:31 GMT
content-type: application/javascript
last-modified: Tue, 03 Jan 2023 07:47:25 GMT
vary: Accept-Encoding
etag: W/"63b3dd8d-89bd6"
expires: Mon, 09 Jan 2023 07:48:28 GMT
cache-control: public, max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 7085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcFc2gSxP4S%2FKSUtVFp3QIT%2FJ1IPhZ16xl0ztsYjHlQaksu5JD5rQoUPVEWODeewzJ%2FV422vCzRGKwxHCg5oy2ICVVyn%2Fj1Vpmre3Ql2kid%2FSFh1lz2sFfVTpRGZL68b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7868c17b4829b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tags.crwdcntrl.net/lt/c/16589/sync.min.js
54.230.111.37200 OK 0 B URL HTTP/2 tags.crwdcntrl.net/lt/c/16589/sync.min.js
IP 54.230.111.37:0
GET /lt/c/16589/sync.min.js HTTP/1.1
Host: tags.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 05 Jan 2023 20:08:05 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 20:15:08 GMT
cache-control: max-age: 86400
etag: W/"87ee016ad429d1c83712b8d81ccb3c59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ao15FWe94Z6a_e9nEhQQBUclldmQATGxctDRlGSXVaesIueGmjBprA==
age: 12090
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.130.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.130.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.130.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:35 GMT
content-type: text/javascript
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
etag: W/"6326273b-16120"
expires: Mon, 09 Jan 2023 23:36:35 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
go1.aniview.com/api/adserver/tag/?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f&AV_VIDEOURL=https%3A%2F%2Fstreaming.playstream.media%2Fstorage%2Fvideos%2Fa9c9391d-dd16-4cb6-9319-5dd9559fe22d%2Findex.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&AV_CHANNELID=6278fd47e6b0901a49776895&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=earnme.club&AV_DADPOS=1&AV_TAG=62790805abc41c4450002684&AV_TEMPLATE=6278f4f0a7dd573d85421cad&d36=6.2.71&responsive=1&sver=3&avtoken=979775&omv=1.0.1&clsid=c2514078-42b4-4c55-af80-ab316df16b15&rando=81&AV_WIDTH=640&AV_HEIGHT=361&AV_DNT=0&cb=1673220979778&wfc=1
52.206.131.34200 OK 0 B URL HTTP/2 go1.aniview.com/api/adserver/tag/?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f&AV_VIDEOURL=https%3A%2F%2Fstreaming.playstream.media%2Fstorage%2Fvideos%2Fa9c9391d-dd16-4cb6-9319-5dd9559fe22d%2Findex.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&AV_CHANNELID=6278fd47e6b0901a49776895&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=earnme.club&AV_DADPOS=1&AV_TAG=62790805abc41c4450002684&AV_TEMPLATE=6278f4f0a7dd573d85421cad&d36=6.2.71&responsive=1&sver=3&avtoken=979775&omv=1.0.1&clsid=c2514078-42b4-4c55-af80-ab316df16b15&rando=81&AV_WIDTH=640&AV_HEIGHT=361&AV_DNT=0&cb=1673220979778&wfc=1
IP 52.206.131.34:0
GET /api/adserver/tag/?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f&AV_VIDEOURL=https%3A%2F%2Fstreaming.playstream.media%2Fstorage%2Fvideos%2Fa9c9391d-dd16-4cb6-9319-5dd9559fe22d%2Findex.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fearnme.club%2Fnord-n1-from-oneplus%2F&AV_CHANNELID=6278fd47e6b0901a49776895&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=earnme.club&AV_DADPOS=1&AV_TAG=62790805abc41c4450002684&AV_TEMPLATE=6278f4f0a7dd573d85421cad&d36=6.2.71&responsive=1&sver=3&avtoken=979775&omv=1.0.1&clsid=c2514078-42b4-4c55-af80-ab316df16b15&rando=81&AV_WIDTH=640&AV_HEIGHT=361&AV_DNT=0&cb=1673220979778&wfc=1 HTTP/1.1
Host: go1.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:32 GMT
content-type: application/json
vary: Accept-Encoding
set-cookie: aniC=1673220992775-983049509137-006469-013-002289; Expires=Sat, 28-Jan-23 23:36:32 GMT; Max-Age=1728000; Domain=aniview.com; Path=/; Secure; HttpOnly; SameSite=None
aniC=; Expires=Sat, 28-Jan-23 23:36:32 GMT; Max-Age=1728000; Domain=aniview.com; Path=/; Secure; HttpOnly; SameSite=None
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
expires: Wed, 28 Dec 2022 09:49:52 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CUQWX43D
34.107.148.139200 OK 0 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CUQWX43D
IP 34.107.148.139:0
POST /rtb/prebid?cid=8CUQWX43D HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3946
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:32 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Sun, 08 Jan 2023 23:36:32 GMT
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=earnme.club&url=https://earnme.club/nord-n1-from-oneplus/
104.22.5.69200 OK 0 B URL HTTP/2 id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=earnme.club&url=https://earnme.club/nord-n1-from-oneplus/
IP 104.22.5.69:0
GET /v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=earnme.club&url=https://earnme.club/nord-n1-from-oneplus/ HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:39 GMT
content-type: application/json
cache-control: public,max-age=30
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
vary: Origin
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7868c1ab6907b4f4-OSL
X-Firefox-Spdy: h2
hb.adpone.com/prebid7.19.0.js
172.67.73.228200 OK 0 B URL HTTP/2 hb.adpone.com/prebid7.19.0.js
IP 172.67.73.228:0
GET /prebid7.19.0.js HTTP/1.1
Host: hb.adpone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:32 GMT
content-type: application/javascript
x-amz-id-2: z8zPPgpChpmPHjrETbNpCXccjPHhgx/GJFcxrGv5xpYywnazjILxUOl1MmK1mgPPDqHEJdhQRpw=
x-amz-request-id: AZB8RQQA6SHSSEK2
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
cache-control: max-age=14400
cf-cache-status: HIT
age: 97
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cURDuFJqCpc5k8tqcCf1iaIQtgXP7rWEpG5m3U%2B2FAl5gGgMaBqb3fK3iXfJuuZRvMpA8AFESkgPqEU%2B%2FVke9nuxWqUC0i%2F%2BCS7wGKj8D98R3f0zGX1PFmgt72PW%2Bw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7868c181da35b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:35 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Mon, 09 Jan 2023 23:36:35 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.25200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:33 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
37.157.5.71200 OK 0 B URL HTTP/2 s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
IP 37.157.5.71:0
GET /stoat/626/s1.adform.net/bootstrap.js HTTP/1.1
Host: s1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:38 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
cache-control: public, max-age=100000
expires: Thu, 22 Dec 2022 19:29:50 GMT
x-cache-status: STALE
content-encoding: gzip
X-Firefox-Spdy: h2
earnme.club/nord-n1-from-oneplus/
157.90.71.190200 OK 0 B URL HTTP/2 earnme.club/nord-n1-from-oneplus/
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Malware
GET /nord-n1-from-oneplus/ HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
x-pingback: https://earnme.club/xmlrpc.php
link: <https://earnme.club/wp-json/>; rel="https://api.w.org/", <https://earnme.club/wp-json/wp/v2/posts/65>; rel="alternate"; type="application/json", <https://earnme.club/?p=65>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Sun, 08 Jan 2023 23:36:31 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2