earnme.club/safe2.php?link=u3inrh3d
157.90.71.190200 OK 452 B URL HTTP/1.1 earnme.club/safe2.php?link=u3inrh3d
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash b1be42a2c36ad1b81dbb515e2e707d5e
192753e2bce604ac648aabce2302746347f0ad35
f2d138fbcbf4a9e0e4cd3ba639304f826eb4e62712db50c9b92f6ec5c3194925
Analyzer Verdict Alert fortinet Malware
GET /safe2.php?link=u3inrh3d HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: tp2=u3inrh3d; expires=Sun, 08-Jan-2023 23:39:43 GMT; Max-Age=180
content-type: text/html; charset=UTF-8
content-length: 452
content-encoding: gzip
vary: Accept-Encoding
date: Sun, 08 Jan 2023 23:36:43 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10104
Expires: Mon, 09 Jan 2023 02:25:07 GMT
Date: Sun, 08 Jan 2023 23:36:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e4bdd77c0369662aa71ce2d01fd3edab
0ab1c5857e200e7e7946424c2c844537bfbb9775
a163c19fcc8fcf985e8df6ad4bd7ce73912b3df892d8236c70f9bc80820b26da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A163C19FCC8FCF985E8DF6AD4BD7CE73912B3DF892D8236C70F9BC80820B26DA"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4290
Expires: Mon, 09 Jan 2023 00:48:13 GMT
Date: Sun, 08 Jan 2023 23:36:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 08 Jan 2023 22:48:18 GMT
content-type: application/json
age: 2905
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 75f0037a1d53a9a5321a796206ec3e24
70d42c9bf1334f20e1cea4ce3c8212e0e780ee77
80ec1e61f9563e799c9f44ea31e616c37daea1b9670091fbbc6efc39ebafe3d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80EC1E61F9563E799C9F44EA31E616C37DAEA1B9670091FBBC6EFC39EBAFE3D3"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11381
Expires: Mon, 09 Jan 2023 02:46:24 GMT
Date: Sun, 08 Jan 2023 23:36:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /ZaWjn8ssTm0QMgumEcqJu9WENlMlTPoIceh2TCJGY3Ipd3ezq/YrCEvH0Gf4OzupYaY2DIaAII=
x-amz-request-id: 9SQA1GZWRHKJT839
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 08 Jan 2023 23:15:58 GMT
age: 1245
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:43 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 53e4963971e19408d4cf264bd653599d
271fa6d9b5843b97d579a713fbb48b388c61eba0
c3245e3793f7aab542ba2b4b719f5145a45ba29d536456ad629a364ab2df400b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
earnme.club/favicon.ico
157.90.71.190404 Not Found 708 B IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
GET /favicon.ico HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: tp2=u3inrh3d
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sun, 08 Jan 2023 23:36:43 GMT
earnme.club/galaxy-m32-from-samsung/
157.90.71.190200 OK 26 kB URL HTTP/2 earnme.club/galaxy-m32-from-samsung/
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 628a8006050705a78caa015bd9b25dca
19ddffd44057ba9f48dfa3f2f9b57f9e6bae8127
a758ac1a7276459dc9bde65e0ac48166a54edda1580844d5f11fef2b1ccbe534
Analyzer Verdict Alert fortinet Malware
GET /galaxy-m32-from-samsung/ HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
x-pingback: https://earnme.club/xmlrpc.php
link: <https://earnme.club/wp-json/>; rel="https://api.w.org/", <https://earnme.club/wp-json/wp/v2/posts/175>; rel="alternate"; type="application/json", <https://earnme.club/?p=175>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Sun, 08 Jan 2023 23:36:44 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
earnme.club/wp-includes/css/classic-themes.min.css?ver=1
157.90.71.190200 OK 144 B URL HTTP/2 earnme.club/wp-includes/css/classic-themes.min.css?ver=1
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
Hash fcbd239f30d9a6dd1f3637f291143d37
2871bf7d98af3f43e42f7fa32808048e7134fabf
c2f98e9d71f782b7a3266cd337c61ae6c8dcbb7203669c07852aa2ab65ab6144
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/galaxy-m32-from-samsung/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 23:36:44 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 144
date: Sun, 08 Jan 2023 23:36:44 GMT
X-Firefox-Spdy: h2
tg1.playstream.media/api/adserver/spt?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f
95.101.10.144200 OK 7.1 kB URL HTTP/1.1 tg1.playstream.media/api/adserver/spt?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f
IP 95.101.10.144:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (3202)
Hash be3292574cbc1cedb26fc95227c23aad
27be67e3005ad760dfc9f56ca4a6b5917adb1b55
3d1ff0b444c6f2de877340df699f8266c17278f1f1a98d6344f6be1ac6830289
GET /api/adserver/spt?AV_TAGID=62790805abc41c4450002684&AV_PUBLISHERID=62176a72a06fe80ba569d18f HTTP/1.1
Host: tg1.playstream.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 7138
Cache-Control: max-age=300
Expires: Sun, 08 Jan 2023 23:41:44 GMT
Date: Sun, 08 Jan 2023 23:36:44 GMT
Connection: keep-alive
Vary: Accept-Encoding
earnme.club/wp-content/themes/bloggingpro/style.css?ver=1.3.4
157.90.71.190200 OK 14 kB URL HTTP/2 earnme.club/wp-content/themes/bloggingpro/style.css?ver=1.3.4
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2091)
Hash 35fb9f56557ab8ddbfe5fe42f7043265
3d7f0046194d7cdbc06aa408018af702d5363b88
7880a5e983cae7e1e30ee88faa28f5176569cb6d06091a04e504cb787143420f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bloggingpro/style.css?ver=1.3.4 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/galaxy-m32-from-samsung/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 23:36:44 GMT
content-type: text/css
last-modified: Sun, 01 Jan 2023 07:20:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13560
date: Sun, 08 Jan 2023 23:36:44 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b2607e0dfc0aa5187c1ff5b2d59a0f52
0d61e67262df0ed93f1731235be83e834d90da7b
055e6e33bb49e23042a5bc011fcc40fdde161996d4e1d94de60657f673e86ece
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2825
Cache-Control: max-age=89582
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:44 GMT
Etag: "63ba0371-118"
Expires: Tue, 10 Jan 2023 00:29:46 GMT
Last-Modified: Sat, 07 Jan 2023 23:42:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
earnme.club/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
157.90.71.190200 OK 4.6 kB URL HTTP/2 earnme.club/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (15660)
Hash 0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/galaxy-m32-from-samsung/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 23:36:44 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Sun, 08 Jan 2023 23:36:44 GMT
X-Firefox-Spdy: h2
earnme.club/wp-content/themes/bloggingpro/js/javascript-plugin-min.js?ver=1.3.4
157.90.71.190200 OK 15 kB URL HTTP/2 earnme.club/wp-content/themes/bloggingpro/js/javascript-plugin-min.js?ver=1.3.4
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (31911)
Hash cb7a12e88fefedfcdfb84aa5bdcd0074
6d5487ae9d1f8e4ee55a3a0248dee3374584cd32
f36e64985ba539851c169648463e2d00218a412165f5267eaaf160d1aaf657d1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bloggingpro/js/javascript-plugin-min.js?ver=1.3.4 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/galaxy-m32-from-samsung/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 23:36:44 GMT
content-type: application/javascript
last-modified: Sun, 01 Jan 2023 07:20:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14838
date: Sun, 08 Jan 2023 23:36:44 GMT
X-Firefox-Spdy: h2
earnme.club/wp-content/themes/bloggingpro/js/infinite-scroll-custom.js?ver=1.3.4
157.90.71.190200 OK 6.7 kB URL HTTP/2 earnme.club/wp-content/themes/bloggingpro/js/infinite-scroll-custom.js?ver=1.3.4
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (17739)
Hash 7751a79a4b05c1d9a91f1ca0e71d4d54
fc548c276847e84b0e4bb0e792558fe1932717d0
b2d26d65f099aceb4a4dd06690065bee25dd5adc3ca5ffddf019185e2e13ae5e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bloggingpro/js/infinite-scroll-custom.js?ver=1.3.4 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/galaxy-m32-from-samsung/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 23:36:44 GMT
content-type: application/javascript
last-modified: Sun, 01 Jan 2023 07:20:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6749
date: Sun, 08 Jan 2023 23:36:44 GMT
X-Firefox-Spdy: h2
earnme.club/wp-content/themes/bloggingpro/js/customscript.js?ver=1.3.4
157.90.71.190200 OK 1.8 kB URL HTTP/2 earnme.club/wp-content/themes/bloggingpro/js/customscript.js?ver=1.3.4
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (385)
Hash d1901b59e132e910c7503c6104fd558b
611f7b99fffe08605e4c5fdeee02141f6316ae8a
5cf7206ecfb818b82e1651f753a695786b3ad25c14270f6d1b61c33b7ecf7f41
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/bloggingpro/js/customscript.js?ver=1.3.4 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/galaxy-m32-from-samsung/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 23:36:44 GMT
content-type: application/javascript
last-modified: Sun, 01 Jan 2023 07:20:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1843
date: Sun, 08 Jan 2023 23:36:44 GMT
X-Firefox-Spdy: h2
earnme.club/wp-includes/js/comment-reply.min.js?ver=6.1.1
157.90.71.190200 OK 1.2 kB URL HTTP/2 earnme.club/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2946)
Hash 7d8acf37582bf5212cbf4e31105de2ac
19581f31ceed66b11804eb6a2b3d00d43f73f071
d48d28cdb9d3dd8b812129663e5cc8b373b67629e2e65988d2b274960f7b847f
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: earnme.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/galaxy-m32-from-samsung/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 15 Jan 2023 23:36:44 GMT
content-type: application/javascript
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1228
date: Sun, 08 Jan 2023 23:36:44 GMT
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 08 Jan 2023 23:33:44 GMT
age: 180
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b2607e0dfc0aa5187c1ff5b2d59a0f52
0d61e67262df0ed93f1731235be83e834d90da7b
055e6e33bb49e23042a5bc011fcc40fdde161996d4e1d94de60657f673e86ece
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2825
Cache-Control: max-age=89582
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:44 GMT
Etag: "63ba0371-118"
Expires: Tue, 10 Jan 2023 00:29:46 GMT
Last-Modified: Sat, 07 Jan 2023 23:42:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd1d39135eb079c9842a1696f1c3bacf
ee41d3b22fed5948c20a6d1639b6955a4252fc11
c1f219c13b6c6e622515b78d1549a1dacdc6fab1a2109d540e30d07a52990db5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earnme.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:28:49 GMT
expires: Thu, 04 Jan 2024 19:28:49 GMT
cache-control: public, max-age=31536000
age: 360475
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 12924, version 1.0\012- data
Hash 4610010f425c140b99c88b6819ce1c02
a7e839aa0452ceeb6228de7c15062fe82cc6d1c3
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earnme.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 08:00:18 GMT
expires: Fri, 05 Jan 2024 08:00:18 GMT
cache-control: public, max-age=31536000
age: 315386
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
151.101.1.229200 OK 764 B URL HTTP/2 cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
IP 151.101.1.229:0
File type JSON data\012- , ASCII text, with very long lines (1594), with no line terminators
Hash 846047465b50cf783ec908227af00c22
125040aef1b94498988ef2a375fb5e9b7d2b085d
120c15ce9ef264822cdbde4fb6b48fd5bc76a39ebad8dd0f5f4c9779df2aabb6
GET /gh/prebid/currency-file@1/latest.json HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.1581
x-jsd-version-type: version
etag: W/"63a-fcG4Sbk9iTqmsf8TX3+T4bUE3aM"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 08 Jan 2023 23:36:44 GMT
age: 27356
x-served-by: cache-fra-eddf8230021-FRA, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 764
X-Firefox-Spdy: h2
player.avplayer.com/script/2/v/avcplayer.js
95.101.10.130200 OK 61 kB URL HTTP/2 player.avplayer.com/script/2/v/avcplayer.js
IP 95.101.10.130:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9dff0335699f04080269947f40c366ae
8447df4f8b168d9c506630f96ef95002c2c6eb28
157b5912ad26a879f38d0dafb1fce2def6df3168a08f991d6203463375fa32fc
GET /script/2/v/avcplayer.js HTTP/1.1
Host: player.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtZ2x7QcCjowFwcgLYXUBzUI8DF40J2wcIgC0alJF1a4mWq2YhfFMaDZbLWP1fid-4S0D62yU8xaNB8EJY5KJRnvrlX0A
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
etag: "9dff0335699f04080269947f40c366ae"
x-goog-generation: 1646327924579580
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 61326
content-type: application/javascript
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=DITkQg==, md5=nf8DNWmfBAgCaZR/QMNmrg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 61326
server: UploadServer
unused62: 8096267
cache-control: public, max-age=300
expires: Sun, 08 Jan 2023 23:41:44 GMT
date: Sun, 08 Jan 2023 23:36:44 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27d78738a9609be605b9885f7a5f90e1
cc0794b5d6eff980221081c785662ffa3f770f13
388060a0450ea600c005936f51fbb7e7779ab49eb33044141926cfdb2cf01be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
flashnetic.com/c/tvdi2ru09cf0ymc0mwei9.json
54.230.111.81200 OK 1.6 kB URL HTTP/2 flashnetic.com/c/tvdi2ru09cf0ymc0mwei9.json
IP 54.230.111.81:0
File type JSON data\012- , ASCII text, with very long lines (1553), with no line terminators
Hash 33d98cba57a28b885c123495ff78571c
6e7f0f62bdbe8168ee0a7f714039e7496a81da60
b5bb863c6910d0c861eeeaa51d06324486b9d280f11a11ccfd77c305283fa912
GET /c/tvdi2ru09cf0ymc0mwei9.json HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 1553
last-modified: Thu, 10 Nov 2022 13:02:28 GMT
x-amz-version-id: qsp7d0tsTDbCsoRHwVoQTtR594IYsbh7
accept-ranges: bytes
server: AmazonS3
date: Sun, 08 Jan 2023 02:56:51 GMT
etag: "33d98cba57a28b885c123495ff78571c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: unsmbkdT6aScWbuondNw3AA2JNdf9RQpFtoOMGdjjpjLr1nsj0i-vA==
age: 74394
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (39504)
Hash ef38f4159257f47fe2cf8e260f9af8af
288e8675f18d6eab8b80d96ffbdfd92f77962283
7d1678577e451b96e80ff74d58831239ae3150ab9582f6e2f63aa78ebc36e430
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27578
date: Sun, 08 Jan 2023 23:36:44 GMT
expires: Sun, 08 Jan 2023 23:36:44 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1446 / 95 of 1000 / last-modified: 1673046307"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash 44641c366b3fcc17a6a4c10353d4e0fd
14731ef57ba95fab5adf5b7f5fb9472025105b98
997108d07cd384a95fce3503dafb25ecb987208a40dc4053266540a67d4e8c28
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 23:36:44 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "F8580909BD10FBE373A6F1438F5037CD4B88B373"
Expires: Mon, 09 Jan 2023 11:00:00 GMT
Last-Modified: Sun, 08 Jan 2023 23:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 165
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7868c1cf3d4ffab4-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 54ac41a005cad66e958c904071ea1d4f
66932889be57eb15ab99237a69d292b12090c68d
52545e144a7ca5c37c5369d5f5b566b4e5e820b1920ab7fe8e413e7fe022e21b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 156
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:44 GMT
Etag: "63ba87aa-1d7"
Last-Modified: Sun, 08 Jan 2023 23:34:08 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
172.217.21.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KXJCD57
IP 172.217.21.168:0
File type ASCII text, with very long lines (13929)
Hash 3a334ad036e5cfd565d7e108065e029f
3878da4b980ffebbcc3c029489215032fd857bf0
910007d418fbc7d6d0379a212c17c63bbaa2e34b043021a276992f214d7a51bc
GET /gtm.js?id=GTM-KXJCD57 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 08 Jan 2023 23:36:44 GMT
expires: Sun, 08 Jan 2023 23:36:44 GMT
cache-control: private, max-age=900
last-modified: Sun, 08 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44445
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27d78738a9609be605b9885f7a5f90e1
cc0794b5d6eff980221081c785662ffa3f770f13
388060a0450ea600c005936f51fbb7e7779ab49eb33044141926cfdb2cf01be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 67efa309cd1a12359fd7a5f70e366655
85ee5c0f2d9deeacbfe1a38bd18eb724138f066c
6872e796d42a65959b21ea56670a5c11643aa3bc06d51275b68dd3b23b0e1844
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 45773c34877b1ad3f03e0b1d618883f6
614268898fe2e459bcb999cd9bbaf64f582fe0e6
374280f3906dd5f7fbbd9a031a22847662f58e1accd4473d394e11cdc44836bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "374280F3906DD5F7FBBD9A031A22847662F58E1ACCD4473D394E11CDC44836BC"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5152
Expires: Mon, 09 Jan 2023 01:02:36 GMT
Date: Sun, 08 Jan 2023 23:36:44 GMT
Connection: keep-alive
cat.hbwrapper.com/
192.241.157.60200 OK 15 B IP 192.241.157.60:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash 0f0479874bf6f4a7281099b15df27c27
55a490e280d48996e564d00492437eb17faadd28
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
POST / HTTP/1.1
Host: cat.hbwrapper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 150
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 23:36:44 GMT
Server: Apache
Access-Control-Allow-Origin: https://earnme.club
Access-Control-Allow-Credentials: true
Content-Length: 15
Connection: close
Content-Type: text/html; charset=UTF-8
player.avplayer.com/script/2/2.55/libs/hls.min.js
95.101.10.130200 OK 72 kB URL HTTP/2 player.avplayer.com/script/2/2.55/libs/hls.min.js
IP 95.101.10.130:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 7888b98658e8cef4a98786556ccdab66
d52a58a8e2463dba71947783a8485dcd023100d1
ea7bca216f10e44bd3b4febb9f5a6e6e2f72059b55441e2823ceb3a2be03e161
GET /script/2/2.55/libs/hls.min.js HTTP/1.1
Host: player.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdswtXfPobwZQBNRWSaygqgLxMfZKQIyBk4lD4bDeV2HPBpSI8iDPwcdy2rz__Fy4LgZZMP20lrR-Z47sEE3oWVuU1ogFQ
last-modified: Sun, 10 Jan 2021 14:52:52 GMT
etag: "7888b98658e8cef4a98786556ccdab66"
x-goog-generation: 1610290372874389
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 71831
content-type: application/javascript
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 71831
server: UploadServer
unused62: 8096267
cache-control: public, max-age=300
expires: Sun, 08 Jan 2023 23:41:44 GMT
date: Sun, 08 Jan 2023 23:36:44 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 9625ad1e6afeab7baa32d61b006d581e
11114207ed433f67e37a482ae1b2ca155b305e52
a1dac4212584d5254187eff874adb578d1d212ea705e1f023486985fc3c6b30f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 08 Jan 2023 23:36:44 GMT
Etag: "63ba8207-1d7"
Last-Modified: Sun, 08 Jan 2023 22:41:10 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sdbHQszAES8wYvrWBfrADMGLBZmW7lF8tDGldUIF-xr2VGYNmQAsQA==
Age: 3334
push.services.mozilla.com/
35.163.1.35101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.1.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ec7w8QrSZ3l/mj5+Spyh2A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: g4AqzgcG+SmAo7lorJg7D4wsxBQ=
player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f
2.18.173.99200 OK 118 kB URL HTTP/2 player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f
IP 2.18.173.99:0
File type Unicode text, UTF-8 text, with very long lines (44568), with LF, NEL line terminators
Size 118 kB (118439 bytes)
Hash 2e7713ef8ceb2519e96434505ca796dd
8bf18962041fa14b78d2c24370dad531a50ca767
90653680cc2fb826c7843e5c56ac886d8498a2efd04b4a34448aad1f41391c3d
GET /script/6.1/AVmanager.js?v=1.0&type=s&pid=62176a72a06fe80ba569d18f HTTP/1.1
Host: player.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdubWioJhaXolM6gF9v0m7CrTexCSUO_F6bzk_M68lTJdZjgsOlog_pY1OQXLinKP2CLwcD80xGZ0zNLsEoi-PMqasEoJzEE
last-modified: Tue, 03 Jan 2023 09:10:45 GMT
etag: "2e7713ef8ceb2519e96434505ca796dd"
x-goog-generation: 1672737045117191
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 118439
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=lxrlyQ==, md5=LncT74zrJRnpZDRQXKeW3Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 118439
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
cache-control: public, max-age=600
expires: Sun, 08 Jan 2023 23:46:45 GMT
date: Sun, 08 Jan 2023 23:36:45 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cef9f34e7fbbb559f1b5a930f344e5c4
8a591ae0bb871f3f2d77382032d08e7909b9abd5
20ddb0adbc0c337b57d25af9e74305125b01b8c21be330925e1fa08abd7464ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20DDB0ADBC0C337B57D25AF9E74305125B01B8C21BE330925E1FA08ABD7464FF"
Last-Modified: Sat, 07 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18837
Expires: Mon, 09 Jan 2023 04:50:42 GMT
Date: Sun, 08 Jan 2023 23:36:45 GMT
Connection: keep-alive
c.neodatagroup.com/adapex.js
152.199.21.175200 OK 9.0 kB URL HTTP/2 c.neodatagroup.com/adapex.js
IP 152.199.21.175:0
File type ASCII text, with very long lines (1134)
Hash 8602b796117f94af40ee5415f4bb65a3
492ba2ad4438b5089c4e38c5a21b98ef00525fd3
454c67da3d26ab3635924b62a436784998d3be2df208d7e8484bd46837df7f65
GET /adapex.js HTTP/1.1
Host: c.neodatagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
age: 3753
cache-control: max-age=7200
content-md5: OIr+Ki+Hl0Wt1GYJISUy4g==
content-type: text/javascript
date: Sun, 08 Jan 2023 23:36:45 GMT
etag: "0x8DAEE606325EA36+gzip"
expires: Mon, 09 Jan 2023 01:36:45 GMT
last-modified: Wed, 04 Jan 2023 14:31:37 GMT
server: ECAcc (ska/F757)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: d8e5ff2d-401e-0014-64b1-2393aa000000
x-ms-version: 2014-02-14
content-length: 9023
X-Firefox-Spdy: h2
cdn.playstream.media/logo.png
89.187.169.47200 OK 1.3 kB URL HTTP/2 cdn.playstream.media/logo.png
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type PNG image data, 32 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash b0fb81e9e278d867bb73f8a6cde236f2
ca10201696f69919ff9541bb549de2d0b065eb8e
875a318ebf906866ab16eb2e848924b12c38f7d33ae1c6e72244aba92faa9b7b
GET /logo.png HTTP/1.1
Host: cdn.playstream.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
content-type: image/png
content-length: 1265
server: BunnyCDN-DE1-756
cdn-pullzone: 1027527
cdn-uid: 6740a699-531f-4e34-81bd-7039b1357022
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 19 Jan 2021 07:48:16 GMT
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 11/21/2022 14:10:19
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 2b6fadc7400c06bdebcf3e7d75e489d0
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
track1.aniview.com/track?pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&cb=1673220991980&r=earnme.club&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d65=&d66=7&e=playerLoaded&str=viewable
52.204.220.125200 OK 0 B URL HTTP/2 track1.aniview.com/track?pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&cb=1673220991980&r=earnme.club&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d65=&d66=7&e=playerLoaded&str=viewable
IP 52.204.220.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track?pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&cb=1673220991980&r=earnme.club&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d65=&d66=7&e=playerLoaded&str=viewable HTTP/1.1
Host: track1.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3de89399b7774f220eed3922d6dd283c
e62431b57c768ed4e2cad0d8d3762b00a9b7f659
a9671891ed00135b672d2996dfe1cecf6d3c6b38b0bb53a5eced164eeaba481f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 467
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:45 GMT
Etag: "63b9f557-117"
Last-Modified: Sun, 08 Jan 2023 23:28:58 GMT
Server: ECS (amb/6B80)
X-Cache: HIT
Content-Length: 278
flashnetic.com/r/p.html?f=qirbwuar&e=1833548723549
54.230.111.81200 OK 4.3 kB URL HTTP/2 flashnetic.com/r/p.html?f=qirbwuar&e=1833548723549
IP 54.230.111.81:0
Hash 344345e41b47cffebcd3cf94672621a7
06687dc49c033aec959a857866a2b5b74968868f
10ea693789c0d726bb89aa936be7c98f69af89688619424583e1222049aac263
GET /r/p.html?f=qirbwuar&e=1833548723549 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VFnDlms8U-6AKcDcW1ZYOfcfMx8MsyAS0CAKZz7MhCwKe0_JzunOOQ==
age: 65161
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
hb.adpone.com/prebid7.19.0.js
104.26.10.25200 OK 125 kB URL HTTP/2 hb.adpone.com/prebid7.19.0.js
IP 104.26.10.25:0
File type ASCII text, with very long lines (64662)
Size 125 kB (124716 bytes)
Hash e3fc87f4241c81504686107d8eed1c52
63017ea19b6c5429ab072fc18fd68e1824f81a17
ae763b970ccd84b3b659d9c663e1d0a75f396da4b55fd69bdc8e2dd35a3f61c6
GET /prebid7.19.0.js HTTP/1.1
Host: hb.adpone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
content-type: application/javascript
x-amz-id-2: z8zPPgpChpmPHjrETbNpCXccjPHhgx/GJFcxrGv5xpYywnazjILxUOl1MmK1mgPPDqHEJdhQRpw=
x-amz-request-id: AZB8RQQA6SHSSEK2
last-modified: Tue, 25 Oct 2022 11:05:38 GMT
etag: W/"c5676242a8c3f69dca478f87ab473b3a"
x-amz-version-id: mrzpmMNa6L0T_nTXd2e.MsW_mFVsXsAR
cache-control: max-age=14400
cf-cache-status: HIT
age: 110
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AS4ItU3K20kv0aPghpZDx0MgUHK5ecgc0%2Fam5Wsgk8Yt2oLbCczAR2AGQ3NObVpGJ82AGj2sczLQaq2sT8DyyRmeN3zi3JyvI5kD9tRjJiM5UFwfkBjvdIBR%2FzWou1I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7868c1d21a59b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=wjdvbcn&e=1833548723549
54.230.111.81200 OK 3.3 kB URL HTTP/2 flashnetic.com/r/p.html?f=wjdvbcn&e=1833548723549
IP 54.230.111.81:0
Hash 32fcae105d269a590292487ec200f626
6981958bc0c957a4e5bb6617ab334fad4a7f7479
5de9f62645e04fbeb28d8f3b52bef076de9d29baf8f7a5db56e20e14c71983d2
GET /r/p.html?f=wjdvbcn&e=1833548723549 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PkxRVXF5x4qs4IdAyFAUS9wdqqxdyLVlx5aipY-E35b7TdEVWnow0w==
age: 65161
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=100&e=cpll&cb=1673220992217
54.159.150.233200 OK 0 B URL HTTP/2 track1.avplayer.com/ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=100&e=cpll&cb=1673220992217
IP 54.159.150.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ctrack?pt=2&cmid=&cwid=&cvid=&pid=62176a72a06fe80ba569d18f&r=earnme.club&sn=&cd1=&cd2=&cd3=&app=&wi=640&he=361&test=&vi=100&e=cpll&cb=1673220992217 HTTP/1.1
Host: track1.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
track1.aniview.com/track?r=earnme.club&sn=&ic=0&tgt=0&app=&wi=640&he=361&test=&d36=6.2.71&apppkg=&fv=1&proto=https&clsid=335a844e-2ac7-44bb-bdd7-408bfd98a7f9&rando=8&pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&e=inventory&vi=100&cb=1673220992612
52.204.220.125200 OK 0 B URL HTTP/2 track1.aniview.com/track?r=earnme.club&sn=&ic=0&tgt=0&app=&wi=640&he=361&test=&d36=6.2.71&apppkg=&fv=1&proto=https&clsid=335a844e-2ac7-44bb-bdd7-408bfd98a7f9&rando=8&pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&e=inventory&vi=100&cb=1673220992612
IP 52.204.220.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track?r=earnme.club&sn=&ic=0&tgt=0&app=&wi=640&he=361&test=&d36=6.2.71&apppkg=&fv=1&proto=https&clsid=335a844e-2ac7-44bb-bdd7-408bfd98a7f9&rando=8&pid=62176a72a06fe80ba569d18f&cid=6278fd47e6b0901a49776895&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&e=inventory&vi=100&cb=1673220992612 HTTP/1.1
Host: track1.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bb46c21e1a21e8eda8c576ecccaa9110
3f1506307cecbf8ebeacc249c263d1a77201989a
5e09573a668d9ab531d57fca1579ee776baefd485287f80197b55b3837b329f2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5005
Cache-Control: max-age=96818
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:45 GMT
Etag: "63ba1732-1d7"
Expires: Tue, 10 Jan 2023 02:30:23 GMT
Last-Modified: Sun, 08 Jan 2023 01:06:58 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 40e3f0b02ca1b2d588857fcefdf543ac
a74be965534efd6c0071fe329adff03f22177d2b
60a3448b4f68a0e9816a37ec8a2b892c01cad7fec2357005ffb09c2450f4de69
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2666
Cache-Control: max-age=161770
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:45 GMT
Etag: "63bb1e0d-1d7"
Expires: Tue, 10 Jan 2023 20:32:55 GMT
Last-Modified: Sun, 08 Jan 2023 19:48:29 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash d58dd5b9395dcdec8d83f39b5b743146
3c91b7e75d5c805fc0442cce1da1fc36c856cf16
77cfcae8aff8b76845f3a2c0eb37c729772e17d7a1bfc9d8b25481ec324daa06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5950
Cache-Control: max-age=136655
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:45 GMT
Etag: "63baaf1e-13a"
Expires: Tue, 10 Jan 2023 13:34:20 GMT
Last-Modified: Sun, 08 Jan 2023 11:55:10 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f4de05cd104c1b2b4efa2cc9dd03b16
ee5130e0807595d354b876a50f9930aa3c1da147
c88444af51d536aadcc2aa957835407087ddc9104862c79aecaaf87256fe3cc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1596
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:45 GMT
Last-Modified: Sun, 08 Jan 2023 23:10:09 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash bd47d480177832e51cb740ae1f577f85
2998fd93ca01c928ac7ccdc3ad4fe8d9cf7c328e
b4c8d946d4269cbaf6ad1100d9d2cdcddbb5c4002612ce9aaad1e92bb095c20f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4308
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:45 GMT
Last-Modified: Sun, 08 Jan 2023 22:24:57 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 80bbd09fbb243fbd954bb8c166ad540c
e7d8c584dc531644833ef11fd2fd91a7907f51b7
c8f1eeb1f8abae0da9f569a1678f04e331d55a83098e6c0c4cb30987f51bdd7b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4653
Cache-Control: max-age=93225
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:45 GMT
Etag: "63ba0a89-1d7"
Expires: Tue, 10 Jan 2023 01:30:30 GMT
Last-Modified: Sun, 08 Jan 2023 00:12:57 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 536
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:45 GMT
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=30679764993&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=30679764993&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=30679764993&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 550
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://earnme.club
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3e9f0e716c59b12f1c75bc8844d843ff
8000ee588b047f5fb420bc08318c4f557aae481a
603977eae5886727194af6d3f3eb44e973b45fc40f34ee254809b9e0672591c1
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 753
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:45 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://earnme.club
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 9cbc77f8-f11d-4fb1-9391-a775da6ce623
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMI2n7Z0GOAFAAUgBEI2n7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:45 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=3608583027779161956; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:45 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 401
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:44 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F21671350435%2C22687820958%2F300x250-earnme.club_._2&tk_flint=pbjs_lite_v7.19.0&x_source.tid=4068bfb3-8d82-492e-920d-ebb0e10d63b1&l_pb_bid_id=215674e5b214d5&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6873289533041158
213.19.162.21200 OK 424 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F21671350435%2C22687820958%2F300x250-earnme.club_._2&tk_flint=pbjs_lite_v7.19.0&x_source.tid=4068bfb3-8d82-492e-920d-ebb0e10d63b1&l_pb_bid_id=215674e5b214d5&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6873289533041158
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (424), with no line terminators
Hash 3cbc46ebcdb02e2f298f92260b41936b
b7a35f0a717bb9645e4f1a41297a6a554b430b42
e29bf118697fa4e7805206c205086f78122b32e6be544a0f71535a5e4dc2d1f5
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F21671350435%2C22687820958%2F300x250-earnme.club_._2&tk_flint=pbjs_lite_v7.19.0&x_source.tid=4068bfb3-8d82-492e-920d-ebb0e10d63b1&l_pb_bid_id=215674e5b214d5&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6873289533041158 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:45 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0L2MF-B-362I; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:45 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|SDziDG3X/Ejb5Al2G39+T+9DtVM30fCgAsJ0442xJm8sNZYgjvK1cnvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:45 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 424
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 518 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (879), with no line terminators
Hash 93ddbe8000577c79c9534bf4a8dd476e
175f6d3bf0cd3d7b6b347a2604beda36d1cdaaf7
1e2ec15b6855ed8d4e167b260640439e3697ba21dd3da4f99b1cc2916f922b1f
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 400
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:44 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:45 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:45 GMT; domain=.smartadserver.com; path=/
pid=5036724271733401638; expires=Mon, 08 Jan 2024 23:36:45 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088178054913445&o=1; expires=Mon, 09 Jan 2023 23:36:45 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:45 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8fd95f99c767ca2559dfa76e78fa1ddd
1bcfa611a72225e6cd9cfedf6d03a43aa525946f
01595b34ecb16f26e964615a0b43bc3a886e2c15a027314af991d4ccd56e64cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 53e4963971e19408d4cf264bd653599d
271fa6d9b5843b97d579a713fbb48b388c61eba0
c3245e3793f7aab542ba2b4b719f5145a45ba29d536456ad629a364ab2df400b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=earnme.club
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=earnme.club
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=earnme.club HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 08 Jan 2023 23:36:45 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=earnme.club
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=earnme.club
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=earnme.club HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 08 Jan 2023 23:36:45 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
p.gcprivacy.com/t/gcid_s.min.js
54.230.111.25200 OK 9.5 kB URL HTTP/2 p.gcprivacy.com/t/gcid_s.min.js
IP 54.230.111.25:0
File type Unicode text, UTF-8 text, with very long lines (9498)
Hash dac6676675972d00f4ec994de0578005
4b0a99773e109d54cf705ac198930869069e3de6
8548fa5f198e18b0feca552d0f369f4c9fc15b9990ef9d28ab2fc556f3e8153e
GET /t/gcid_s.min.js HTTP/1.1
Host: p.gcprivacy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 9500
date: Sun, 08 Jan 2023 15:38:10 GMT
last-modified: Fri, 06 Jan 2023 15:37:53 GMT
etag: "dac6676675972d00f4ec994de0578005"
x-amz-server-side-encryption: AES256
x-amz-version-id: sbZKwqqxtvM50Otwl3WJaXFYTCAIgKPH
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tp0to40g-W_iKiKWltRP8W6GAlb2osQYIXpef3xPvdLKDWIWi0we6g==
age: 28716
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 261 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2fbd77b09b8dd5c20fcfd6e4b54c1809
1e8fc840fcee7b4a3814cd7401d9eeea3df0e598
72dca718e89e339954883c4449ab234370b2f8f1e24ef94e619f74829dcbbc6b
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1028
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:45 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 261
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://earnme.club
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 67591965-6264-4d55-9540-0e29e803701e
Set-Cookie: icu=ChgI3uM8EAoYASABKAEwjaftnQY4AUABSAEQjaftnQYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:45 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=7677984582079653800; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:45 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
shb.richaudience.com/hb/
162.55.101.208200 OK 492 B IP 162.55.101.208:0
ASN #24940 Hetzner Online GmbH
Hash 6f87431b85bbb293000f882d287b9487
d50905d7fd51907408f92ee80699e57f79997de7
aa3bcc18958a0d3c2d7f408cbe5394c5a130bcdcc6c0ae9c27e2b392429bc0c0
POST /hb/ HTTP/1.1
Host: shb.richaudience.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 679
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.1
date: Sun, 08 Jan 2023 23:36:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8fd95f99c767ca2559dfa76e78fa1ddd
1bcfa611a72225e6cd9cfedf6d03a43aa525946f
01595b34ecb16f26e964615a0b43bc3a886e2c15a027314af991d4ccd56e64cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.27.0&cb=65715013046&lsavail=1
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.27.0&cb=65715013046&lsavail=1
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.27.0&cb=65715013046&lsavail=1 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1298
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:44 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://earnme.club
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2363565dfbac662b8e1cd0719a2bc887
336dd95af97a5adc4031c8cee8d5f1f11a87271a
41b7ba648bea9a0f9f765d01792c85f4376ec5e43c6edcdc13668c3a9665eb9f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6074
Cache-Control: max-age=137847
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:45 GMT
Etag: "63bab34a-118"
Expires: Tue, 10 Jan 2023 13:54:12 GMT
Last-Modified: Sun, 08 Jan 2023 12:12:58 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294686&size_id=2&alt_size_ids=55&p_pos=atf&rp_schain=1.0,1!adapex.io,s1602,1,85dd4728-5c37-4f51-96d0-98f05c288d5b,,&eid_pubcid.org=d2c4415e-cbae-4bac-9dd4-c8774095a49f%5E1&rf=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_1&tg_i.gpid=%2F22181265%2Femc_300v_1&tk_flint=pbjs_lite_v7.27.0&x_source.tid=7b9ea1f8-9afe-44c8-af4f-644453793e02&l_pb_bid_id=35e2e4682db72ad8&p_screen_res=1280x1024&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_1&slots=1&rand=0.12115479079151903
213.19.162.21200 OK 445 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294686&size_id=2&alt_size_ids=55&p_pos=atf&rp_schain=1.0,1!adapex.io,s1602,1,85dd4728-5c37-4f51-96d0-98f05c288d5b,,&eid_pubcid.org=d2c4415e-cbae-4bac-9dd4-c8774095a49f%5E1&rf=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_1&tg_i.gpid=%2F22181265%2Femc_300v_1&tk_flint=pbjs_lite_v7.27.0&x_source.tid=7b9ea1f8-9afe-44c8-af4f-644453793e02&l_pb_bid_id=35e2e4682db72ad8&p_screen_res=1280x1024&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_1&slots=1&rand=0.12115479079151903
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (445), with no line terminators
Hash 50d70c73998cbc03eedfcd593320d4d8
e29867c53a978ba2736806199bf59d608f17e83f
ecc4e980bf632068d76b1607d616fac85496b8ad49095361d64bb8f74de412ff
GET /a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294686&size_id=2&alt_size_ids=55&p_pos=atf&rp_schain=1.0,1!adapex.io,s1602,1,85dd4728-5c37-4f51-96d0-98f05c288d5b,,&eid_pubcid.org=d2c4415e-cbae-4bac-9dd4-c8774095a49f%5E1&rf=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_1&tg_i.gpid=%2F22181265%2Femc_300v_1&tk_flint=pbjs_lite_v7.27.0&x_source.tid=7b9ea1f8-9afe-44c8-af4f-644453793e02&l_pb_bid_id=35e2e4682db72ad8&p_screen_res=1280x1024&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_1&slots=1&rand=0.12115479079151903 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:45 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0L2TY-Q-1239; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:45 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqEcZ47kCoY1u9DtVM30fCgAsJ0442xJm8sNZYgjvK1cnvs5xm8c681tq9R0N6+0FT56RUKFmksN9APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:45 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 445
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e5336678c17c977c68dce722c73545fa
68f1d4040e7f4948869c2fa05d0d3a5d8ea32365
56b44c2b75914d22abef7f4c1c032ab5b7e001adaa5e0984841e0ce92250d906
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 156
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:45 GMT
Last-Modified: Sun, 08 Jan 2023 23:34:10 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294692&size_id=15&alt_size_ids=16&p_pos=btf&rp_schain=1.0,1!adapex.io,s1602,1,85dd4728-5c37-4f51-96d0-98f05c288d5b,,&eid_pubcid.org=d2c4415e-cbae-4bac-9dd4-c8774095a49f%5E1&rf=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_2&tg_i.gpid=%2F22181265%2Femc_300v_2&tk_flint=pbjs_lite_v7.27.0&x_source.tid=19473d94-95c5-4f3f-a5be-4a8c7b864316&l_pb_bid_id=36628fe2abf64df8&p_screen_res=1280x1024&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_2&slots=1&rand=0.8800838335158883
213.19.162.21200 OK 446 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294692&size_id=15&alt_size_ids=16&p_pos=btf&rp_schain=1.0,1!adapex.io,s1602,1,85dd4728-5c37-4f51-96d0-98f05c288d5b,,&eid_pubcid.org=d2c4415e-cbae-4bac-9dd4-c8774095a49f%5E1&rf=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_2&tg_i.gpid=%2F22181265%2Femc_300v_2&tk_flint=pbjs_lite_v7.27.0&x_source.tid=19473d94-95c5-4f3f-a5be-4a8c7b864316&l_pb_bid_id=36628fe2abf64df8&p_screen_res=1280x1024&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_2&slots=1&rand=0.8800838335158883
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (446), with no line terminators
Hash 0ecd8f649354f6e0d3060892934334fc
1f56b94e6bf054533e0b33c327835ee4591537e8
f718778150c2b677a94200def0548a10bd37d2792bc33faffdda6381025552ff
GET /a/api/fastlane.json?account_id=17262&site_id=409752&zone_id=2294692&size_id=15&alt_size_ids=16&p_pos=btf&rp_schain=1.0,1!adapex.io,s1602,1,85dd4728-5c37-4f51-96d0-98f05c288d5b,,&eid_pubcid.org=d2c4415e-cbae-4bac-9dd4-c8774095a49f%5E1&rf=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.page=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&tg_i.domain=earnme.club&tg_i.pbadslot=%2F22181265%2Femc_300v_2&tg_i.gpid=%2F22181265%2Femc_300v_2&tk_flint=pbjs_lite_v7.27.0&x_source.tid=19473d94-95c5-4f3f-a5be-4a8c7b864316&l_pb_bid_id=36628fe2abf64df8&p_screen_res=1280x1024&rp_secure=1&rp_hard_floor=0.01&rp_maxbids=1&p_gpid=%2F22181265%2Femc_300v_2&slots=1&rand=0.8800838335158883 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:45 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0L2U2-10-31SV; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:45 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|SDziDG3X/EjUjve7JvGbGe9DtVM30fCgAsJ0442xJm8sNZYgjvK1cnvs5xm8c681tq9R0N6+0FT56RUKFmksN9APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:45 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 446
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4b42628e27b40774d8f4c75501c9118c
d19f5a2927c8c6acf4109ed8a75b45b1ca2a7a6f
521990659a97114f515ddd2edbc5c55f7d7959bfebb9713fde3565c146d26bb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "521990659A97114F515DDD2EDBC5C55F7D7959BFEBB9713FDE3565C146D26BB8"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8434
Expires: Mon, 09 Jan 2023 01:57:19 GMT
Date: Sun, 08 Jan 2023 23:36:45 GMT
Connection: keep-alive
ads.pubmatic.com/AdServer/js/pwt/157742/7600
2.18.172.200301 Moved Permanently 261 B URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/157742/7600
IP 2.18.172.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 062136e3a621e033fe962c1b279eec4c
d38b6ab78d6b6ccf1cc926379e426c9780c90eb2
c0ab28cf312ba7e04fdeabf8173ca9e1809281aa9fde276981842e71020c2c41
GET /AdServer/js/pwt/157742/7600 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: Apache
location: https://ads.pubmatic.com/AdServer/js/pwt/157742/7600/
content-length: 261
content-type: text/html; charset=iso-8859-1
cache-control: max-age=97122
expires: Tue, 10 Jan 2023 02:35:27 GMT
date: Sun, 08 Jan 2023 23:36:45 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 66176e50895129d304d5f5956c20cc58
de651f8f2abbb4b0372cb9bd64a94a7554106ea3
516f10bb4b465e652c933f29689afa90c87041f1656be57167877cf3ef3c4968
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 449
Cache-Control: max-age=118933
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:45 GMT
Etag: "63ba7f62-1d7"
Expires: Tue, 10 Jan 2023 08:38:58 GMT
Last-Modified: Sun, 08 Jan 2023 08:31:30 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
track1.aniview.com/track?d=Firefox&cou=NO&cos=Windows&r=earnme.club&rs=earnme.club&sid=4723&t=1673221005&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=&d64=8375da1292e5b8c9bafd543f3871cad6&d63=8375da1292e5b8c9bafd543f3871cad6&aafaid=&proto=https&uid=1673221005609-963552609137-006074-007-000449&cha=0.05&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.71&cb=21749056269&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361&&ppid=62176a72a06fe80ba569d18f&nid=5e7b9048180bd02ded4b0937&pcid=6278fd47e6b0901a49776895&ncid=627a0e8f76eb182bd8758ee8&pasid=627a0ec5d3a48b4af3605f6c&e=request&cb=1673220993093&asid=63a987aaf31103e0780c6cb4%2C62a9a26be8c62b7a753672a4%2C63720057d528eb2645079ab5%2C63a987c1780a4b73f009af75%2C62a9a257b1f7be14705f5586%2C62fcc8551f0d537b70642b47%2C6332ef55cd0fcf1ceb506cc4%2C62a9a3044f8b3f11bf3a5058%2C6332ef0a396c5d5aa40539b5%2C6295fa3e088d8a77b2698777%2C62a9a2daf85a765d16158238&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1
52.204.220.125200 OK 0 B URL HTTP/2 track1.aniview.com/track?d=Firefox&cou=NO&cos=Windows&r=earnme.club&rs=earnme.club&sid=4723&t=1673221005&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=&d64=8375da1292e5b8c9bafd543f3871cad6&d63=8375da1292e5b8c9bafd543f3871cad6&aafaid=&proto=https&uid=1673221005609-963552609137-006074-007-000449&cha=0.05&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.71&cb=21749056269&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361&&ppid=62176a72a06fe80ba569d18f&nid=5e7b9048180bd02ded4b0937&pcid=6278fd47e6b0901a49776895&ncid=627a0e8f76eb182bd8758ee8&pasid=627a0ec5d3a48b4af3605f6c&e=request&cb=1673220993093&asid=63a987aaf31103e0780c6cb4%2C62a9a26be8c62b7a753672a4%2C63720057d528eb2645079ab5%2C63a987c1780a4b73f009af75%2C62a9a257b1f7be14705f5586%2C62fcc8551f0d537b70642b47%2C6332ef55cd0fcf1ceb506cc4%2C62a9a3044f8b3f11bf3a5058%2C6332ef0a396c5d5aa40539b5%2C6295fa3e088d8a77b2698777%2C62a9a2daf85a765d16158238&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1
IP 52.204.220.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track?d=Firefox&cou=NO&cos=Windows&r=earnme.club&rs=earnme.club&sid=4723&t=1673221005&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=640&he=361&app=&AV_PUBLISHERID=62176a72a06fe80ba569d18f&test=&d64=8375da1292e5b8c9bafd543f3871cad6&d63=8375da1292e5b8c9bafd543f3871cad6&aafaid=&proto=https&uid=1673221005609-963552609137-006074-007-000449&cha=0.05&stagid=62790805abc41c4450002684&stplid=6278f4f0a7dd573d85421cad&d35=&d36=6.2.71&cb=21749056269&d39=&d65=&d66=&apppkg=&d9=1000&d37=realtime&pt=2&cmid=&cwid=&cvid=&AV_WIDTH=640&AV_HEIGHT=361&&ppid=62176a72a06fe80ba569d18f&nid=5e7b9048180bd02ded4b0937&pcid=6278fd47e6b0901a49776895&ncid=627a0e8f76eb182bd8758ee8&pasid=627a0ec5d3a48b4af3605f6c&e=request&cb=1673220993093&asid=63a987aaf31103e0780c6cb4%2C62a9a26be8c62b7a753672a4%2C63720057d528eb2645079ab5%2C63a987c1780a4b73f009af75%2C62a9a257b1f7be14705f5586%2C62fcc8551f0d537b70642b47%2C6332ef55cd0fcf1ceb506cc4%2C62a9a3044f8b3f11bf3a5058%2C6332ef0a396c5d5aa40539b5%2C6295fa3e088d8a77b2698777%2C62a9a2daf85a765d16158238&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1%2C1 HTTP/1.1
Host: track1.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Cookie: aniC=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2ed1b027b4896caf979dd2753ee1d764
43866fad9ff37628984656c479f521e6b05f74ab
24117dfc0fc53323dfa65c769bc1b510b72ce7bca03b0c59388037632519d55e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3314
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:45 GMT
Last-Modified: Sun, 08 Jan 2023 22:41:31 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 313
digikulture-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&ch=UTF-8&res=1280x1024x24&ifr=false&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=7b9ea1f8-9afe-44c8-af4f-644453793e02%2C19473d94-95c5-4f3f-a5be-4a8c7b864316&nocache=1673220993047&pubcid=d2c4415e-cbae-4bac-9dd4-c8774095a49f&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&aus=970x90%2C728x90%7C300x250%2C336x280&divids=cd9f13bd-14a0-462f-aa2b-5ff02eaab996%2C68e3db78-740f-45e6-a625-12a5ad3cf3c4&aucs=%252F22181265%252Femc_300v_1%2C%252F22181265%252Femc_300v_2&auid=556580797%2C556580798&aumfs=10%2C10
34.98.64.218200 OK 79 B URL HTTP/2 digikulture-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&ch=UTF-8&res=1280x1024x24&ifr=false&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=7b9ea1f8-9afe-44c8-af4f-644453793e02%2C19473d94-95c5-4f3f-a5be-4a8c7b864316&nocache=1673220993047&pubcid=d2c4415e-cbae-4bac-9dd4-c8774095a49f&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&aus=970x90%2C728x90%7C300x250%2C336x280&divids=cd9f13bd-14a0-462f-aa2b-5ff02eaab996%2C68e3db78-740f-45e6-a625-12a5ad3cf3c4&aucs=%252F22181265%252Femc_300v_1%2C%252F22181265%252Femc_300v_2&auid=556580797%2C556580798&aumfs=10%2C10
IP 34.98.64.218:0
File type JSON data\012- , ASCII text
Hash bf7c8f3305f1fea096b653635ee7c454
7f79d6fd99a50236b8166419adc50693c38a7faf
bf3f1063f71fd64498fad13553f372e4e36dc425b64b89267f38b351cb4793f5
GET /w/1.0/arj?ju=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&ch=UTF-8&res=1280x1024x24&ifr=false&tz=0&tws=1280x939&be=1&bc=hb_pb_3.0.3&dddid=7b9ea1f8-9afe-44c8-af4f-644453793e02%2C19473d94-95c5-4f3f-a5be-4a8c7b864316&nocache=1673220993047&pubcid=d2c4415e-cbae-4bac-9dd4-c8774095a49f&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&aus=970x90%2C728x90%7C300x250%2C336x280&divids=cd9f13bd-14a0-462f-aa2b-5ff02eaab996%2C68e3db78-740f-45e6-a625-12a5ad3cf3c4&aucs=%252F22181265%252Femc_300v_1%2C%252F22181265%252Femc_300v_2&auid=556580797%2C556580798&aumfs=10%2C10 HTTP/1.1
Host: digikulture-d.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sun, 08 Jan 2023 23:36:45 GMT
content-type: application/json
content-length: 79
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1652
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
cache-control: max-age=0, private, must-revalidate
date: Sun, 08 Jan 2023 23:36:44 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
onetag-sys.com/prebid-request
51.89.9.252200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP 51.89.9.252:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1932
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://earnme.club
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4b05f7de9746bad3fd9cc06663286565
156f95387abbd0a4836ef3d1c63bc0f9f6262c6c
d5abed0da340b1b008eb137e6f31763d2bcb3c5745715ac87f90fe825783f9e1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 23:36:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 01:56:48 GMT
Expires: Sat, 14 Jan 2023 01:56:47 GMT
Etag: "156f95387abbd0a4836ef3d1c63bc0f9f6262c6c"
Cache-Control: max-age=439801,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7868c1d67cf2b500-OSL
flashnetic.com/r/p.html?f=lkix&e=1833548723549
54.230.111.81200 OK 5.5 kB URL HTTP/2 flashnetic.com/r/p.html?f=lkix&e=1833548723549
IP 54.230.111.81:0
Hash 92d89c54abb24c8e165241a2f65a304e
730a801cc873e66657b158853b259d0bfc693749
1c7ca930df6d625e5b3345d2fa9ecddc61ca5be663528d1c893927b7ed91914e
GET /r/p.html?f=lkix&e=1833548723549 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: l6Bj5ACj_TpIL9ewQ1U2JIflQvOPCwEuzL07zaohgbeSBkD7XYAmZg==
age: 65161
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 1b919da0360c3413f80ede0b289380df
bb570058f822a96d7d6dc9ce77022b9a787f819a
f7201f91784a701973092b42b94d91d05e734025961f9d0c7629bc3d027ca7c6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 23:36:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 07:45:28 GMT
Expires: Sat, 14 Jan 2023 07:45:27 GMT
Etag: "bb570058f822a96d7d6dc9ce77022b9a787f819a"
Cache-Control: max-age=460721,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7868c1d68e2a0b55-OSL
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e5336678c17c977c68dce722c73545fa
68f1d4040e7f4948869c2fa05d0d3a5d8ea32365
56b44c2b75914d22abef7f4c1c032ab5b7e001adaa5e0984841e0ce92250d906
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3396
Cache-Control: max-age=144876
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:45 GMT
Etag: "63bad935-1d7"
Expires: Tue, 10 Jan 2023 15:51:21 GMT
Last-Modified: Sun, 08 Jan 2023 14:54:45 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2363565dfbac662b8e1cd0719a2bc887
336dd95af97a5adc4031c8cee8d5f1f11a87271a
41b7ba648bea9a0f9f765d01792c85f4376ec5e43c6edcdc13668c3a9665eb9f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6074
Cache-Control: max-age=137847
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:45 GMT
Etag: "63bab34a-118"
Expires: Tue, 10 Jan 2023 13:54:12 GMT
Last-Modified: Sun, 08 Jan 2023 12:12:58 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 66 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f80fd71a31397f1b9ab44183dee12a2e
0b7716c7800ee52c857aa26391cd23f3bf7d403d
b3839cdb65cd80d0fdbb508bbb795ff2c04aec15302e58a8c44ede4e7e2c13e4
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1253
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
content-type: application/json;charset=utf-8
content-length: 66
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
age: 0
X-Firefox-Spdy: h2
grid.bidswitch.net/hbjson
18.185.198.187200 OK 49 B URL HTTP/2 grid.bidswitch.net/hbjson
IP 18.185.198.187:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f7ec2eb9c85e83bd1cce265e1e601a6e
5c004396336f39c5acbca1308b7ab6b0257ce065
ae42796badce2a0adebe45496aabc9b96cd32276d178d605729d2bc2ce1e423a
POST /hbjson HTTP/1.1
Host: grid.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1123
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
content-type: application/json
content-length: 49
access-control-allow-origin: https://earnme.club
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
access-control-allow-credentials: true
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 66 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 358521d3014eb524e48dc1f950aee079
603cdd571c11d7082c6709a67fada173d238a0e9
0093c3cac0e82c069c9ee3bb945e92868857ef701a89a05145d33029355addb3
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1254
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
content-type: application/json;charset=utf-8
content-length: 66
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 66 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 18d429568a3781fd35f2e12a7aab680c
a4fcff69bf697575a5be0a4122e13d4f28f2d706
496bef805e0119824dbbf9c659a1d3a41c1134e77567192bec92841d72e9e4fb
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1251
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
content-type: application/json;charset=utf-8
content-length: 66
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
18.156.195.47200 OK 66 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 18.156.195.47:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8442dd9b8b96e8e58168d5d465038e6c
459ffd51b1b12805de7955a70086de513cff81ce
05ef4a62c201b33ecd8c68598219f34f0d82690ebab68cd677efcdeff68cb063
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1252
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
content-type: application/json;charset=utf-8
content-length: 66
server: ATS/9.1.10.25
access-control-allow-origin: https://earnme.club
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
age: 0
X-Firefox-Spdy: h2
31edf8a0b4b1f1d9cbc65751203a28a1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
216.58.207.193200 OK 2.7 kB URL HTTP/2 31edf8a0b4b1f1d9cbc65751203a28a1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: 31edf8a0b4b1f1d9cbc65751203a28a1.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Sun, 08 Jan 2023 23:36:45 GMT
expires: Mon, 08 Jan 2024 23:36:45 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a70f4ba8af50cca717b378c190a68690
e849143786b922bf6d8ba82b8bf09d86c9d6f011
2abc781b5e1c00318a2d224dc14ff5e5d0f854cf46f3cb9e9d94019a902254cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2007
Cache-Control: max-age=135220
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:46 GMT
Etag: "63bab8eb-116"
Expires: Tue, 10 Jan 2023 13:10:26 GMT
Last-Modified: Sun, 08 Jan 2023 12:36:59 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
23.46.116.133200 OK 17 kB URL HTTP/2 secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
IP 23.46.116.133:0
File type Unicode text, UTF-8 text, with very long lines (36525), with NEL line terminators
Hash 65875d9adc4599663a61e744c57d3e08
da7689e79bd92cd1c676badf0fb897f045d48653
830050c7e3b735c29efa65defb4de8dc42969a8cbb12e520479f9d067a90f4bf
GET /js/pubcid/latest/pubcid.min.js HTTP/1.1
Host: secure.cdn.fastclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Thu, 13 Oct 2022 18:14:48 GMT
etag: "d4ed-5eaee7c12df48-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 17131
content-type: application/javascript
cache-control: max-age=900
expires: Sun, 08 Jan 2023 23:51:46 GMT
date: Sun, 08 Jan 2023 23:36:46 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env
142.250.74.162200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env
IP 142.250.74.162:0
File type JSON data\012- , ASCII text, with very long lines (14610), with no line terminators
Hash 089349d28c4f1b51afef71c569f70b82
238af2050c72af00921af3fcfa566c070b49251b
65f424b99a75475453340eb9125ce8f1e3bc33719708986d82ef4e927d15dae1
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sun, 08 Jan 2023 23:36:46 GMT
server: cafe
content-length: 11030
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env
142.250.74.162200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env
IP 142.250.74.162:0
File type JSON data\012- , ASCII text, with very long lines (14658), with no line terminators
Hash 21e4bc983fd41f4ba4a0d5de64cb6b74
7942ef048ecd1ed3e2fd3816e6ac33b952991903
d8b271d183ba3f645115f94f444e38474c56ce1c17bee2594eb311c427a4fe01
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sun, 08 Jan 2023 23:36:46 GMT
server: cafe
content-length: 11066
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/fXs_L39cqkM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/fXs_L39cqkM
IP 142.250.74.131:0
Hash 231bc334e7d2a5e67269cf371972bd4b
64ea570786f1c57487f09524665452621e452b71
643efcabf37884276751b8a7b8173dbd78de193fbe2e948d70179bc01fcdf3ef
POST /s/gts1d4/fXs_L39cqkM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55e53421385ceedabb535dd0c7a1d33c
9f0f6582d1a32cff4f20e3d12cde12d7e806bdb5
d464bb28c90b156d99ae6223ee5052ce1cd922b748352c21b5d90df9521de620
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D464BB28C90B156D99AE6223EE5052CE1CD922B748352C21B5D90DF9521DE620"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14542
Expires: Mon, 09 Jan 2023 03:39:08 GMT
Date: Sun, 08 Jan 2023 23:36:46 GMT
Connection: keep-alive
prebid.media.net/rtb/prebid?cid=8CUQWX43D
34.107.148.139200 OK 770 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CUQWX43D
IP 34.107.148.139:0
Hash 1d4d377f2c5ff8c02a1896794bc0de1e
ebc985622d5211524576ca9686a8ac5eae3b28da
fb8fce1addc8383e59f8b83d943330cd714087222e3f49589e1c05861667bcca
POST /rtb/prebid?cid=8CUQWX43D HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3958
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:45 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Sun, 08 Jan 2023 23:36:45 GMT
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
id5-sync.com/api/config/prebid
162.19.138.120200 135 B URL HTTP/1.1 id5-sync.com/api/config/prebid
IP 162.19.138.120:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4eb43de05ae4ccf9197d91167f082dae
d6cd93e31f2d6bcbf9aae42e82680950a1c9ea6f
480613f771d4b2960ecbcbf9f0a8435d009d8f5fd10ab14bba1b1018762708e0
POST /api/config/prebid HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 121
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 08 Jan 2023 23:36:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=hMJFiRuh3TZEs&cb=0&ws=1280x939&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22cd9f13bd-14a0-462f-aa2b-5ff02eaab996%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_1%22%7D%2C%7B%22sd%22%3A%2268e3db78-740f-45e6-a625-12a5ad3cf3c4%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_2%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22d2c4415e-cbae-4bac-9dd4-c8774095a49f%22%7D%7D
143.204.52.189200 OK 191 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=hMJFiRuh3TZEs&cb=0&ws=1280x939&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22cd9f13bd-14a0-462f-aa2b-5ff02eaab996%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_1%22%7D%2C%7B%22sd%22%3A%2268e3db78-740f-45e6-a625-12a5ad3cf3c4%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_2%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22d2c4415e-cbae-4bac-9dd4-c8774095a49f%22%7D%7D
IP 143.204.52.189:0
File type ASCII text, with no line terminators
Hash e052ef4180ff6374cab02385a283f8d1
5ede963598254d47659db157c28156b428f1f615
c78544693548249dd7d9e907618f4710f09b6366af5b482bc05e2453b9086a15
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=hMJFiRuh3TZEs&cb=0&ws=1280x939&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22cd9f13bd-14a0-462f-aa2b-5ff02eaab996%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_1%22%7D%2C%7B%22sd%22%3A%2268e3db78-740f-45e6-a625-12a5ad3cf3c4%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22181265%2Femc_300v_2%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs1602%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22pubcommon%22%3A%22d2c4415e-cbae-4bac-9dd4-c8774095a49f%22%7D%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 191
server: Server
date: Sun, 08 Jan 2023 23:36:46 GMT
x-amz-rid: 0B164JWMF4NV8B6398G1
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: k5d3UExSpGffBTxBTDicwrqBBUXcUVdcayPdDdR0T4I0o3TG6wseMw==
X-Firefox-Spdy: h2
id.crwdcntrl.net/id
52.48.35.78200 OK 43 B IP 52.48.35.78:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 90eeff5111bbbdce769d4130cc3cca3c
d62886c1a85d51814cb7f124761c5e6aca6d8933
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
GET /id HTTP/1.1
Host: id.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:46 GMT
content-type: application/json;charset=utf-8
content-length: 43
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.24.125
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5803
Expires: Mon, 09 Jan 2023 01:13:29 GMT
Date: Sun, 08 Jan 2023 23:36:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5803
Expires: Mon, 09 Jan 2023 01:13:29 GMT
Date: Sun, 08 Jan 2023 23:36:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5803
Expires: Mon, 09 Jan 2023 01:13:29 GMT
Date: Sun, 08 Jan 2023 23:36:46 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2166f11e11d12ebe46705ce853e14730
d7f16494d91106243c0e88ecb828ad8b1ce8c1c6
cb89c9055df1c17e1c586168f4b31bc5fe421ba19a0a0da72dd75669de045c62
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 23:36:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 08 Jan 2023 01:42:54 GMT
Expires: Sun, 15 Jan 2023 01:42:53 GMT
Etag: "d7f16494d91106243c0e88ecb828ad8b1ce8c1c6"
Cache-Control: max-age=525366,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7868c1d82f5a0b55-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47a0e7dd-37cd-4bec-8133-1c67d450aded.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47a0e7dd-37cd-4bec-8133-1c67d450aded.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 412c9be19a182a70270af3885bdacc80
51382789a4b3fb643748514985ab94c9f0a045e0
b3c4a8845abf221ae234d12441525419346c08f47bf5ba8b0e3ada59d9f04986
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47a0e7dd-37cd-4bec-8133-1c67d450aded.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11322
x-amzn-requestid: fecf6c9b-54e3-4320-897b-0e74117c6d98
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecWFgEEpIAMFgMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb36ef-53935876772cbb0a1eb1a1e2;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lqGS287bx4l8uOXA45DvLzwGRRftXEbFkRfegumNL7j9zBmyGQHiUg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 22:01:35 GMT
age: 5711
etag: "51382789a4b3fb643748514985ab94c9f0a045e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a0aac24-0b28-48c6-89a3-cf4a373ab0fa.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a0aac24-0b28-48c6-89a3-cf4a373ab0fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4938f6e4d145d1bb761e7908e97d5424
712c532e08559853db273decf0f3195587b17d11
d80291d9e2471e57181f76a764761f49e643e9b7e8bda3a4e30a87128bb48831
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a0aac24-0b28-48c6-89a3-cf4a373ab0fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: 1c7e11a3-9639-43d0-b177-ae5eab1f2d2c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJ3_2EPaIAMFxxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b3d398-34f3d8f31c9d79e22eaa6c50;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 07:04:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RucoKfN--pH0pODiWBrSnImV2MDjczwowDfnWLWjiBvbQAIKvcCtzw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 13:26:09 GMT
age: 36637
etag: "712c532e08559853db273decf0f3195587b17d11"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7478553b-0929-4671-8115-a5fd59ca43a1.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7478553b-0929-4671-8115-a5fd59ca43a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 921da729b03484c8525882e0689f13f9
1de15df26541c49b829c5bc1c8e59eb1be7051c1
b3cfbac9089c6a086cc78dca0c0eeb74d7a2ea8b781e6e78de1f327fef67fd53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7478553b-0929-4671-8115-a5fd59ca43a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13257
x-amzn-requestid: f73bd9e9-5576-4430-800c-b6137894046d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eaAirEFXoAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba47aa-04958f082a507ed607216cb3;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 04:33:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: v3x6P8QkYxGA43tAesN-p01OpifPEPkNTGiVLfV7_2BQA5Dh8bGx9A==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 21:41:03 GMT
age: 6943
etag: "1de15df26541c49b829c5bc1c8e59eb1be7051c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 9f388939-cfb7-432e-a921-e9188736bb45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTw5QGZ6oAMFxQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c83b-4f9d5bfc30e5ee126333d54e;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:05:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wAgalvw3qNlWJt6Lw_jVbpTzh9OSvLB9u58IGEBT_unCOwWAXHvx7g==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 23:14:00 GMT
age: 1366
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 8c3a99d827b45f7b17b6146b35713ed2
94f5a1f3c2e500669e658a19dd0944e8697bcff1
3de448216ab74dc9cd072db251a0a13bdfb1d67f974ffaa365cb73083f676d3a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=91786
Date: Sun, 08 Jan 2023 23:36:46 GMT
Etag: "63ba00a0-1d7"
Expires: Tue, 10 Jan 2023 01:06:32 GMT
Last-Modified: Sat, 07 Jan 2023 23:30:40 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZqEWhdWdwE21k30PmIzLKegBS7G_TH8Df9EsffhTIXqGIk2C1Beu-Q==
Age: 5752
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ffb256-d515-4bd7-8804-5c32e070765c.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ffb256-d515-4bd7-8804-5c32e070765c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0ac656cdf72279d8aab7e906f067ecb
fd70a88299221cbbf71242e572a507bcb1ee45d8
fc6e1e38162173b45ddf5bd0838495fe05a8c12ac50b7977fd66281ed0a7a1cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc3ffb256-d515-4bd7-8804-5c32e070765c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7842
x-amzn-requestid: 2fea5ef4-795f-4d81-ad13-1d9cb738524c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ7FYVoAMFURA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-6f87591428c52a1a0afc7dee;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: bRuAqoco3FJIe17GiZYAqBPatACNgfbA37mmppM8KzQqRhVUoScksw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 04:10:37 GMT
age: 69969
etag: "fd70a88299221cbbf71242e572a507bcb1ee45d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71367d17-5f39-4d68-acc2-9e84cc70b6ee.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71367d17-5f39-4d68-acc2-9e84cc70b6ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 958d699fe0e01f8f1e6002637f87ab63
9feb324f4c37992e68e04762494841d532b3da2b
a20dce10643f6cb9aed206ca177c54538076e61568528e5fdc2744d8cc25846a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71367d17-5f39-4d68-acc2-9e84cc70b6ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10157
x-amzn-requestid: cc023618-8a3b-452e-84cc-04c8b5f48a3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ8Es5IAMFYtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-6d9f330a4b3df85c661c1bd6;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: yaahmIYHAzMWPmbF_6RRTXc-boEiyV4AgS6BLMUTxVhSOos78xvtYQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 03:38:38 GMT
age: 71888
etag: "9feb324f4c37992e68e04762494841d532b3da2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.rlcdn.com/api/identity/envelope?pid=1323
34.120.133.55401 Unauthorized 19 B URL HTTP/2 api.rlcdn.com/api/identity/envelope?pid=1323
IP 34.120.133.55:0
Hash 63dfbd2b39fe4f536a04e7b32ada47b4
207298c4a215ad5d97d888522927910ae772ba48
26e51290d12b4fea0bb98da3ed118837b744555ba723061771ab3df30000b6b7
GET /api/identity/envelope?pid=1323 HTTP/1.1
Host: api.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 401 Unauthorized
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Sun, 08 Jan 2023 23:36:46 GMT
content-length: 19
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0
35.244.193.51200 OK 49 B URL HTTP/2 lexicon.33across.com/v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0
IP 35.244.193.51:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c466bd434db29cf02793f8522fde5f3a
f39a01bb0264479dbe9a4bfb0b80ae0b3b0e8154
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
GET /v1/envelope?pid=0010b00002PIxPJAA1&gdpr=0 HTTP/1.1
Host: lexicon.33across.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: origin
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
cache-control: private, must-revalidate, max-age=28800
content-type: application/json
content-length: 49
date: Sun, 08 Jan 2023 23:36:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/id5-api.js
104.22.53.86200 OK 17 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP 104.22.53.86:0
Hash 9d99bcad49df9aef4b2be04be89adc61
92ede13e7e7611cd982c520ebfcd52388e44cf0d
f354afca997e48c81c6eab0563100aafc16f1b04d50d366446f538994396fd2e
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:46 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: NzzDMQRIzsXNjVR7/B6e4yrrDcazBk60q2/S2QH7YxwqiaX7/iQchWRPdgPY0BswypKEPiqaJg8=
x-amz-request-id: EK159HTWSS7GNBQ8
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
etag: W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 663
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7868c1d7cf5f1bfe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/ima3.js
216.58.211.10200 OK 127 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (2791)
Size 127 kB (127165 bytes)
Hash 43f9f7256078a6280391d8ddf65d34c6
7313fb4491f9b413dbbab03c75f42780c1a22baf
e95c555d5756aac136cc38e122f09f6d222c74e06928ce8d11af20de3f3f0556
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 127165
date: Sun, 08 Jan 2023 23:36:46 GMT
expires: Sun, 08 Jan 2023 23:36:46 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3260d451945a130cd2d142b067464b4d
a540e1f498fd3aa9b062c4f94b09d4381620af07
9b18f8d76ec12ad3a03cff27ac0addff661d581ede42fde59969510df5813c9d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4934
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:46 GMT
Last-Modified: Sun, 08 Jan 2023 22:14:32 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3260d451945a130cd2d142b067464b4d
a540e1f498fd3aa9b062c4f94b09d4381620af07
9b18f8d76ec12ad3a03cff27ac0addff661d581ede42fde59969510df5813c9d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3615
Cache-Control: max-age=162764
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:46 GMT
Etag: "63bb1e3b-116"
Expires: Tue, 10 Jan 2023 20:49:30 GMT
Last-Modified: Sun, 08 Jan 2023 19:49:15 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/s/gts1d4/fXs_L39cqkM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/fXs_L39cqkM
IP 142.250.74.131:0
Hash 231bc334e7d2a5e67269cf371972bd4b
64ea570786f1c57487f09524665452621e452b71
643efcabf37884276751b8a7b8173dbd78de193fbe2e948d70179bc01fcdf3ef
POST /s/gts1d4/fXs_L39cqkM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:46 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5c66132da49bb7b2cf792f2803f847ee
68cd25d1e03e4f0f079bda0b17e2c90b58b9a8bd
bbcecfdb71059f7eb793822d9c7af3e592bf45d617b2f0d5c14082d97d9a0455
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BBCECFDB71059F7EB793822D9C7AF3E592BF45D617B2F0D5C14082D97D9A0455"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8549
Expires: Mon, 09 Jan 2023 01:59:15 GMT
Date: Sun, 08 Jan 2023 23:36:46 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash a69908af2310901822ea7b87953e6a5d
f2beb031e2fd7788737838e26ea3ee28496ae381
d8294127feac783bc59e46cdc76348de60a55bf7208ae6b867a287a66b3b64d1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5169
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:46 GMT
Last-Modified: Sun, 08 Jan 2023 22:10:37 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 314
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 2166f11e11d12ebe46705ce853e14730
d7f16494d91106243c0e88ecb828ad8b1ce8c1c6
cb89c9055df1c17e1c586168f4b31bc5fe421ba19a0a0da72dd75669de045c62
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 23:36:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 08 Jan 2023 01:42:54 GMT
Expires: Sun, 15 Jan 2023 01:42:53 GMT
Etag: "d7f16494d91106243c0e88ecb828ad8b1ce8c1c6"
Cache-Control: max-age=525366,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7868c1da48e00b55-OSL
lb.eu-1-id5-sync.com/lb/v1
141.95.98.64200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 141.95.98.64:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d0cea89eac44960ba59ee582847403c8
c487c65400be87d9b288f52c334a126b72a545ac
be38ea894e173b3e4770b7b31de98b1cc8a4a9bd40115785636baf8547f0d538
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 08 Jan 2023 23:36:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a43d4b38e31309767aba3958eace2640
0bdcfdba185f3a2198ad91112f53d85238413759
64c7429f74d38bba6b3a6d911876cc3a537bc2079286bcffff8cf85bed742f88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bffc0d4bcf8fc04876e5d18bb185863b
6d6b35ff5d943c282bbc191e6fe7429a093c8381
16851ffe3cd738ce56683cf3b7d3f9ecbd9720dcb6857f262a27db2c3cfc9c3d
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 642
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:46 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: bfd1fb01-b6ad-4cd3-8c09-4b55045fb7a2
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMI6n7Z0GOAFAAUgBEI6n7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=2830927027905429621; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:46 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=F1wxcl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFhUTE3eGpDTHY4bVM2JTJGd1FBMFgzUUU4dkdmRjAlMkY4NHFBVHFMbVpkJTJGZUw; expires=Fri, 02 Feb 2024 23:36:46 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://earnme.club
server-processing-duration-in-ticks: 186739
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=22777984909&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=22777984909&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=22777984909&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
tpc.googlesyndication.com/sodar/sodar2.js
172.217.21.161200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 08 Jan 2023 23:36:46 GMT
expires: Sun, 08 Jan 2023 23:36:46 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993280&tk_flint=pbjs_lite_v7.19.0&x_source.tid=510fb207-4d83-4da1-80d7-7088d063f3c4&l_pb_bid_id=149f8125c3c36c&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.22703160693028301
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993280&tk_flint=pbjs_lite_v7.19.0&x_source.tid=510fb207-4d83-4da1-80d7-7088d063f3c4&l_pb_bid_id=149f8125c3c36c&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.22703160693028301
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash c7df1eb9541a7e4bb0782c5c2726aa6e
0048c5fc58353d6a7899f469c964b24b24806958
536ad2c6d98eeb507ed5bfb2c2a8a6954d3e671cacfc070d5797c9da2f8894ea
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993280&tk_flint=pbjs_lite_v7.19.0&x_source.tid=510fb207-4d83-4da1-80d7-7088d063f3c4&l_pb_bid_id=149f8125c3c36c&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.22703160693028301 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:46 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0L3KF-1Z-9Y44; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:46 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqituMX4/xW3O9DtVM30fCgAsJ0442xJm+AsdwdPeqMknvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:46 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a62372fd6c4001ab44a590d3edc52891
4fecca134e805ea8c96ead95c7c9cf4643526959
ef41f56653d5a4f2557f7bb3d39231eb3e5abc37ac1a78e5672b7075e1586a03
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 639
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:46 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 4905f49c-161d-49a0-9330-d3d1f381b04d
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMI6n7Z0GOAFAAUgBEI6n7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=2606831406693973313; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=79097466263&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=79097466263&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=79097466263&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:46 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 592 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1095), with no line terminators
Hash da2eda76c224b92157f0ea121d3be638
2ec204a52dbfe145b9c0f24db529ac89ac5dbaf8
a6a735227c0455ec605ab934e39040dba9ca6fbf8955741a4d2c53fb694d594e
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
pid=3429961617431980101; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088178066815804&o=1; expires=Mon, 09 Jan 2023 23:36:46 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:46 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:45 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 490
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 146 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash feedf9748637921bce22643d800c497e
06799880ccd5c903b91c5b9d040ecd1f0d6d1409
6f63e883d22f8328f7854643db7c3f4713cb99b46d0de209010e28030ae1ec50
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 643
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:46 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 146
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 5be5eadb-28b8-4f54-b76b-a49f5623e504
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMI6n7Z0GOAFAAUgBEI6n7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=5751944762573516777; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=18086718034&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=18086718034&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=18086718034&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:46 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bade5a5ab9981feabf4d907c96bb0436
3e1882c015175bef72f15fccbc11945a7b1024be
2a2932774ee55ebf24c6492a7874ecae29abb1b8b349208fa1c34f8cee5c0c41
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 643
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:46 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: d33de377-514e-45ea-91c4-45579aea89ee
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMI6n7Z0GOAFAAUgBEI6n7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=7948357832264677125; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993287&tk_flint=pbjs_lite_v7.19.0&x_source.tid=d02bfc43-5c8f-42bd-a4a8-987438ca89b0&l_pb_bid_id=8497135c4c145a8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.849196248910006
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993287&tk_flint=pbjs_lite_v7.19.0&x_source.tid=d02bfc43-5c8f-42bd-a4a8-987438ca89b0&l_pb_bid_id=8497135c4c145a8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.849196248910006
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 855c7c7a8a54f4cdc561b4e76fc77bed
dde4f60986bd717975881cfbaaa4dc9e7a3830b1
3cf5436e17620f55b06cd940f1887008284a804d3cd600626a112f8bb4727497
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993287&tk_flint=pbjs_lite_v7.19.0&x_source.tid=d02bfc43-5c8f-42bd-a4a8-987438ca89b0&l_pb_bid_id=8497135c4c145a8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.849196248910006 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:46 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0L3LE-1I-CW16; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:46 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qpWQDc1YgaQXe9DtVM30fCgAsJ0442xJm+AsdwdPeqMknvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:46 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993293&tk_flint=pbjs_lite_v7.19.0&x_source.tid=35b51752-379a-4124-b57e-3d517abeb71b&l_pb_bid_id=855ee4f35f44cc&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6915974182722165
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993293&tk_flint=pbjs_lite_v7.19.0&x_source.tid=35b51752-379a-4124-b57e-3d517abeb71b&l_pb_bid_id=855ee4f35f44cc&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6915974182722165
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash e9d3f60abd8d1f11de3310ed0ae08fe0
60930f5980c6b5d9135dd3d6e9ad86b4d1a922a4
61945a01dcd7cd41451616e80a056496ae3414f68965d2b07862d7b6fdc2e364
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993293&tk_flint=pbjs_lite_v7.19.0&x_source.tid=35b51752-379a-4124-b57e-3d517abeb71b&l_pb_bid_id=855ee4f35f44cc&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6915974182722165 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:46 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0L3MZ-22-6OQ5; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:46 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qpisj40hP34Bu9DtVM30fCgAsJ0442xJm+AsdwdPeqMknvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:46 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 490
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=65019149621&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=65019149621&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=65019149621&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:46 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.29200 OK 1.3 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.29:0
Hash afc2de49369984b9b80a879df963063d
027c504a78dd7a9675a717aebbdaada971533565
a943dc1cc69d056612d9cf1cdefbcb2f288d09329fa70d0f69b7cca65e753b59
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:46 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=65235981330&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=65235981330&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=65235981330&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 491
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 589 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1033), with no line terminators
Hash 938a9df3cb9d8c6d84ea62c0fee7e01a
c771bfbe6d9a2af562f375419ec32bbe7a4e540f
49640d5a42762304daa9dc5a227bca3550eb396fdf90b142f4fba588bcf38949
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 354
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:45 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
pid=5810011856110217255; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088178067839911&o=1; expires=Mon, 09 Jan 2023 23:36:46 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:46 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 575 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1190), with no line terminators
Hash 380bc869f5a8e71e8d794b1bed1ae199
1c5b49e1f6ac850040c55f44a6fc996d18b08405
d577b077b54c92e08dfe62f1a42d3fd732306c16749cbd2e73fb1e6397cf431e
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 354
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
pid=5961492363342899237; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088178067867072&o=1; expires=Mon, 09 Jan 2023 23:36:46 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:46 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993304&tk_flint=pbjs_lite_v7.19.0&x_source.tid=c59d0efe-ec5b-41d4-8233-c24b5fa85bdd&l_pb_bid_id=8e53f07722e1cd&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.18330322540534638
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993304&tk_flint=pbjs_lite_v7.19.0&x_source.tid=c59d0efe-ec5b-41d4-8233-c24b5fa85bdd&l_pb_bid_id=8e53f07722e1cd&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.18330322540534638
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 6842dff324cf24d7da89c4cfd8bbc8d5
787c9d45bc7c4d4f1d77ea48273f68eed8baf1cc
2d6ca9942b3c61663988a9c5e32c25e57eb871f90df0a57ab0a8841e824b9b3e
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993304&tk_flint=pbjs_lite_v7.19.0&x_source.tid=c59d0efe-ec5b-41d4-8233-c24b5fa85bdd&l_pb_bid_id=8e53f07722e1cd&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.18330322540534638 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:46 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0L3NZ-1H-GTNJ; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:46 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qpu0s8Nj3vJze9DtVM30fCgAsJ0442xJm+AsdwdPeqMknvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:46 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 526 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (928), with no line terminators
Hash 70f7df7f5dc9573ef4407b80c63826a3
0ae61c63ed12ae46df4a9eb64db9c4736f9703f4
a7f53ef951732edb7724aa1026c77a9a9053d16a37f014b53304ee10930f44f7
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
vs=555020=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
pid=8818658252507179234; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088178068709536&o=1; expires=Mon, 09 Jan 2023 23:36:46 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:46 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=d2c4415e-cbae-4bac-9dd4-c8774095a49f&u=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&h=earnme.club&ref=https%3A%2F%2Fwww.google.com%2F
34.203.142.186200 OK 155 B URL HTTP/2 p2.gcprivacy.com/v2/sync?pid=Q6CV1VBC&uid=d2c4415e-cbae-4bac-9dd4-c8774095a49f&u=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&h=earnme.club&ref=https%3A%2F%2Fwww.google.com%2F
IP 34.203.142.186:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6690d6186e826dc7714d866fd41f7199
b1bbd18ec50a53b2038e2709cb7bebf67846772d
fd882aefdce4359cbe412e139a2bcf66233530e088f370d2604a26cb32a2ccff
GET /v2/sync?pid=Q6CV1VBC&uid=d2c4415e-cbae-4bac-9dd4-c8774095a49f&u=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&h=earnme.club&ref=https%3A%2F%2Fwww.google.com%2F HTTP/1.1
Host: p2.gcprivacy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:46 GMT
content-type: application/json
content-length: 155
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
access-control-allow-methods: GET
access-control-allow-origin: https://earnme.club
access-control-max-age: 86400
set-cookie: gcid=d034381a-1c15-4bdb-a8e8-a10c1d8047b4;Expires=Sat, 08 Apr 2023 23:36:46 UTC; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1828a434dc82f559cceeb2a360d3d7e5
3a3b52ad3e1f116b179f8d4a10ebb4580469af41
87dac143568cf2757e48e9586fc6ac37580c0db99bd4aac1141b694ebee27f46
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 641
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:46 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 1bccba29-ddd1-45d3-a52c-fa59e5632073
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMI6n7Z0GOAFAAUgBEI6n7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=4885952613193575262; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993317&tk_flint=pbjs_lite_v7.19.0&x_source.tid=02274e75-7786-46ec-8c0d-a45955c9723f&l_pb_bid_id=4d113f94b9ddf6&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9986720413900697
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993317&tk_flint=pbjs_lite_v7.19.0&x_source.tid=02274e75-7786-46ec-8c0d-a45955c9723f&l_pb_bid_id=4d113f94b9ddf6&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9986720413900697
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 5f2709bb2670509df6409ad9c8bafa73
b72c2a99fada9812f472a76893822d26ce3288e8
bf449d85df9e0801d1a2257224ea59350d101920e14ed3dc78b43e698541131e
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993317&tk_flint=pbjs_lite_v7.19.0&x_source.tid=02274e75-7786-46ec-8c0d-a45955c9723f&l_pb_bid_id=4d113f94b9ddf6&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9986720413900697 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:46 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0L3P6-1V-KBEC; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:46 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrcMKrdtObml+9DtVM30fCgAsJ0442xJm+AsdwdPeqMknvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:46 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 352
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
adx.adform.net/adx/openrtb
37.157.4.29200 OK 2.3 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.29:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (3714), with no line terminators
Hash ee365b7ef643dd97ae319208c643f0e4
85f88f1409aa65f3373f3399715fd9c36b6aa92f
a466347ff3e3114522b0789fa2e1b5cde2efca8c712fb346de169bfddbf9dddf
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:46 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 517 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1053), with no line terminators
Hash 5584a4f548e4051678e7df8d389ae84b
5a1396f43794fb83acab7a815e735024e5b7c6fa
cc6fcdc09b1bfb6091b602e801517cd896394f7f993af7c93f6aaaae51cbd8fc
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 352
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
pid=1638424475009673460; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088178068537404&o=1; expires=Mon, 09 Jan 2023 23:36:46 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:46 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 484 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1014), with no line terminators
Hash 9181b17e56df2c41e10b1c90a8a79e4a
c171c39e3b95601b604bd090d7b2cb2054dcb99c
9130a2f17f705e11a0394cc992f1fc6b200fd5ff7897f125f082184a94434fea
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 352
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
pid=1430010766064478324; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088178068524146&o=1; expires=Mon, 09 Jan 2023 23:36:46 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:46 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=4566630867&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=4566630867&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=4566630867&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 354
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993332&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5afe357b-4299-4a28-b152-204bf040ab87&l_pb_bid_id=6f03ebb928fb2e8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.03203197496639587
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993332&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5afe357b-4299-4a28-b152-204bf040ab87&l_pb_bid_id=6f03ebb928fb2e8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.03203197496639587
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 398caa55b9f42884b8a614334e2c4b71
141cd15daa40d07be0092ed9d3eea9d29fa071eb
9afc016552617c5d63ee2b9459355050e401b6a421e282c904557ea219120629
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993332&tk_flint=pbjs_lite_v7.19.0&x_source.tid=5afe357b-4299-4a28-b152-204bf040ab87&l_pb_bid_id=6f03ebb928fb2e8&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.03203197496639587 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:46 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0L3QG-7-25RJ; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:46 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qoxm9DWrM8+Xe9DtVM30fCgAsJ0442xJm+AsdwdPeqMknvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:46 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 518 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1026), with no line terminators
Hash 3bd2ca6fb45b9d9f0997dbedc2055f42
b6e00e52df9b56c19a4b3fddb9daaf84c2d6fde3
cf37651227d40acdcc3da3fff8c11e7113bae840c3176431147bb6777171808e
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 354
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
pid=4249190401094838377; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088178069058349&o=1; expires=Mon, 09 Jan 2023 23:36:46 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:46 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 66f651949a2f000fbab6807d85e43dd3
4ed51aad786c68f5a7a4cbf57c5fed5b84a3b18f
8bffc60c59f68c3c40e9c2da5f4b1c07a9fd1d2b0319f2f0cb9fd6ed9d718db3
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 642
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:46 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 680d4dd0-d2a5-4c1e-b638-54f33a0be1b1
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMI6n7Z0GOAFAAUgBEI6n7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=8989875042602761615; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993339&tk_flint=pbjs_lite_v7.19.0&x_source.tid=7dcd751c-b3d5-45ae-8db9-240d8a732d7f&l_pb_bid_id=103aa75a8f914198&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3164367087140826
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993339&tk_flint=pbjs_lite_v7.19.0&x_source.tid=7dcd751c-b3d5-45ae-8db9-240d8a732d7f&l_pb_bid_id=103aa75a8f914198&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3164367087140826
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 36def7fea7b91cac4302bb67a95c6a79
8aab45a170d97927bb1823c2f3930687a6172cec
89cc878d8c7f2821a82e84ee50c2f8c9cdbdd371907c90bc905da08a528d4e14
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993339&tk_flint=pbjs_lite_v7.19.0&x_source.tid=7dcd751c-b3d5-45ae-8db9-240d8a732d7f&l_pb_bid_id=103aa75a8f914198&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3164367087140826 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:46 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0L3RY-10-LO0K; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:46 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|SDziDG3X/Ehtq9nHbwqofe9DtVM30fCgAsJ0442xJm+AsdwdPeqMknvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:46 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 530 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (983), with no line terminators
Hash daf6ee7c7f644a7a02519a21f2fec132
eba457386c687a7b40793efdd1ee6e00e9ee4b78
8eabdeb7c200ebe2d5a0847666640dc99775a20ac22264c99f8ef97e4b326722
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 352
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
pid=8337882289157564655; expires=Mon, 08 Jan 2024 23:36:46 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088178069422478&o=1; expires=Mon, 09 Jan 2023 23:36:46 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:46 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 146 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 68e068b2237282fa2cc2ec5913a61ec0
16daa4273ad9bcad70a52259b40c9ddc95c7a277
980646a001243fe48e7a722ec9f656dd0e0d4f56727e55d4af5deab50aecb7f3
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 644
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:47 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 146
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 6a8a9459-427a-4f0b-9a13-45bbda177fd4
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMI-n7Z0GOAFAAUgBEI-n7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=6626457105768616674; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 0 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 352
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
pragma: no-cache
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=75589663127&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=75589663127&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=75589663127&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:46 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 491
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:47 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993345&tk_flint=pbjs_lite_v7.19.0&x_source.tid=899a196c-d624-48aa-87ac-2a2769d6c826&l_pb_bid_id=66f324bf4c6bf28&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.39835861458853405
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993345&tk_flint=pbjs_lite_v7.19.0&x_source.tid=899a196c-d624-48aa-87ac-2a2769d6c826&l_pb_bid_id=66f324bf4c6bf28&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.39835861458853405
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 72645799542e349d369d65d701c1d773
4119d3b7f42ab442305e2172d9e3b9282f5f8e4c
5236b8a4e5f976d6a48e12ae3341a5e7685574a1a6125d44f534c331a8f3a2db
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993345&tk_flint=pbjs_lite_v7.19.0&x_source.tid=899a196c-d624-48aa-87ac-2a2769d6c826&l_pb_bid_id=66f324bf4c6bf28&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.39835861458853405 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0L3U4-I-GENC; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:47 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|SDziDG3X/Eh9uCRB5ey1K+9DtVM30fCgAsJ0442xJm+ti5bTLOhspHvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:47 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 490
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:47 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=50550973953&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=50550973953&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=50550973953&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:46 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 146 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2018944fa6f0a942d461dc731b50a1a2
8589e0524896febdd973cbabb10b49535905e65d
f39500fcc45b9a6745a4abbda2fde3025f4523f44d657d2c299879a2712a25f0
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 644
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:47 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 146
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 53345a8d-10b8-4f57-8e57-48d9449da97f
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMI-n7Z0GOAFAAUgBEI-n7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=7742961415048556601; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 516 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1032), with no line terminators
Hash 843934a858519d2247d54229c43bc45e
0d4927a8bbb049900afcfd1461512c41f70b4d93
431ddc978bb3cc914c10e00a419aeff80777ae5a71d81f7b523220ee6384727c
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
pid=2327576171203651772; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088178070445575&o=1; expires=Mon, 09 Jan 2023 23:36:47 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:47 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993349&tk_flint=pbjs_lite_v7.19.0&x_source.tid=6a7c406c-cf80-43f0-826d-62b083843ad6&l_pb_bid_id=895fd83b4b88ba&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5834026598219461
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993349&tk_flint=pbjs_lite_v7.19.0&x_source.tid=6a7c406c-cf80-43f0-826d-62b083843ad6&l_pb_bid_id=895fd83b4b88ba&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5834026598219461
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 7ab0fc8c55ae06d850e4adf27b2db419
c6e7aed41fd57dbf941baaa8dbb0fd785b62622f
9e1745bd59ae005b9ccb6500a616d3eddcc3b3ea8862594df5f5233168dd6203
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993349&tk_flint=pbjs_lite_v7.19.0&x_source.tid=6a7c406c-cf80-43f0-826d-62b083843ad6&l_pb_bid_id=895fd83b4b88ba&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5834026598219461 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0L3VV-G-6MBQ; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:47 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrc4nsJZrI/zO9DtVM30fCgAsJ0442xJm+ti5bTLOhspHvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:47 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.29200 OK 1.2 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.29:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (1877), with no line terminators
Hash a25b01b71193bf0014e8665f123c93b1
2de41912dcd774ede780e2cba2ee1953834558fa
ddbe9b8f2549d9908c4ba0478bd8139af0ca2351d9295c1a14d6246de6574f4e
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ff2bd46a89f61d8d26f440ee634bd69d
03514dacedebc2c1c266a2993b6d4888a2a1f8dc
14bde0da7873a5aec17d5080bd7441b42d8f47bd41f7d3c5e3bece6a343cbb4b
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 641
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:47 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: b301c594-0c70-4006-9399-1ad93e7a5858
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMI-n7Z0GOAFAAUgBEI-n7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=3967857588915694640; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 402 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (741), with no line terminators
Hash a050f19f095c3a00683ac853ef6bb424
b66122feb9182be05a366a9c97d65c1c073a860d
cc02898579554f74f801eefdcdefd6dd706bd718c15ef4c625f44a2b2d9370e1
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
pid=2804609272418265143; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088178070867793&o=1; expires=Mon, 09 Jan 2023 23:36:47 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:47 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
adx.adform.net/adx/openrtb
37.157.4.29200 OK 1.2 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.29:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (1905)
Hash 67830d40fa6e5dbae9a219091aeaad6a
fbdefd89a9da059b0cd58894d5695ac52e5ef661
1f4b9002a1906d232c52e38204e195369d8522d21e5f70157b1d52239b7ed1b2
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:46 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.29200 OK 1.2 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.29:0
Hash 27eec46a534fba4a25c2eda6f8fc2ec6
1493abdc7f14b3bf7510c63482a5364bb0331609
07b9ca2d91f5905205c6afd498690f3742dafc50a218355e84d91dcce378c12b
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 452 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (987), with no line terminators
Hash b790b790ff42063637b5d2998b47e1ed
6d09ab59a28a2d09478ffb77519a9f6f71833e86
ae5df586448edb975656ce4f86e406e7247798d674d4bdab3a1c0ac18e7ac38d
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
pid=6418339109676378177; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088178071342924&o=1; expires=Mon, 09 Jan 2023 23:36:47 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:47 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993356&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2e884f09-6386-4020-80a8-ed511aafc047&l_pb_bid_id=83c0c04abea4848&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06637520300197641
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993356&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2e884f09-6386-4020-80a8-ed511aafc047&l_pb_bid_id=83c0c04abea4848&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06637520300197641
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 13f19560d6e39ccda3bfe5d428068b64
aa8a029922b21f7ffd612d187aefb99c5fc5aad6
f0a58bda78dd0d4eef51454e94fba0c674b63d264c017b22a034043c6448f93a
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993356&tk_flint=pbjs_lite_v7.19.0&x_source.tid=2e884f09-6386-4020-80a8-ed511aafc047&l_pb_bid_id=83c0c04abea4848&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06637520300197641 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0L3XP-W-25W8; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:47 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qoAzEBAtO7mWe9DtVM30fCgAsJ0442xJm+ti5bTLOhspHvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:47 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.29200 OK 1.3 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.29:0
Hash eb3788188083bd458128708ccbfdcbf4
17afe79bc8de6e3ac4db97d169137a7ec0bde24f
972a39d72262ee9a30b3915b41ed5d59e4709462c8bcab593de0720f3f5d3829
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=37221589209&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=37221589209&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=37221589209&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:47 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 491
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:47 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
lbs.eu-1-id5-sync.com/lbs/v1
141.95.98.65200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP 141.95.98.65:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e497b8ad60d847e218c95b3798e80fc9
a426cf2b6c0289abf6177101d197f08b77ef4d48
e1110b0622aab2d8778c8618b247049f69476c4609584511c45a7e2e89a8bdf9
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 8 Jan 2023 23:36:47 GMT
access-control-allow-origin: https://earnme.club
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993366&tk_flint=pbjs_lite_v7.19.0&x_source.tid=92cc0e1f-71c0-40e0-8c28-0cb4354d2559&l_pb_bid_id=4fa679d05062148&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.827444936251737
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993366&tk_flint=pbjs_lite_v7.19.0&x_source.tid=92cc0e1f-71c0-40e0-8c28-0cb4354d2559&l_pb_bid_id=4fa679d05062148&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.827444936251737
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 551bd547f68bf44f40a4c1dfee2cc757
665d668b4971205c9a31aaf6c0514ea54ea47793
7008a5e252974b5a0049a4e2c53bd14c33e44f26e17d7a025f8768cb4d1d1296
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993366&tk_flint=pbjs_lite_v7.19.0&x_source.tid=92cc0e1f-71c0-40e0-8c28-0cb4354d2559&l_pb_bid_id=4fa679d05062148&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.827444936251737 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0L3ZE-B-K8IN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:47 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qqd6dUFeKoD9O9DtVM30fCgAsJ0442xJm+ti5bTLOhspHvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:47 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
bcp.crwdcntrl.net/6/map
52.211.223.66200 OK 60 B IP 52.211.223.66:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 31d1448165f960e7746a6ba98fbfabd0
1a554c395623ac23e6fe8f2582d0836423046342
dfb3b72e7d5f0760acc5ba78c53ebc1e1b61e466e8d7b439b710f9dc4d5144ec
POST /6/map HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 50
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: application/json;charset=utf-8
content-length: 60
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.11.152
access-control-allow-credentials: true
access-control-allow-origin: https://earnme.club
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.29200 OK 2.3 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.29:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (3696), with no line terminators
Hash 66ab72a178adefc2c6a26fa6d6f7b58f
c52d7e5335b4a453d2e2731f68157fb1fa170c69
010ed7f929dbe840de5628638c83f7221dc731ed77981ac028105d5b527167d8
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:46 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 146 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bbd4b69ded07cf6c29022b9a299417aa
eda51ce6b841e87e215899fa6d0a36fd9092abf4
8dd9992785af8c0f71d3e24b0ee288d9d8d4ef46cec2e106a5241678136e6934
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 643
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:47 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 146
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 07cd237b-2a5c-4dbe-a7c8-c945e3f02110
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMI-n7Z0GOAFAAUgBEI-n7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=6153618308577771133; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=86866953075&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=86866953075&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=86866953075&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:46 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 551 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1137), with no line terminators
Hash 52f1f23dfa4a1b280cadd6b323e41416
47094acad22bfe7900d52adf55ca2a70962e78c1
8563ea80e774912fc7c50bb1f3fabd1b547da2922215cacadc85fead7a88bc58
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:47 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
pid=2428572868334971114; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088178072184630&o=1; expires=Mon, 09 Jan 2023 23:36:47 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:47 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
tra.neodatagroup.com/pv?sid=2033&rnd=560535348159&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&ids=d2c4415e-cbae-4bac-9dd4-c8774095a49f;pubcid;PublisherCommonId&pbs=true
20.73.234.141302 0 B URL HTTP/1.1 tra.neodatagroup.com/pv?sid=2033&rnd=560535348159&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&ids=d2c4415e-cbae-4bac-9dd4-c8774095a49f;pubcid;PublisherCommonId&pbs=true
IP 20.73.234.141:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv?sid=2033&rnd=560535348159&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&ids=d2c4415e-cbae-4bac-9dd4-c8774095a49f;pubcid;PublisherCommonId&pbs=true HTTP/1.1
Host: tra.neodatagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Sun, 08 Jan 2023 23:36:47 GMT
Content-Type: text/richtext;charset=UTF-8
Content-Length: 0
Connection: keep-alive
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
Access-Control-Allow-Origin: *
Set-Cookie: cProfile=AQMLJ3zPvgXXAAAAAAAEAAABhahX198AB2RlZmF1bHQ=; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 23 Jan 2023 23:36:47 GMT;
Location: /pv?sid=2033&rnd=560535348159&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&ids=d2c4415e-cbae-4bac-9dd4-c8774095a49f;pubcid;PublisherCommonId&pbs=true&neoid=30b277ccfbe05d7
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993374&tk_flint=pbjs_lite_v7.19.0&x_source.tid=459bf96f-27bf-42b4-98a3-9b9011e5d16e&l_pb_bid_id=830c0e469cfeb5&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8653957655342785
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993374&tk_flint=pbjs_lite_v7.19.0&x_source.tid=459bf96f-27bf-42b4-98a3-9b9011e5d16e&l_pb_bid_id=830c0e469cfeb5&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8653957655342785
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 7b53f63d283ed92dc01c60ac87eb6d27
762984d6dd3097b2599725f0fbf2bb9be16950f5
4c7efee865bef3a0676c523ce58cf5f0d448f615b21c70a9d61e36a03831156d
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993374&tk_flint=pbjs_lite_v7.19.0&x_source.tid=459bf96f-27bf-42b4-98a3-9b9011e5d16e&l_pb_bid_id=830c0e469cfeb5&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8653957655342785 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0L41D-1C-KAE4; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:47 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrrtdrDWRZsvu9DtVM30fCgAsJ0442xJm+ti5bTLOhspHvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:47 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 547 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (894), with no line terminators
Hash d93c6e52545c0d91b20e8465fa10cd7b
c0b6d31f658897a70056c3494ef76e1461014ad1
dcc71794f6df054148bef18e73d1b4db75788b260fb2746709b8e70a70b12721
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
pid=7158936813200074852; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088178072891481&o=1; expires=Mon, 09 Jan 2023 23:36:47 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:47 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=560535348159
172.217.21.162302 Found 337 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=560535348159
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a10546e42587238f209947289acb9ca0
b500305152697144f9d75fe8602dc2a736c7e033
73e430019da8c929d82f952c6d737f3be116dce79d801714d5847cca78a9ea6b
GET /pixel?google_nid=neodata_dmp&google_cm&pv=dbm&sid=1&rt=img&rnd=560535348159 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=neodata_dmp&google_cm=&pv=dbm&sid=1&rt=img&rnd=560535348159&google_tc=
date: Sun, 08 Jan 2023 23:36:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 337
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 08-Jan-2023 23:51:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_n-LoopMe_n-onetag_rbd_n-MediaNet_an-db5_sovrn
54.239.33.158302 Found 0 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_n-LoopMe_n-onetag_rbd_n-MediaNet_an-db5_sovrn
IP 54.239.33.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_n-LoopMe_n-onetag_rbd_n-MediaNet_an-db5_sovrn HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Sun, 08 Jan 2023 23:36:47 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: S4Z8RSH4AT3D6KPJ7K2T
Set-Cookie: ad-id=A-Q05I3jokRxvDgLzWIhOHo|t; Domain=.amazon-adsystem.com; Expires=Sun, 01-Oct-2023 23:36:47 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_n-LoopMe_n-onetag_rbd_n-MediaNet_an-db5_sovrn&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
adx.adform.net/adx/openrtb
37.157.4.29200 OK 1.6 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.29:0
Hash 05f043c37fe889bd17efc030086e59f2
3434b7dd7dca10d6a907946cea0110eee5075bc3
f57c40121e47c8731c2ad4cf19fa5c23de1c099bb455723d4a49993a11b02a5e
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:46 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 01cf5d59730f5eeefb35fde3df9a0b25
59d38cbf821de0aefe29836faeac63933cb199b4
c448ebb12c6b1d799a427e611cba6af08fcd275d21ecd83a1f9fe3527428edb8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 01cf5d59730f5eeefb35fde3df9a0b25
59d38cbf821de0aefe29836faeac63933cb199b4
c448ebb12c6b1d799a427e611cba6af08fcd275d21ecd83a1f9fe3527428edb8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adx.adform.net/adx/openrtb
37.157.4.29200 OK 2.5 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.29:0
Hash aa6a1401a2b03dd31a1771cbc9bf5238
59628ffb6a4b75e1d5a5fa2a46fd3a6f2135ec26
ad9ab10c7d9cacccc8169dfae6923dc3023d8f6619c005801885c6020032db37
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_n-LoopMe_n-onetag_rbd_n-MediaNet_an-db5_sovrn&dcc=t
54.239.33.158200 OK 64 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_n-LoopMe_n-onetag_rbd_n-MediaNet_an-db5_sovrn&dcc=t
IP 54.239.33.158:0
File type HTML document, ASCII text
Hash be99f9f8ced5e5eb1f9721d861712f89
4291ee98f7ce20471796ec89961abb1acb2af1d8
f17fe415b91a13ea86b93344389e18c996384323ca3c2f4267b18c96b8314a12
GET /s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_n-LoopMe_n-onetag_rbd_n-MediaNet_an-db5_sovrn&dcc=t HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Sun, 08 Jan 2023 23:36:47 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 64
Connection: keep-alive
x-amz-rid: B3WMNSDJ1QNK42PCTS9W
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
142.250.74.161200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
IP 142.250.74.161:0
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash 190bcb4c44fd9e0e93baa80c9b2535b8
97bda56ddc8d6a00d19e1747d63325051f3fd144
b7677f820f06329e357561f570729fe4110af4ac5fb741b97567e20a0f533301
GET /rtv/012211060024000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61592
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 02 Jan 2023 18:08:55 GMT
expires: Tue, 02 Jan 2024 18:08:55 GMT
cache-control: public, max-age=31536000
age: 538072
etag: "a2fca7132416d151"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
142.250.74.161200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
IP 142.250.74.161:0
File type ASCII text, with very long lines (14697)
Hash ae1a9f090984c448deb0629cc2304ee3
e601825ccec746695f370ed68fa33325152e0d9f
6a947bfcdeea64faa6c795caea11ee09dbe00f5d4003b7b9d47e4945c05ac1e4
GET /rtv/012211060024000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5218
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 03 Jan 2023 10:51:50 GMT
expires: Wed, 03 Jan 2024 10:51:50 GMT
cache-control: public, max-age=31536000
age: 477897
etag: "abd4378f71571d78"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
142.250.74.161200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
IP 142.250.74.161:0
File type ASCII text, with very long lines (65534)
Hash c88b4e73b12307e42222d337bdd646a2
621233bf4e777b2d44b1bc143187111aca2fe718
ef6935537cd5a603b79bc98d4274b70ee5608955792523fc58e818c8ddbb7b48
GET /rtv/012211060024000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28809
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 17:37:12 GMT
expires: Mon, 08 Jan 2024 17:37:12 GMT
cache-control: public, max-age=31536000
age: 21575
etag: "dd6615029de85e23"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 01cf5d59730f5eeefb35fde3df9a0b25
59d38cbf821de0aefe29836faeac63933cb199b4
c448ebb12c6b1d799a427e611cba6af08fcd275d21ecd83a1f9fe3527428edb8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
142.250.74.161200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
IP 142.250.74.161:0
File type ASCII text, with very long lines (5046)
Hash 669c8592ef8f63e7404e45dd6ca56b71
3f6753966361bb86594193009c9097612c361064
d174ae2c0722ab8d4bf736f0200dc5b15d288f9500a706bb161b64f5a3b74f01
GET /rtv/012211060024000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1913
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 17:57:32 GMT
expires: Sat, 06 Jan 2024 17:57:32 GMT
cache-control: public, max-age=31536000
age: 193155
etag: "403438c4d550ee88"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
142.250.74.161200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
IP 142.250.74.161:0
File type Unicode text, UTF-8 text, with very long lines (41057)
Hash 2f873064835eed23708bde2a16830216
7559437b82b9b761e02549d8d51f9e3571e5ed2c
0f5d00ac674cc34652997f2e0dd7fb6eb1a5b22010989c35a81cd7a388c84fdd
GET /rtv/012211060024000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12946
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 17:54:43 GMT
expires: Sat, 06 Jan 2024 17:54:43 GMT
cache-control: public, max-age=31536000
age: 193324
etag: "0bacd3f1ce38a7db"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 01cf5d59730f5eeefb35fde3df9a0b25
59d38cbf821de0aefe29836faeac63933cb199b4
c448ebb12c6b1d799a427e611cba6af08fcd275d21ecd83a1f9fe3527428edb8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e3fc3fd0be8ef04766d38fb204cd9035
3751670e60281d98afec1fe23ee5d4bc647bd884
611d2062f60ce7a4cbd636391a5b733b0ad515613dabd80cf58a35da6db5f138
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 641
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:47 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 4b59a2e9-b857-4c37-9de7-ea6ee0dce082
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMI-n7Z0GOAFAAUgBEI-n7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=3894636553125922232; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
adx.adform.net/adx/openrtb
37.157.4.29200 OK 1.1 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.29:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (1848), with no line terminators
Hash 6ec416a6e0033081e12bac5d49f12225
dc46a06476e3ae9dab40651df11e572d1cac2552
4cb8783c94f9a766a7a907e813eb490fb35da2787f6b479c1952c6f4be0c302f
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=97042293666&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=97042293666&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=97042293666&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:46 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 143 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 11e60d2611648366820e28c4e2e12f4a
e33499b4caff8538f0b978717cb0991fb9e50692
01d7a6fd36e96edbaddd5c572d3ea99b4824d3a1920bc2dda4100df7f3678287
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 640
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:47 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 143
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://flashnetic.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: a42afd09-c926-4409-97af-6e25c402df26
Set-Cookie: icu=ChkIv46FARAKGAEgASgBMI-n7Z0GOAFAAUgBEI-n7Z0GGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=8543859095986013588; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993378&tk_flint=pbjs_lite_v7.19.0&x_source.tid=dcb2d73f-387e-4cb4-88dc-36881f4705c2&l_pb_bid_id=6e4226fd7b079a&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.009147184194855829
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993378&tk_flint=pbjs_lite_v7.19.0&x_source.tid=dcb2d73f-387e-4cb4-88dc-36881f4705c2&l_pb_bid_id=6e4226fd7b079a&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.009147184194855829
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 64f245dabc4c3c8a7ba80c85cae4fee7
d556f41fb229ee58ba5bb2787f45e7071c36b2e8
ba1302fe755b3cfe0eba52f336cb21d5502555f83dad8c7e2abe7251af68b775
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993378&tk_flint=pbjs_lite_v7.19.0&x_source.tid=dcb2d73f-387e-4cb4-88dc-36881f4705c2&l_pb_bid_id=6e4226fd7b079a&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.009147184194855829 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0L49F-21-E4QW; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:47 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|SDziDG3X/Eh9uCRB5ey1K+9DtVM30fCgAsJ0442xJm+ti5bTLOhspHvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:47 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 08 Jan 2023 23:36:47 GMT
access-control-allow-origin: https://flashnetic.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 595 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1126), with no line terminators
Hash 3e7cb647bbb41a8b6b092cf1a4a0e77f
f553a4c165ce2435339151047d4e99533f8bb644
6e5c7ac9eb40f1c1edc3740fad2ffe7ebc3b0ba67a65115379b672a28d0c2c75
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:47 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
pid=5801261714943109308; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088178075872911&o=1; expires=Mon, 09 Jan 2023 23:36:47 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:47 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=75837068682&lsavail=0
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=75837068682&lsavail=0
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.19.0&cb=75837068682&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 478
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:47 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://flashnetic.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
id5-sync.com/g/v2/579.json
162.19.138.120200 216 B URL HTTP/1.1 id5-sync.com/g/v2/579.json
IP 162.19.138.120:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d8c8340636ad0411172ebb4d6250a6d8
676b5fdfa8f81d2c1c16101edf3f9dc6cbbdabc5
8488309e65dd3ac9ee048f21440896d6131975ff77a4baabfea4f9918da1a575
POST /g/v2/579.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 297
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 08 Jan 2023 23:36:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
track.adform.net/adfscript/?bn=60455003;rtbwp=5EU2bw4CpjdC5yJS-ICQQazboUFQG3yp0;rtbdata=E6tQbzBjLA_5M7FcwZTsMEzhpVaIWuA5E_oF-AEYenSE11grKF4dVU1REz67sdhwB4lVwC9gOSlkDC_IsgoUopKn_GBKoUSmd5_0mkbp0H_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai-MrzmQJxhjGzAJWZJdi2Yxjsr3fZYx5kCnqGuhAbga6kWLg8AcERWAalaLoxW3us2nvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=sH5Biba0RT542u1ywTJ-2nsP3fIkO90dL-6WflhvywOAeEqjmpoUBJG4dWAZeGGwwz0LEq8kKVycx-DKtGS9fdspZUSPVcvQqBdNbE9NI9_g_v3MYfxeVb3GBDYzAzIwwmoN7OtPIRLhsFti7eXT--GjNUiwUAFZfb-iTaJQwKi487kQPD7qPMfMEX5By_Xskui0bMBUl7F5oOco3LyqjgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.29200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60455003;rtbwp=5EU2bw4CpjdC5yJS-ICQQazboUFQG3yp0;rtbdata=E6tQbzBjLA_5M7FcwZTsMEzhpVaIWuA5E_oF-AEYenSE11grKF4dVU1REz67sdhwB4lVwC9gOSlkDC_IsgoUopKn_GBKoUSmd5_0mkbp0H_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai-MrzmQJxhjGzAJWZJdi2Yxjsr3fZYx5kCnqGuhAbga6kWLg8AcERWAalaLoxW3us2nvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=sH5Biba0RT542u1ywTJ-2nsP3fIkO90dL-6WflhvywOAeEqjmpoUBJG4dWAZeGGwwz0LEq8kKVycx-DKtGS9fdspZUSPVcvQqBdNbE9NI9_g_v3MYfxeVb3GBDYzAzIwwmoN7OtPIRLhsFti7eXT--GjNUiwUAFZfb-iTaJQwKi487kQPD7qPMfMEX5By_Xskui0bMBUl7F5oOco3LyqjgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.29:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash 43cd4a424b5b8ee93df4146f7c34278d
88f9822cf2c628dcc0304000876ef34f7fc4ad16
65ff1d432cc2b9eea9e7592ac2265eb95519e66f93e6b6db9323df0af448e168
GET /adfscript/?bn=60455003;rtbwp=5EU2bw4CpjdC5yJS-ICQQazboUFQG3yp0;rtbdata=E6tQbzBjLA_5M7FcwZTsMEzhpVaIWuA5E_oF-AEYenSE11grKF4dVU1REz67sdhwB4lVwC9gOSlkDC_IsgoUopKn_GBKoUSmd5_0mkbp0H_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai-MrzmQJxhjGzAJWZJdi2Yxjsr3fZYx5kCnqGuhAbga6kWLg8AcERWAalaLoxW3us2nvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=sH5Biba0RT542u1ywTJ-2nsP3fIkO90dL-6WflhvywOAeEqjmpoUBJG4dWAZeGGwwz0LEq8kKVycx-DKtGS9fdspZUSPVcvQqBdNbE9NI9_g_v3MYfxeVb3GBDYzAzIwwmoN7OtPIRLhsFti7eXT--GjNUiwUAFZfb-iTaJQwKi487kQPD7qPMfMEX5By_Xskui0bMBUl7F5oOco3LyqjgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: text/javascript; charset=utf-8
content-length: 1224
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:47 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993384&tk_flint=pbjs_lite_v7.19.0&x_source.tid=dc7d89d1-a76e-49b6-acad-0208964b6c54&l_pb_bid_id=100fceae1caf4a6&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.54182828923997
213.19.162.21200 OK 334 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993384&tk_flint=pbjs_lite_v7.19.0&x_source.tid=dc7d89d1-a76e-49b6-acad-0208964b6c54&l_pb_bid_id=100fceae1caf4a6&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.54182828923997
IP 213.19.162.21:0
File type JSON data\012- , ASCII text, with very long lines (334), with no line terminators
Hash 27520030fef1a29691387c407039b142
ebf839efdf59c4e64a5e6d3af3ce606030065e39
d963708dfda597ccfa41327c819e9dea0f02a8e8cfc469d61e16b9853582a701
GET /a/api/fastlane.json?account_id=17210&site_id=397268&zone_id=2229032&size_id=15&p_pos=atf&rp_schain=1.0,1!adpone.com,a1ea75ec94e5611d58bc,1,,,&rf=earnme.club&tg_i.page=https%3A%2F%2Fearnme.club%2F&tg_i.domain=earnme.club&tg_i.pbadslot=adpn-adtag-1673220993384&tk_flint=pbjs_lite_v7.19.0&x_source.tid=dc7d89d1-a76e-49b6-acad-0208964b6c54&l_pb_bid_id=100fceae1caf4a6&p_screen_res=1280x1024&rp_secure=1&rp_maxbids=1&slots=1&rand=0.54182828923997 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.21.4
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LCO0L4B5-10-C6FL; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:47 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qoixmH/lBg2E+9DtVM30fCgAsJ0442xJm+ti5bTLOhspHvs5xm8c681tq9R0N6+0FRpWVHBsUSA99APlTu0R9RN; Domain=.rubiconproject.com; Path=/; Expires=Mon, 08-Jan-2024 23:36:47 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 334
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 471 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (911), with no line terminators
Hash a5f1f79d32855ffda14f9c9bc070ec89
20cf9b7dc661fcfcfcfa2d1c86ec7824befe010c
192aee9d71b3aedcf3d8b96ea4b5bed4b3685c659cccfc28c983ec8e85464338
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 352
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 08 Jan 2023 23:36:47 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://flashnetic.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
vs=527998=5270376; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
pid=9220068533101258776; expires=Mon, 08 Jan 2024 23:36:47 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638088178076386281&o=1; expires=Mon, 09 Jan 2023 23:36:47 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 09 Jan 2023 23:36:47 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
track.adform.net/adfscript/?bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj3_IzIS3Z_LxUQKkpRcZM0JfaL1JFjto_LHqFn5rC7lfMJPGjknbsWDz1w4_3pPte9-sOXM3Ojj142xbX5nejecXYqEgP6vGUfJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rpv8PCezq_eayhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=cJfn2KV0iMl42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVx8RRXW5cV19CnzK7JyYhTrmyf5mOXpQ1GUZBWUUM-BK5k47Q69Bfn3iSfhdai6GIPPzNzyo-NaCdzoBChhHVH8oOsGdmZx_Vu487kQPD7qPMfMEX5By_Xskui0bMBUl7HeHVK23hPpLQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.29200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj3_IzIS3Z_LxUQKkpRcZM0JfaL1JFjto_LHqFn5rC7lfMJPGjknbsWDz1w4_3pPte9-sOXM3Ojj142xbX5nejecXYqEgP6vGUfJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rpv8PCezq_eayhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=cJfn2KV0iMl42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVx8RRXW5cV19CnzK7JyYhTrmyf5mOXpQ1GUZBWUUM-BK5k47Q69Bfn3iSfhdai6GIPPzNzyo-NaCdzoBChhHVH8oOsGdmZx_Vu487kQPD7qPMfMEX5By_Xskui0bMBUl7HeHVK23hPpLQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.29:0
File type ASCII text, with very long lines (844), with CRLF line terminators
Hash 1a3c298bc4cbae2cea677ad553b8d5b0
469543bc36a4cf262ff340b111ba0bd9d368d703
8fd1a91cfbb5b3e16a9d52b45fecdbf9355e068fb4e3aa64d5bafba5dec7303e
GET /adfscript/?bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj3_IzIS3Z_LxUQKkpRcZM0JfaL1JFjto_LHqFn5rC7lfMJPGjknbsWDz1w4_3pPte9-sOXM3Ojj142xbX5nejecXYqEgP6vGUfJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rpv8PCezq_eayhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=cJfn2KV0iMl42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVx8RRXW5cV19CnzK7JyYhTrmyf5mOXpQ1GUZBWUUM-BK5k47Q69Bfn3iSfhdai6GIPPzNzyo-NaCdzoBChhHVH8oOsGdmZx_Vu487kQPD7qPMfMEX5By_Xskui0bMBUl7HeHVK23hPpLQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: text/javascript; charset=utf-8
content-length: 1234
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:47 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj09j_UPtV8zYXVEc97EEUlK225OU1W0qYZY3GpnEbr59J7RJsIFLDe-j2byfIWjplC9lfesFhhNL53JiHJP01yUufr4_ay-qKDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpwPXrVJ0dWN6hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=CD-tm5GXRPl42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyiqPJG9rMX5GWAygnrt0RmHoORplqGkuXJqoKbr55nIqGqH2gC5YmWtEMJCelTARegtejpKETwJVnt8TAOkDI1rPUvhO9j8RO487kQPD7qPMfMEX5By_Xskui0bMBUl7GoJ2hwqD67aQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.29200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj09j_UPtV8zYXVEc97EEUlK225OU1W0qYZY3GpnEbr59J7RJsIFLDe-j2byfIWjplC9lfesFhhNL53JiHJP01yUufr4_ay-qKDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpwPXrVJ0dWN6hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=CD-tm5GXRPl42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyiqPJG9rMX5GWAygnrt0RmHoORplqGkuXJqoKbr55nIqGqH2gC5YmWtEMJCelTARegtejpKETwJVnt8TAOkDI1rPUvhO9j8RO487kQPD7qPMfMEX5By_Xskui0bMBUl7GoJ2hwqD67aQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.29:0
File type ASCII text, with very long lines (844), with CRLF line terminators
Hash 550ffd17b903da41783dee2e69c97d6b
b1f97b80f16ac6fb5023400291923ddf0f9603e5
5c072ac1c3515449c0efa7273c280c6432a5eeb84654d5c624dcf561da30dc99
GET /adfscript/?bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj09j_UPtV8zYXVEc97EEUlK225OU1W0qYZY3GpnEbr59J7RJsIFLDe-j2byfIWjplC9lfesFhhNL53JiHJP01yUufr4_ay-qKDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpwPXrVJ0dWN6hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=CD-tm5GXRPl42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyiqPJG9rMX5GWAygnrt0RmHoORplqGkuXJqoKbr55nIqGqH2gC5YmWtEMJCelTARegtejpKETwJVnt8TAOkDI1rPUvhO9j8RO487kQPD7qPMfMEX5By_Xskui0bMBUl7GoJ2hwqD67aQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: text/javascript; charset=utf-8
content-length: 1228
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:47 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=MU7IUQdm5wikA2c3998ILjg6bKrdKNhKIt157lAb_24GFxpUrK6XdlAnoZODnFtPKeYNA8VwmPoXR1x0kq-9i4RMH9okosuJEY9h6-Qhj4TJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpCH2onRf1xv-hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=sTrxLTSbsnR42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVzQOD139VE3Lx-RgCCHL8Dq6GQ9rMySjo3Xgit71ILghXZ8IVYyJjFUAtbU3l4dOyqN6CzW2Yo-skHiobrE7uMYLmclss1OS2y487kQPD7qPMfMEX5By_Xskui0bMBUl7HbKOGkWfgI0gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.29200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=MU7IUQdm5wikA2c3998ILjg6bKrdKNhKIt157lAb_24GFxpUrK6XdlAnoZODnFtPKeYNA8VwmPoXR1x0kq-9i4RMH9okosuJEY9h6-Qhj4TJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpCH2onRf1xv-hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=sTrxLTSbsnR42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVzQOD139VE3Lx-RgCCHL8Dq6GQ9rMySjo3Xgit71ILghXZ8IVYyJjFUAtbU3l4dOyqN6CzW2Yo-skHiobrE7uMYLmclss1OS2y487kQPD7qPMfMEX5By_Xskui0bMBUl7HbKOGkWfgI0gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.29:0
File type ASCII text, with very long lines (844), with CRLF line terminators
Hash ce7adaeb9c6b0740567859be024c3e4c
b378b4add25b6de0085ca9d1a3ee89f4a2a7a271
c141aa39151498c49953d7a97f9a7ce9ab5c7c9c40d73041aca42b794a88f479
GET /adfscript/?bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=MU7IUQdm5wikA2c3998ILjg6bKrdKNhKIt157lAb_24GFxpUrK6XdlAnoZODnFtPKeYNA8VwmPoXR1x0kq-9i4RMH9okosuJEY9h6-Qhj4TJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpCH2onRf1xv-hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=sTrxLTSbsnR42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVzQOD139VE3Lx-RgCCHL8Dq6GQ9rMySjo3Xgit71ILghXZ8IVYyJjFUAtbU3l4dOyqN6CzW2Yo-skHiobrE7uMYLmclss1OS2y487kQPD7qPMfMEX5By_Xskui0bMBUl7HbKOGkWfgI0gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: text/javascript; charset=utf-8
content-length: 1224
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:47 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj1k73ya7Eahqc9bMHBB-C4XrmnJducsrRZFHuHTqedGZDRRtJvKKd9ifd5_8qjunFBzSAbf7Hlwy1ZAxYj_mNcQKwkDpcF9aLDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rphg9l8cHSITOhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZYGJl_AFpMt42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyElY7SSIE1CKVq4tt61PvnGg9u5OM-SeXF8UMFJJajoMPJdlXohAPzzA4RueFLITdqSW7nWzpXfzldpgp0yUI7NL2GTgwgaV-487kQPD7qPMfMEX5By_Xskui0bMBUl7F8lZ6ylE6VtQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.29200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj1k73ya7Eahqc9bMHBB-C4XrmnJducsrRZFHuHTqedGZDRRtJvKKd9ifd5_8qjunFBzSAbf7Hlwy1ZAxYj_mNcQKwkDpcF9aLDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rphg9l8cHSITOhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZYGJl_AFpMt42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyElY7SSIE1CKVq4tt61PvnGg9u5OM-SeXF8UMFJJajoMPJdlXohAPzzA4RueFLITdqSW7nWzpXfzldpgp0yUI7NL2GTgwgaV-487kQPD7qPMfMEX5By_Xskui0bMBUl7F8lZ6ylE6VtQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.29:0
File type ASCII text, with very long lines (844), with CRLF line terminators
Hash 41b7f646ee315cd31c000c69e8254aba
96d6afe2518d2d575c8c5c500551bb79a0d0c4f3
91c8b972e12008aa3b05180608860b92d55767d031892650db53aa1af0cb547d
GET /adfscript/?bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj1k73ya7Eahqc9bMHBB-C4XrmnJducsrRZFHuHTqedGZDRRtJvKKd9ifd5_8qjunFBzSAbf7Hlwy1ZAxYj_mNcQKwkDpcF9aLDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rphg9l8cHSITOhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZYGJl_AFpMt42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyElY7SSIE1CKVq4tt61PvnGg9u5OM-SeXF8UMFJJajoMPJdlXohAPzzA4RueFLITdqSW7nWzpXfzldpgp0yUI7NL2GTgwgaV-487kQPD7qPMfMEX5By_Xskui0bMBUl7F8lZ6ylE6VtQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: text/javascript; charset=utf-8
content-length: 1226
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:47 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60455003;rtbwp=5EU2bw4CpjdC5yJS-ICQQazboUFQG3yp0;rtbdata=6hySndOYzXXnEGulUL3rh4UeiuAaehu8rPLYxlb9MRMCEh_N-el6OTRRtJvKKd9itbcaYc5Ijtl0bCeW9ZRngL3jQqLQmhjAiyAzaoLQwJzJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai-uHcYBs3hhsDAJWZJdi2Yxjsr3fZYx5kCnqGuhAbga6kWLg8AcERWAmqq0Gg2xcaynvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=c56NYr6cpeF42u1ywTJ-2nsP3fIkO90dL-6WflhvywOAeEqjmpoUBJG4dWAZeGGwwz0LEq8kKVy19B5mc2XK0zwVKlk5WTFFPEVeBDRpCx39Fp0pMJHbPcJWE5FEhONnDHDQf38ksPojoJBZwzakMnIdGo7xesFhEe-9e9bwzYS487kQPD7qPMfMEX5By_Xskui0bMBUl7HpTfHgdI9wegO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.29200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60455003;rtbwp=5EU2bw4CpjdC5yJS-ICQQazboUFQG3yp0;rtbdata=6hySndOYzXXnEGulUL3rh4UeiuAaehu8rPLYxlb9MRMCEh_N-el6OTRRtJvKKd9itbcaYc5Ijtl0bCeW9ZRngL3jQqLQmhjAiyAzaoLQwJzJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai-uHcYBs3hhsDAJWZJdi2Yxjsr3fZYx5kCnqGuhAbga6kWLg8AcERWAmqq0Gg2xcaynvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=c56NYr6cpeF42u1ywTJ-2nsP3fIkO90dL-6WflhvywOAeEqjmpoUBJG4dWAZeGGwwz0LEq8kKVy19B5mc2XK0zwVKlk5WTFFPEVeBDRpCx39Fp0pMJHbPcJWE5FEhONnDHDQf38ksPojoJBZwzakMnIdGo7xesFhEe-9e9bwzYS487kQPD7qPMfMEX5By_Xskui0bMBUl7HpTfHgdI9wegO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.29:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash 299a261d4e969ee7f2b4053f6e53a617
2fb57876c98385e7d31f4fcd77cc81f456441c42
eb94712c5d852fa3f8a1f53cfc92ee9351b863b65c35e6c32963370e678f8a86
GET /adfscript/?bn=60455003;rtbwp=5EU2bw4CpjdC5yJS-ICQQazboUFQG3yp0;rtbdata=6hySndOYzXXnEGulUL3rh4UeiuAaehu8rPLYxlb9MRMCEh_N-el6OTRRtJvKKd9itbcaYc5Ijtl0bCeW9ZRngL3jQqLQmhjAiyAzaoLQwJzJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai-uHcYBs3hhsDAJWZJdi2Yxjsr3fZYx5kCnqGuhAbga6kWLg8AcERWAmqq0Gg2xcaynvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=c56NYr6cpeF42u1ywTJ-2nsP3fIkO90dL-6WflhvywOAeEqjmpoUBJG4dWAZeGGwwz0LEq8kKVy19B5mc2XK0zwVKlk5WTFFPEVeBDRpCx39Fp0pMJHbPcJWE5FEhONnDHDQf38ksPojoJBZwzakMnIdGo7xesFhEe-9e9bwzYS487kQPD7qPMfMEX5By_Xskui0bMBUl7HpTfHgdI9wegO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: text/javascript; charset=utf-8
content-length: 1221
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:47 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=Bn6VM2oCxshqZGw7FYdqOJslJN3JmRyk9iNfhaV36ovZ_2Ie2UKvHVMM0KY5cE_zNm2SbFzL2-CHj39rT1wyVCXAA10ZVmQ3KfNKFrfaXtTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpTg2maC_jDfmhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g0VgM5ByFE6U7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=bVBMP0oFo3h42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyHhe833ttvxIfMPxoZO-Hc9_rwKSkP_nauVBC4-fkWw1cxQvFaH2QHTo-4Vqp0gB5LtsTGVpExQ502JD-hFeZtfMZkDp_b012487kQPD7qPMfMEX5By_Xskui0bMBUl7H-8TB01XrDygO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.29200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=Bn6VM2oCxshqZGw7FYdqOJslJN3JmRyk9iNfhaV36ovZ_2Ie2UKvHVMM0KY5cE_zNm2SbFzL2-CHj39rT1wyVCXAA10ZVmQ3KfNKFrfaXtTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpTg2maC_jDfmhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g0VgM5ByFE6U7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=bVBMP0oFo3h42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyHhe833ttvxIfMPxoZO-Hc9_rwKSkP_nauVBC4-fkWw1cxQvFaH2QHTo-4Vqp0gB5LtsTGVpExQ502JD-hFeZtfMZkDp_b012487kQPD7qPMfMEX5By_Xskui0bMBUl7H-8TB01XrDygO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.29:0
File type ASCII text, with very long lines (844), with CRLF line terminators
Hash e31034e3b5aee6f0acc06755fa8370af
35e4abf75b1d9fe3fd6bcc4c5319c212888fefac
3d267cacf8770732b5374c46ee65ec715d57f5e220169d091b6679c73611549e
GET /adfscript/?bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=Bn6VM2oCxshqZGw7FYdqOJslJN3JmRyk9iNfhaV36ovZ_2Ie2UKvHVMM0KY5cE_zNm2SbFzL2-CHj39rT1wyVCXAA10ZVmQ3KfNKFrfaXtTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpTg2maC_jDfmhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g0VgM5ByFE6U7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=bVBMP0oFo3h42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyHhe833ttvxIfMPxoZO-Hc9_rwKSkP_nauVBC4-fkWw1cxQvFaH2QHTo-4Vqp0gB5LtsTGVpExQ502JD-hFeZtfMZkDp_b012487kQPD7qPMfMEX5By_Xskui0bMBUl7H-8TB01XrDygO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: text/javascript; charset=utf-8
content-length: 1226
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:47 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60455003;rtbwp=5EU2bw4CpjdC5yJS-ICQQazboUFQG3yp0;rtbdata=MU7IUQdm5wjn9LqtVPkWVx17Zty3g9iaSdVhfYp35bpPb8lqfHeIP7kjpE4NLSXbOsvMCuhrLwnxWla7DfryCA9uVTDX51GJdRoEks-LV1vJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai-QFJ5YkRDPujAJWZJdi2Yxjsr3fZYx5kCnqGuhAbga6kWLg8AcERWAalaLoxW3us2nvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=jbYGmE6SQ5B42u1ywTJ-2nsP3fIkO90dL-6WflhvywOAeEqjmpoUBJG4dWAZeGGwwz0LEq8kKVxo79yDbpbdinSdaT4RgOwqXjYThpFf9q5ydnVAsHrVOGUTVFgqoc4Vnz5o1HB2nTzv5gRWZ9bwZYDeIoYZeeNjs-z5g8tGpQG487kQPD7qPMfMEX5By_Xskui0bMBUl7Fz9_AzJkes6gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.29200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60455003;rtbwp=5EU2bw4CpjdC5yJS-ICQQazboUFQG3yp0;rtbdata=MU7IUQdm5wjn9LqtVPkWVx17Zty3g9iaSdVhfYp35bpPb8lqfHeIP7kjpE4NLSXbOsvMCuhrLwnxWla7DfryCA9uVTDX51GJdRoEks-LV1vJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai-QFJ5YkRDPujAJWZJdi2Yxjsr3fZYx5kCnqGuhAbga6kWLg8AcERWAalaLoxW3us2nvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=jbYGmE6SQ5B42u1ywTJ-2nsP3fIkO90dL-6WflhvywOAeEqjmpoUBJG4dWAZeGGwwz0LEq8kKVxo79yDbpbdinSdaT4RgOwqXjYThpFf9q5ydnVAsHrVOGUTVFgqoc4Vnz5o1HB2nTzv5gRWZ9bwZYDeIoYZeeNjs-z5g8tGpQG487kQPD7qPMfMEX5By_Xskui0bMBUl7Fz9_AzJkes6gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.29:0
File type ASCII text, with very long lines (855), with CRLF line terminators
Hash 1c61fdedbdfc1e173ea732531c95c79d
3fc7f6bc89e6de57450b34ac233386a92b3af3a9
a2abcc7af257b11c60785dc410bb51b1fa336df2c3041326e13fa579097f2c17
GET /adfscript/?bn=60455003;rtbwp=5EU2bw4CpjdC5yJS-ICQQazboUFQG3yp0;rtbdata=MU7IUQdm5wjn9LqtVPkWVx17Zty3g9iaSdVhfYp35bpPb8lqfHeIP7kjpE4NLSXbOsvMCuhrLwnxWla7DfryCA9uVTDX51GJdRoEks-LV1vJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai-QFJ5YkRDPujAJWZJdi2Yxjsr3fZYx5kCnqGuhAbga6kWLg8AcERWAalaLoxW3us2nvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=jbYGmE6SQ5B42u1ywTJ-2nsP3fIkO90dL-6WflhvywOAeEqjmpoUBJG4dWAZeGGwwz0LEq8kKVxo79yDbpbdinSdaT4RgOwqXjYThpFf9q5ydnVAsHrVOGUTVFgqoc4Vnz5o1HB2nTzv5gRWZ9bwZYDeIoYZeeNjs-z5g8tGpQG487kQPD7qPMfMEX5By_Xskui0bMBUl7Fz9_AzJkes6gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: text/javascript; charset=utf-8
content-length: 1225
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:47 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8b33ebf66adf8ea748d256ed5248639a
54f661bd5cdfe8ec55371d0d7d63437abc1d54b7
d7b4bf07bc0c94009920239a1136dfdafa898ac2efab9d4131e68682f826e76b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.prod.uidapi.com/uid2SecureSignal.js
54.230.82.163200 OK 1.9 kB URL HTTP/1.1 cdn.prod.uidapi.com/uid2SecureSignal.js
IP 54.230.82.163:0
File type ASCII text, with very long lines (1859), with no line terminators
Hash aded621b17723f487b3c9d0e43cf2f94
90fbec381aa4a6ae2a2bb37eb082291432a1ab18
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
GET /uid2SecureSignal.js HTTP/1.1
Host: cdn.prod.uidapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1859
Connection: keep-alive
Last-Modified: Thu, 22 Dec 2022 00:57:19 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 08 Jan 2023 00:57:39 GMT
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iDC3vt7gTaxBO7ConI7Af46c0pRAxs6yU3d5ZE6XDok6hRSJe7n6nw==
Age: 81550
www.google.com/recaptcha/api2/aframe
142.250.74.132200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash e5128830a6726a0a564311b2697c489e
0775821fe75aa1f8e4b9958851666d744347ad55
f04708212e5656179b361fa74f28df6a36986c51f08eb7b0a5af9d00971f60e9
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 08 Jan 2023 23:36:48 GMT
date: Sun, 08 Jan 2023 23:36:48 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-JixPq53LXd_d3pE2Crh8ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj1243aSNSe2onVg1x3AUaMEmRi_FH3IvYbggS0qMKyINrkjpE4NLSXbGgXpvr3uH1KgeKhYEIhFC_qaUh8odQbK6YvLgHI3z87JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rpb7VU2FtoZK2hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=zU0iGqPF5wp42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyvfxUAZ6Z5_-3BN6vaHD9C7ewUwHnT5GR5glKuzz9wEbpBf-ksOYoL_xTvZmM5kPQSl50qRhil9RKsCimDwgQEUSb4Ldq17Ye487kQPD7qPMfMEX5By_Xskui0bMBUl7EQKTQnL4h_UQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.29200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj1243aSNSe2onVg1x3AUaMEmRi_FH3IvYbggS0qMKyINrkjpE4NLSXbGgXpvr3uH1KgeKhYEIhFC_qaUh8odQbK6YvLgHI3z87JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rpb7VU2FtoZK2hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=zU0iGqPF5wp42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyvfxUAZ6Z5_-3BN6vaHD9C7ewUwHnT5GR5glKuzz9wEbpBf-ksOYoL_xTvZmM5kPQSl50qRhil9RKsCimDwgQEUSb4Ldq17Ye487kQPD7qPMfMEX5By_Xskui0bMBUl7EQKTQnL4h_UQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.29:0
File type ASCII text, with very long lines (844), with CRLF line terminators
Hash 4c7d1b85c41e9c49c84ba2085a153456
db75bf53b23ded205e7409a7e6adcd576c611129
0175970948b5d5de055e2bbe0865909d461b633767fe05b93fbf53de58658f03
GET /adfscript/?bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj1243aSNSe2onVg1x3AUaMEmRi_FH3IvYbggS0qMKyINrkjpE4NLSXbGgXpvr3uH1KgeKhYEIhFC_qaUh8odQbK6YvLgHI3z87JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rpb7VU2FtoZK2hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=zU0iGqPF5wp42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyvfxUAZ6Z5_-3BN6vaHD9C7ewUwHnT5GR5glKuzz9wEbpBf-ksOYoL_xTvZmM5kPQSl50qRhil9RKsCimDwgQEUSb4Ldq17Ye487kQPD7qPMfMEX5By_Xskui0bMBUl7EQKTQnL4h_UQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 1231
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:48 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=hPzTdJMDKIhew3tOOAjulZ0UmQHsDbLTeLQEbZJ1HS12urk0KCfKdbkjpE4NLSXb7jPEOIC80v3h-Vy5Ljz3nHCGylMl_gDsjdDb3oFK-SfJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rp-gvPvkwtJDKhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=f_kA1Kj8lPd42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwLVILThQzFEIGuh_Ja4Cfd4-wkLdhrPXZ3nKmBOAYeKe5sTEU_7Sp4IN0JON9GMlM_wTIzZ0kNzpoa5ew0Mk5gPPvKF55b-aW487kQPD7qPMfMEX5By_Xskui0bMBUl7GGFRt4XmwqlQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.29200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=hPzTdJMDKIhew3tOOAjulZ0UmQHsDbLTeLQEbZJ1HS12urk0KCfKdbkjpE4NLSXb7jPEOIC80v3h-Vy5Ljz3nHCGylMl_gDsjdDb3oFK-SfJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rp-gvPvkwtJDKhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=f_kA1Kj8lPd42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwLVILThQzFEIGuh_Ja4Cfd4-wkLdhrPXZ3nKmBOAYeKe5sTEU_7Sp4IN0JON9GMlM_wTIzZ0kNzpoa5ew0Mk5gPPvKF55b-aW487kQPD7qPMfMEX5By_Xskui0bMBUl7GGFRt4XmwqlQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.29:0
File type ASCII text, with very long lines (844), with CRLF line terminators
Hash 3f3238f56d3c535b9c58bd7d7a2127f2
829611a2fd1cff3c5c184756bdef59b1b4b1f367
e88c210f11cc96ec73fb5c91f327ac1324d6e7481074ae6b62eb21731447dcf9
GET /adfscript/?bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=hPzTdJMDKIhew3tOOAjulZ0UmQHsDbLTeLQEbZJ1HS12urk0KCfKdbkjpE4NLSXb7jPEOIC80v3h-Vy5Ljz3nHCGylMl_gDsjdDb3oFK-SfJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rp-gvPvkwtJDKhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=f_kA1Kj8lPd42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwLVILThQzFEIGuh_Ja4Cfd4-wkLdhrPXZ3nKmBOAYeKe5sTEU_7Sp4IN0JON9GMlM_wTIzZ0kNzpoa5ew0Mk5gPPvKF55b-aW487kQPD7qPMfMEX5By_Xskui0bMBUl7GGFRt4XmwqlQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 1225
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:48 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=hPzTdJMDKIi4ElP_ualM7Mrk3_k94ym0zdJAskLfXAdXYiRhovL8qzZ9JNJrNRQTDC8jHSIOehIZemqKoG_AbARNdQMlWFivlgH_BfgScL7JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rpa5jfBcHF0N6hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=N5eGJ5ePRrt42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwPMNKRfdFmvbeD7rK_Cn1OEv-QMrNUYLbcDhw1y6NQtBUPJKls5bfWFMSc8Zk1CSQG1j2rymXXpwG0Ck-snHuYI3ktrFS0E_C487kQPD7qPMfMEX5By_Xskui0bMBUl7GZftuWHsjmswO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.29200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=hPzTdJMDKIi4ElP_ualM7Mrk3_k94ym0zdJAskLfXAdXYiRhovL8qzZ9JNJrNRQTDC8jHSIOehIZemqKoG_AbARNdQMlWFivlgH_BfgScL7JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rpa5jfBcHF0N6hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=N5eGJ5ePRrt42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwPMNKRfdFmvbeD7rK_Cn1OEv-QMrNUYLbcDhw1y6NQtBUPJKls5bfWFMSc8Zk1CSQG1j2rymXXpwG0Ck-snHuYI3ktrFS0E_C487kQPD7qPMfMEX5By_Xskui0bMBUl7GZftuWHsjmswO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.29:0
File type ASCII text, with very long lines (844), with CRLF line terminators
Hash 62ca509e0d1722fab2ce7bf82cd10576
3b5875759adc55e95c83f6340bfb264849d8ad9b
6decfa738ac261a2a78ae345376bfd930d2b6c760345c1b98069f5e947e857c8
GET /adfscript/?bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=hPzTdJMDKIi4ElP_ualM7Mrk3_k94ym0zdJAskLfXAdXYiRhovL8qzZ9JNJrNRQTDC8jHSIOehIZemqKoG_AbARNdQMlWFivlgH_BfgScL7JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rpa5jfBcHF0N6hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=N5eGJ5ePRrt42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwPMNKRfdFmvbeD7rK_Cn1OEv-QMrNUYLbcDhw1y6NQtBUPJKls5bfWFMSc8Zk1CSQG1j2rymXXpwG0Ck-snHuYI3ktrFS0E_C487kQPD7qPMfMEX5By_Xskui0bMBUl7GZftuWHsjmswO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 1225
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:48 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
s1.adform.net/banners/scripts/adx.js
37.157.5.71200 OK 27 kB URL HTTP/2 s1.adform.net/banners/scripts/adx.js
IP 37.157.5.71:0
File type ASCII text, with very long lines (844), with CRLF, LF line terminators
Hash 4da0d487d03018de836fdd421504cdf0
02ab51d7cb1c63764c3bf6ef9b4e477c7e0710a3
3b0efc289d95a34d9d2db1c838148e784088652067931ea7e2f00605841c4d92
GET /banners/scripts/adx.js HTTP/1.1
Host: s1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
x-rgw-object-type: Normal
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-amz-request-id: tx00000cfa1f558e560dc31-0063858c9b-32941e2b-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 631fec139a9118d4536ccc3bce120cd5
a7ed8a1c509a54afefd01d1cbfc47838043c26df
4c40ff14482ca9d7dc839e2045b188508bffb08b4a811eacf5d97c975a3a535e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156850
Date: Sun, 08 Jan 2023 23:36:48 GMT
Etag: "63bb063e-1d7"
Expires: Tue, 10 Jan 2023 19:10:58 GMT
Last-Modified: Sun, 08 Jan 2023 18:06:54 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lXS4nNpNlbwR8DXhHlTpXRSMH3b_mdtYS2BJdyQEcgUwMTtUYty7NA==
Age: 3844
id5-sync.com/g/v2/579.json
162.19.138.120200 216 B URL HTTP/1.1 id5-sync.com/g/v2/579.json
IP 162.19.138.120:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3a2b5e59d35c07ffe765f925b41c4633
2abe74e4a7fd0da209d68ccf84ae8da29b2308ec
2c356384929b398320a1d8cce497570aeafe3520d464fbb1459b8004cd3e34a0
POST /g/v2/579.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 406
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 08 Jan 2023 23:36:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e137d91ff1d52f2f3b37045da9db2690
58c93405e90f191e6405bb09b75b6b795a033e4e
fd8ab1fc158dc32f9754fa9866d43b040baf45796feac5bdd96e9d1cc9336b72
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.pubmatic.com/AdServer/js/pwt/157742/7600/
2.18.172.200403 Forbidden 199 B URL HTTP/2 ads.pubmatic.com/AdServer/js/pwt/157742/7600/
IP 2.18.172.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bb8f534fbff5ee61a95af9c4740ae043
832e403d42aac1fec93e4f602338544d3fd2e4f1
5b13fb5957b84ef7bb9d0b6cd509c947ff6a37d67efdac2b896ddd3b908aad10
GET /AdServer/js/pwt/157742/7600/ HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
server: Apache
content-length: 199
content-type: text/html; charset=iso-8859-1
date: Sun, 08 Jan 2023 23:36:48 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 255b0965958620bb4bd2a34a3933ff40
156378b2aed85f3c5b1f535022db505d0a3274f3
89e1e40bfbab2c24a867f577f8b3738bd0cfca63d9cbf3fb0fd09d1ec920d3d8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4757
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:48 GMT
Last-Modified: Sun, 08 Jan 2023 22:17:31 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 313
s0.2mdn.net/instream/video/client.js
142.250.74.70200 OK 17 kB URL HTTP/2 s0.2mdn.net/instream/video/client.js
IP 142.250.74.70:0
File type ASCII text, with very long lines (2156)
Hash 49295de6ccd23cf80b6418a2d209868f
42a955b4560bb22cb9b5b39577f7a691ea345018
d5a29c73c6200af2ed6918a61106e649b92098ecd476830d725ed4d2ea5a8efa
GET /instream/video/client.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 16746
date: Sun, 08 Jan 2023 23:36:48 GMT
expires: Sun, 08 Jan 2023 23:36:48 GMT
cache-control: private, max-age=900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=dvkQKAjbaCW6oJwTNcPk60LlocPe_mmQq60Wy9XjE35TX2s5MTTt6Z7RJsIFLDe-sGjlo-kjc-pcHlnxQ0nrwBYEVQkE22ClXCDwZaoSfM_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpetPb8ioLD8ahzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=KmEOL73XhVN42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwRw-RsTjuYZFQGe9UQZCv2iFKv5O9U2dLAT_0Nrxu5N_Xusikcmh4hDp1TxySiGxia28qOXZAZ6kQWsazIeyr7VXntnN0t5Hy487kQPD7qPMfMEX5By_Xskui0bMBUl7E1vpTF6F-QCQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.29200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=dvkQKAjbaCW6oJwTNcPk60LlocPe_mmQq60Wy9XjE35TX2s5MTTt6Z7RJsIFLDe-sGjlo-kjc-pcHlnxQ0nrwBYEVQkE22ClXCDwZaoSfM_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpetPb8ioLD8ahzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=KmEOL73XhVN42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwRw-RsTjuYZFQGe9UQZCv2iFKv5O9U2dLAT_0Nrxu5N_Xusikcmh4hDp1TxySiGxia28qOXZAZ6kQWsazIeyr7VXntnN0t5Hy487kQPD7qPMfMEX5By_Xskui0bMBUl7E1vpTF6F-QCQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.29:0
File type ASCII text, with very long lines (844), with CRLF line terminators
Hash 41949a1a95d33435123af882b9374018
a475e4eae81dafba49feeac8b84fe4e34b9bfe4b
c56e85d5b227dbf5c481c784e958736e227da73323d8e3e51710590113f5079d
GET /adfscript/?bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=dvkQKAjbaCW6oJwTNcPk60LlocPe_mmQq60Wy9XjE35TX2s5MTTt6Z7RJsIFLDe-sGjlo-kjc-pcHlnxQ0nrwBYEVQkE22ClXCDwZaoSfM_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpetPb8ioLD8ahzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=KmEOL73XhVN42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwRw-RsTjuYZFQGe9UQZCv2iFKv5O9U2dLAT_0Nrxu5N_Xusikcmh4hDp1TxySiGxia28qOXZAZ6kQWsazIeyr7VXntnN0t5Hy487kQPD7qPMfMEX5By_Xskui0bMBUl7E1vpTF6F-QCQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 1222
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:48 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e137d91ff1d52f2f3b37045da9db2690
58c93405e90f191e6405bb09b75b6b795a033e4e
fd8ab1fc158dc32f9754fa9866d43b040baf45796feac5bdd96e9d1cc9336b72
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track.adform.net/adfscript/?bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=6hySndOYzXXLeunpPblOPm8lQE-cghf5ElSLfMgFkm1_n13lPNgUQjkgZx8X_JVdnYjOtW6ltt7cKc6ua77bQA6h88kqn18fYpQoHSxMgc_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpIlzt2H_iB9ChzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=d79Uj5n25D942u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwKvtA_be1ZdS-wbruhBjOb1kl4nQ3hp2DQjaSJINKaTLtzELY4z-4O5_Uft1s-GSgr26xtEKj-NjOPtYacrAAW0LHhy7V-3YW487kQPD7qPMfMEX5By_Xskui0bMBUl7Fz8lrJGBhmqQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
37.157.4.29200 OK 1.2 kB URL HTTP/2 track.adform.net/adfscript/?bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=6hySndOYzXXLeunpPblOPm8lQE-cghf5ElSLfMgFkm1_n13lPNgUQjkgZx8X_JVdnYjOtW6ltt7cKc6ua77bQA6h88kqn18fYpQoHSxMgc_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpIlzt2H_iB9ChzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=d79Uj5n25D942u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwKvtA_be1ZdS-wbruhBjOb1kl4nQ3hp2DQjaSJINKaTLtzELY4z-4O5_Uft1s-GSgr26xtEKj-NjOPtYacrAAW0LHhy7V-3YW487kQPD7qPMfMEX5By_Xskui0bMBUl7Fz8lrJGBhmqQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;
IP 37.157.4.29:0
File type ASCII text, with very long lines (844), with CRLF line terminators
Hash 4e6e95b21dd5d64b21ca5e61fae8de8a
fc7b93f586dd790fa7334ffdfa2d8646539e88b5
35189cd59770492116103148345740f3d6e540d35219fc316cb05712f9d52f4a
GET /adfscript/?bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=6hySndOYzXXLeunpPblOPm8lQE-cghf5ElSLfMgFkm1_n13lPNgUQjkgZx8X_JVdnYjOtW6ltt7cKc6ua77bQA6h88kqn18fYpQoHSxMgc_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpIlzt2H_iB9ChzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=d79Uj5n25D942u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwKvtA_be1ZdS-wbruhBjOb1kl4nQ3hp2DQjaSJINKaTLtzELY4z-4O5_Uft1s-GSgr26xtEKj-NjOPtYacrAAW0LHhy7V-3YW487kQPD7qPMfMEX5By_Xskui0bMBUl7Fz8lrJGBhmqQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 1226
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Wed, 08-Feb-2023 23:36:48 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
37.157.5.71200 OK 16 kB URL HTTP/2 s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
IP 37.157.5.71:0
File type ASCII text, with very long lines (597)
Hash 0b0b65bdac20db77cefb4392f969bf1d
c41d39b0fc014e8dd66571fb053d3795832e3491
3681478458b07c8c1ed2991e86a001805795f1b86ea39aa1e1f36e286e10d0d2
GET /stoat/626/s1.adform.net/bootstrap.js HTTP/1.1
Host: s1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:48 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
cache-control: public, max-age=100000
expires: Thu, 22 Dec 2022 19:29:50 GMT
x-cache-status: STALE
content-encoding: gzip
X-Firefox-Spdy: h2
id5-sync.com/api/esp/increment?counter=no-config
162.19.138.120204 0 B URL HTTP/1.1 id5-sync.com/api/esp/increment?counter=no-config
IP 162.19.138.120:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/esp/increment?counter=no-config HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
date: Sun, 08 Jan 2023 23:36:49 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8c3ba6d9a7d87571f68e1c62d60a6544
6aae892efe1480bb53d388d81ac8179c53364bbc
17a1b879089926a764c58e1337d2887f986a01ed281c8f150df80f870e284104
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1778
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:49 GMT
Last-Modified: Sun, 08 Jan 2023 23:07:11 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
142.250.74.35200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://earnme.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 20:35:00 GMT
expires: Thu, 04 Jan 2024 20:35:00 GMT
cache-control: public, max-age=31536000
age: 356509
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tra.neodatagroup.com/pv?sid=2033&rnd=560535348159&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&ids=d2c4415e-cbae-4bac-9dd4-c8774095a49f;pubcid;PublisherCommonId&pbs=true&neoid=30b277ccfbe05d7
20.73.234.141200 214 B URL HTTP/1.1 tra.neodatagroup.com/pv?sid=2033&rnd=560535348159&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&ids=d2c4415e-cbae-4bac-9dd4-c8774095a49f;pubcid;PublisherCommonId&pbs=true&neoid=30b277ccfbe05d7
IP 20.73.234.141:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with no line terminators
Hash 55e7a9191dd69b4024ef73f4e7bcfcbf
f974dd85d1035b71fe0e04a9fc5d497548541aca
d20b20c121e01e7db01e2fc3e47b514d53f31869ff1cbc67a825b8dc044b6c18
GET /pv?sid=2033&rnd=560535348159&id=11931&ad=122499&rs=1280x1024&lg=en-US&tz=0&ur=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&re=https%253A%252F%252Fwww.google.com%252F&co=24&ids=d2c4415e-cbae-4bac-9dd4-c8774095a49f;pubcid;PublisherCommonId&pbs=true&neoid=30b277ccfbe05d7 HTTP/1.1
Host: tra.neodatagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Cookie: cProfile=AQMLJ3zPvgXXAAAAAAAEAAABhahX198AB2RlZmF1bHQ=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Sun, 08 Jan 2023 23:36:49 GMT
Content-Type: application/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
Access-Control-Allow-Origin: *
Set-Cookie: cP=AVcDCyd8z74F1wAAAAABqYWp; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 08 Jan 2024 23:36:49 GMT;
tr=loCAwICAgdoANDMwYjI3N2NjZmJlMDVkN19kMmM0NDE1ZS1jYmFlLTRiYWMtOWRkNC1jODc3NDA5NWE0OWbOY7tTkQ==; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 08 Jan 2024 23:36:49 GMT;
tr=loCAwICAgdoANDMwYjI3N2NjZmJlMDVkN19kMmM0NDE1ZS1jYmFlLTRiYWMtOWRkNC1jODc3NDA5NWE0OWbOY7tTkQ==; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 08 Jan 2024 23:36:49 GMT;
tr=loCAwICAgdoANDMwYjI3N2NjZmJlMDVkN19kMmM0NDE1ZS1jYmFlLTRiYWMtOWRkNC1jODc3NDA5NWE0OWbOY7tTkQ==; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 08 Jan 2024 23:36:49 GMT;
cOptout=0|yocToken:5oSzmH0V6ivKTk5gVbLnox1oQYs; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 08 Jan 2024 23:36:49 GMT;
vary: accept-encoding
Content-Encoding: gzip
track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=5EU2bw4CpjdC5yJS-ICQQazboUFQG3yp0;rtbdata=E6tQbzBjLA_5M7FcwZTsMEzhpVaIWuA5E_oF-AEYenSE11grKF4dVU1REz67sdhwB4lVwC9gOSlkDC_IsgoUopKn_GBKoUSmd5_0mkbp0H_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai-MrzmQJxhjGzAJWZJdi2Yxjsr3fZYx5kCnqGuhAbga6kWLg8AcERWAalaLoxW3us2nvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=sH5Biba0RT542u1ywTJ-2nsP3fIkO90dL-6WflhvywOAeEqjmpoUBJG4dWAZeGGwwz0LEq8kKVycx-DKtGS9fdspZUSPVcvQqBdNbE9NI9_g_v3MYfxeVb3GBDYzAzIwwmoN7OtPIRLhsFti7eXT--GjNUiwUAFZfb-iTaJQwKi487kQPD7qPMfMEX5By_Xskui0bMBUl7F5oOco3LyqjgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=1x;4458;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.4.29200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=5EU2bw4CpjdC5yJS-ICQQazboUFQG3yp0;rtbdata=E6tQbzBjLA_5M7FcwZTsMEzhpVaIWuA5E_oF-AEYenSE11grKF4dVU1REz67sdhwB4lVwC9gOSlkDC_IsgoUopKn_GBKoUSmd5_0mkbp0H_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai-MrzmQJxhjGzAJWZJdi2Yxjsr3fZYx5kCnqGuhAbga6kWLg8AcERWAalaLoxW3us2nvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=sH5Biba0RT542u1ywTJ-2nsP3fIkO90dL-6WflhvywOAeEqjmpoUBJG4dWAZeGGwwz0LEq8kKVycx-DKtGS9fdspZUSPVcvQqBdNbE9NI9_g_v3MYfxeVb3GBDYzAzIwwmoN7OtPIRLhsFti7eXT--GjNUiwUAFZfb-iTaJQwKi487kQPD7qPMfMEX5By_Xskui0bMBUl7F5oOco3LyqjgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=1x;4458;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.4.29:0
File type ASCII text, with very long lines (4213), with CRLF line terminators
Hash ee5b833adbec4f7a25e61f3984ad9fd9
d78be2c7249645a5ccd7857b7fc4bcc0cf04a676
06d427655426eb88030ad8c03b79b2e4e9a0a04650a24ea3daa122a139d57216
GET /adfserve/?CC=1&bn=60455003;rtbwp=5EU2bw4CpjdC5yJS-ICQQazboUFQG3yp0;rtbdata=E6tQbzBjLA_5M7FcwZTsMEzhpVaIWuA5E_oF-AEYenSE11grKF4dVU1REz67sdhwB4lVwC9gOSlkDC_IsgoUopKn_GBKoUSmd5_0mkbp0H_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai-MrzmQJxhjGzAJWZJdi2Yxjsr3fZYx5kCnqGuhAbga6kWLg8AcERWAalaLoxW3us2nvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=sH5Biba0RT542u1ywTJ-2nsP3fIkO90dL-6WflhvywOAeEqjmpoUBJG4dWAZeGGwwz0LEq8kKVycx-DKtGS9fdspZUSPVcvQqBdNbE9NI9_g_v3MYfxeVb3GBDYzAzIwwmoN7OtPIRLhsFti7eXT--GjNUiwUAFZfb-iTaJQwKi487kQPD7qPMfMEX5By_Xskui0bMBUl7F5oOco3LyqjgO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=1x;4458;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 3188
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60455003A502848A10148559A85009; domain=adform.net; expires=Mon, 09-Jan-2023 23:36:49 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj3_IzIS3Z_LxUQKkpRcZM0JfaL1JFjto_LHqFn5rC7lfMJPGjknbsWDz1w4_3pPte9-sOXM3Ojj142xbX5nejecXYqEgP6vGUfJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rpv8PCezq_eayhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=cJfn2KV0iMl42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVx8RRXW5cV19CnzK7JyYhTrmyf5mOXpQ1GUZBWUUM-BK5k47Q69Bfn3iSfhdai6GIPPzNzyo-NaCdzoBChhHVH8oOsGdmZx_Vu487kQPD7qPMfMEX5By_Xskui0bMBUl7HeHVK23hPpLQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=2x;10691;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.4.29200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj3_IzIS3Z_LxUQKkpRcZM0JfaL1JFjto_LHqFn5rC7lfMJPGjknbsWDz1w4_3pPte9-sOXM3Ojj142xbX5nejecXYqEgP6vGUfJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rpv8PCezq_eayhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=cJfn2KV0iMl42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVx8RRXW5cV19CnzK7JyYhTrmyf5mOXpQ1GUZBWUUM-BK5k47Q69Bfn3iSfhdai6GIPPzNzyo-NaCdzoBChhHVH8oOsGdmZx_Vu487kQPD7qPMfMEX5By_Xskui0bMBUl7HeHVK23hPpLQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=2x;10691;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.4.29:0
File type ASCII text, with very long lines (4181), with CRLF line terminators
Hash c740edfeddc6983a17b503479393b4e6
78b6760c2842dac7e1bfd90db533aa4f9fce2d57
6a047baed8c864867c97de8a107eec4162f5f488611d9b7086fa95f03aaba5a2
GET /adfserve/?CC=1&bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj3_IzIS3Z_LxUQKkpRcZM0JfaL1JFjto_LHqFn5rC7lfMJPGjknbsWDz1w4_3pPte9-sOXM3Ojj142xbX5nejecXYqEgP6vGUfJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rpv8PCezq_eayhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=cJfn2KV0iMl42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVx8RRXW5cV19CnzK7JyYhTrmyf5mOXpQ1GUZBWUUM-BK5k47Q69Bfn3iSfhdai6GIPPzNzyo-NaCdzoBChhHVH8oOsGdmZx_Vu487kQPD7qPMfMEX5By_Xskui0bMBUl7HeHVK23hPpLQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=2x;10691;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 3195
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60455003A502848A10148559A85009; domain=adform.net; expires=Mon, 09-Jan-2023 23:36:49 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj09j_UPtV8zYXVEc97EEUlK225OU1W0qYZY3GpnEbr59J7RJsIFLDe-j2byfIWjplC9lfesFhhNL53JiHJP01yUufr4_ay-qKDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpwPXrVJ0dWN6hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=CD-tm5GXRPl42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyiqPJG9rMX5GWAygnrt0RmHoORplqGkuXJqoKbr55nIqGqH2gC5YmWtEMJCelTARegtejpKETwJVnt8TAOkDI1rPUvhO9j8RO487kQPD7qPMfMEX5By_Xskui0bMBUl7GoJ2hwqD67aQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=3x;6096;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.4.29200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj09j_UPtV8zYXVEc97EEUlK225OU1W0qYZY3GpnEbr59J7RJsIFLDe-j2byfIWjplC9lfesFhhNL53JiHJP01yUufr4_ay-qKDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpwPXrVJ0dWN6hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=CD-tm5GXRPl42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyiqPJG9rMX5GWAygnrt0RmHoORplqGkuXJqoKbr55nIqGqH2gC5YmWtEMJCelTARegtejpKETwJVnt8TAOkDI1rPUvhO9j8RO487kQPD7qPMfMEX5By_Xskui0bMBUl7GoJ2hwqD67aQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=3x;6096;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.4.29:0
File type ASCII text, with very long lines (4181), with CRLF line terminators
Hash a0e5e5e04063c65dcc60350f0e1d9d5a
46d6e34e51b6126d2b568eef8f35fb1f18e1c6a6
e1efd7c69633290c1b9465cb573194228edd983f8bacfb3028c32a60e3e2dbb2
GET /adfserve/?CC=1&bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj09j_UPtV8zYXVEc97EEUlK225OU1W0qYZY3GpnEbr59J7RJsIFLDe-j2byfIWjplC9lfesFhhNL53JiHJP01yUufr4_ay-qKDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpwPXrVJ0dWN6hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=CD-tm5GXRPl42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyiqPJG9rMX5GWAygnrt0RmHoORplqGkuXJqoKbr55nIqGqH2gC5YmWtEMJCelTARegtejpKETwJVnt8TAOkDI1rPUvhO9j8RO487kQPD7qPMfMEX5By_Xskui0bMBUl7GoJ2hwqD67aQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=3x;6096;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 3191
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60455003A502848A10148559A85009; domain=adform.net; expires=Mon, 09-Jan-2023 23:36:49 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=MU7IUQdm5wikA2c3998ILjg6bKrdKNhKIt157lAb_24GFxpUrK6XdlAnoZODnFtPKeYNA8VwmPoXR1x0kq-9i4RMH9okosuJEY9h6-Qhj4TJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpCH2onRf1xv-hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=sTrxLTSbsnR42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVzQOD139VE3Lx-RgCCHL8Dq6GQ9rMySjo3Xgit71ILghXZ8IVYyJjFUAtbU3l4dOyqN6CzW2Yo-skHiobrE7uMYLmclss1OS2y487kQPD7qPMfMEX5By_Xskui0bMBUl7HbKOGkWfgI0gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=4x;748;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.4.29200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=MU7IUQdm5wikA2c3998ILjg6bKrdKNhKIt157lAb_24GFxpUrK6XdlAnoZODnFtPKeYNA8VwmPoXR1x0kq-9i4RMH9okosuJEY9h6-Qhj4TJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpCH2onRf1xv-hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=sTrxLTSbsnR42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVzQOD139VE3Lx-RgCCHL8Dq6GQ9rMySjo3Xgit71ILghXZ8IVYyJjFUAtbU3l4dOyqN6CzW2Yo-skHiobrE7uMYLmclss1OS2y487kQPD7qPMfMEX5By_Xskui0bMBUl7HbKOGkWfgI0gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=4x;748;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.4.29:0
File type ASCII text, with very long lines (4181), with CRLF line terminators
Hash 0a1e01dcd070f86de684b211b80fef24
8ba17319e4ef1a9287953ca44e56fbd7ba22028d
0aee892bf2ef73b76e5bdde98ea4c20e8f17c4beca5d13a676b8a517449db115
GET /adfserve/?CC=1&bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=MU7IUQdm5wikA2c3998ILjg6bKrdKNhKIt157lAb_24GFxpUrK6XdlAnoZODnFtPKeYNA8VwmPoXR1x0kq-9i4RMH9okosuJEY9h6-Qhj4TJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpCH2onRf1xv-hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=sTrxLTSbsnR42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVzQOD139VE3Lx-RgCCHL8Dq6GQ9rMySjo3Xgit71ILghXZ8IVYyJjFUAtbU3l4dOyqN6CzW2Yo-skHiobrE7uMYLmclss1OS2y487kQPD7qPMfMEX5By_Xskui0bMBUl7HbKOGkWfgI0gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=4x;748;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 3187
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60455003A502848A10148559A85009; domain=adform.net; expires=Mon, 09-Jan-2023 23:36:49 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj1k73ya7Eahqc9bMHBB-C4XrmnJducsrRZFHuHTqedGZDRRtJvKKd9ifd5_8qjunFBzSAbf7Hlwy1ZAxYj_mNcQKwkDpcF9aLDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rphg9l8cHSITOhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZYGJl_AFpMt42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyElY7SSIE1CKVq4tt61PvnGg9u5OM-SeXF8UMFJJajoMPJdlXohAPzzA4RueFLITdqSW7nWzpXfzldpgp0yUI7NL2GTgwgaV-487kQPD7qPMfMEX5By_Xskui0bMBUl7F8lZ6ylE6VtQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=5x;6436;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.4.29200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj1k73ya7Eahqc9bMHBB-C4XrmnJducsrRZFHuHTqedGZDRRtJvKKd9ifd5_8qjunFBzSAbf7Hlwy1ZAxYj_mNcQKwkDpcF9aLDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rphg9l8cHSITOhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZYGJl_AFpMt42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyElY7SSIE1CKVq4tt61PvnGg9u5OM-SeXF8UMFJJajoMPJdlXohAPzzA4RueFLITdqSW7nWzpXfzldpgp0yUI7NL2GTgwgaV-487kQPD7qPMfMEX5By_Xskui0bMBUl7F8lZ6ylE6VtQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=5x;6436;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.4.29:0
File type ASCII text, with very long lines (4181), with CRLF line terminators
Hash 39dfafd5c137e55a2894b47f7264dd60
35cc57aecd1669747d3b83b2424d59333b0d9939
d21d849ea0a891bc9d141b23a855a79460a2ce2c674965529f096c26df72c93a
GET /adfserve/?CC=1&bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj1k73ya7Eahqc9bMHBB-C4XrmnJducsrRZFHuHTqedGZDRRtJvKKd9ifd5_8qjunFBzSAbf7Hlwy1ZAxYj_mNcQKwkDpcF9aLDJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rphg9l8cHSITOhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZYGJl_AFpMt42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyElY7SSIE1CKVq4tt61PvnGg9u5OM-SeXF8UMFJJajoMPJdlXohAPzzA4RueFLITdqSW7nWzpXfzldpgp0yUI7NL2GTgwgaV-487kQPD7qPMfMEX5By_Xskui0bMBUl7F8lZ6ylE6VtQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=5x;6436;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 3185
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60455003A502848A10148559A85009; domain=adform.net; expires=Mon, 09-Jan-2023 23:36:49 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=Bn6VM2oCxshqZGw7FYdqOJslJN3JmRyk9iNfhaV36ovZ_2Ie2UKvHVMM0KY5cE_zNm2SbFzL2-CHj39rT1wyVCXAA10ZVmQ3KfNKFrfaXtTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpTg2maC_jDfmhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g0VgM5ByFE6U7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=bVBMP0oFo3h42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyHhe833ttvxIfMPxoZO-Hc9_rwKSkP_nauVBC4-fkWw1cxQvFaH2QHTo-4Vqp0gB5LtsTGVpExQ502JD-hFeZtfMZkDp_b012487kQPD7qPMfMEX5By_Xskui0bMBUl7H-8TB01XrDygO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=6x;7849;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.4.29200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=Bn6VM2oCxshqZGw7FYdqOJslJN3JmRyk9iNfhaV36ovZ_2Ie2UKvHVMM0KY5cE_zNm2SbFzL2-CHj39rT1wyVCXAA10ZVmQ3KfNKFrfaXtTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpTg2maC_jDfmhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g0VgM5ByFE6U7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=bVBMP0oFo3h42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyHhe833ttvxIfMPxoZO-Hc9_rwKSkP_nauVBC4-fkWw1cxQvFaH2QHTo-4Vqp0gB5LtsTGVpExQ502JD-hFeZtfMZkDp_b012487kQPD7qPMfMEX5By_Xskui0bMBUl7H-8TB01XrDygO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=6x;7849;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.4.29:0
File type ASCII text, with very long lines (4181), with CRLF line terminators
Hash 51155a73af185ed04a37745b6256734f
2872cd5ed185a3e9284f815c5a3393af29c6bbe0
6d9b0d33d34aa365dabd403187d44bc223049fd83c1714918173d3a060aa9880
GET /adfserve/?CC=1&bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=Bn6VM2oCxshqZGw7FYdqOJslJN3JmRyk9iNfhaV36ovZ_2Ie2UKvHVMM0KY5cE_zNm2SbFzL2-CHj39rT1wyVCXAA10ZVmQ3KfNKFrfaXtTJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpTg2maC_jDfmhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g0VgM5ByFE6U7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=bVBMP0oFo3h42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyHhe833ttvxIfMPxoZO-Hc9_rwKSkP_nauVBC4-fkWw1cxQvFaH2QHTo-4Vqp0gB5LtsTGVpExQ502JD-hFeZtfMZkDp_b012487kQPD7qPMfMEX5By_Xskui0bMBUl7H-8TB01XrDygO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=6x;7849;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 3201
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60454987A502848A10148559A85009; domain=adform.net; expires=Mon, 09-Jan-2023 23:36:49 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=5EU2bw4CpjdC5yJS-ICQQazboUFQG3yp0;rtbdata=MU7IUQdm5wjn9LqtVPkWVx17Zty3g9iaSdVhfYp35bpPb8lqfHeIP7kjpE4NLSXbOsvMCuhrLwnxWla7DfryCA9uVTDX51GJdRoEks-LV1vJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai-QFJ5YkRDPujAJWZJdi2Yxjsr3fZYx5kCnqGuhAbga6kWLg8AcERWAalaLoxW3us2nvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=jbYGmE6SQ5B42u1ywTJ-2nsP3fIkO90dL-6WflhvywOAeEqjmpoUBJG4dWAZeGGwwz0LEq8kKVxo79yDbpbdinSdaT4RgOwqXjYThpFf9q5ydnVAsHrVOGUTVFgqoc4Vnz5o1HB2nTzv5gRWZ9bwZYDeIoYZeeNjs-z5g8tGpQG487kQPD7qPMfMEX5By_Xskui0bMBUl7Fz9_AzJkes6gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=7x;10316;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.4.29200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=5EU2bw4CpjdC5yJS-ICQQazboUFQG3yp0;rtbdata=MU7IUQdm5wjn9LqtVPkWVx17Zty3g9iaSdVhfYp35bpPb8lqfHeIP7kjpE4NLSXbOsvMCuhrLwnxWla7DfryCA9uVTDX51GJdRoEks-LV1vJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai-QFJ5YkRDPujAJWZJdi2Yxjsr3fZYx5kCnqGuhAbga6kWLg8AcERWAalaLoxW3us2nvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=jbYGmE6SQ5B42u1ywTJ-2nsP3fIkO90dL-6WflhvywOAeEqjmpoUBJG4dWAZeGGwwz0LEq8kKVxo79yDbpbdinSdaT4RgOwqXjYThpFf9q5ydnVAsHrVOGUTVFgqoc4Vnz5o1HB2nTzv5gRWZ9bwZYDeIoYZeeNjs-z5g8tGpQG487kQPD7qPMfMEX5By_Xskui0bMBUl7Fz9_AzJkes6gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=7x;10316;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.4.29:0
File type ASCII text, with very long lines (4214), with CRLF line terminators
Hash 24c5db70d27c71e12e228ca42883909c
377475ecd76d64de9846d44bc2664081ae37f550
6751403effdddf519e66c076e1e3fc6d2c609477612b025bcd53aa7685cbd37c
GET /adfserve/?CC=1&bn=60455003;rtbwp=5EU2bw4CpjdC5yJS-ICQQazboUFQG3yp0;rtbdata=MU7IUQdm5wjn9LqtVPkWVx17Zty3g9iaSdVhfYp35bpPb8lqfHeIP7kjpE4NLSXbOsvMCuhrLwnxWla7DfryCA9uVTDX51GJdRoEks-LV1vJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai-QFJ5YkRDPujAJWZJdi2Yxjsr3fZYx5kCnqGuhAbga6kWLg8AcERWAalaLoxW3us2nvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=jbYGmE6SQ5B42u1ywTJ-2nsP3fIkO90dL-6WflhvywOAeEqjmpoUBJG4dWAZeGGwwz0LEq8kKVxo79yDbpbdinSdaT4RgOwqXjYThpFf9q5ydnVAsHrVOGUTVFgqoc4Vnz5o1HB2nTzv5gRWZ9bwZYDeIoYZeeNjs-z5g8tGpQG487kQPD7qPMfMEX5By_Xskui0bMBUl7Fz9_AzJkes6gO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=7x;10316;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 3189
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60455003A502848A10148559A85009; domain=adform.net; expires=Mon, 09-Jan-2023 23:36:49 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=5EU2bw4CpjdC5yJS-ICQQazboUFQG3yp0;rtbdata=6hySndOYzXXnEGulUL3rh4UeiuAaehu8rPLYxlb9MRMCEh_N-el6OTRRtJvKKd9itbcaYc5Ijtl0bCeW9ZRngL3jQqLQmhjAiyAzaoLQwJzJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai-uHcYBs3hhsDAJWZJdi2Yxjsr3fZYx5kCnqGuhAbga6kWLg8AcERWAmqq0Gg2xcaynvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=c56NYr6cpeF42u1ywTJ-2nsP3fIkO90dL-6WflhvywOAeEqjmpoUBJG4dWAZeGGwwz0LEq8kKVy19B5mc2XK0zwVKlk5WTFFPEVeBDRpCx39Fp0pMJHbPcJWE5FEhONnDHDQf38ksPojoJBZwzakMnIdGo7xesFhEe-9e9bwzYS487kQPD7qPMfMEX5By_Xskui0bMBUl7HpTfHgdI9wegO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=8x;1495;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.4.29200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=5EU2bw4CpjdC5yJS-ICQQazboUFQG3yp0;rtbdata=6hySndOYzXXnEGulUL3rh4UeiuAaehu8rPLYxlb9MRMCEh_N-el6OTRRtJvKKd9itbcaYc5Ijtl0bCeW9ZRngL3jQqLQmhjAiyAzaoLQwJzJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai-uHcYBs3hhsDAJWZJdi2Yxjsr3fZYx5kCnqGuhAbga6kWLg8AcERWAmqq0Gg2xcaynvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=c56NYr6cpeF42u1ywTJ-2nsP3fIkO90dL-6WflhvywOAeEqjmpoUBJG4dWAZeGGwwz0LEq8kKVy19B5mc2XK0zwVKlk5WTFFPEVeBDRpCx39Fp0pMJHbPcJWE5FEhONnDHDQf38ksPojoJBZwzakMnIdGo7xesFhEe-9e9bwzYS487kQPD7qPMfMEX5By_Xskui0bMBUl7HpTfHgdI9wegO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=8x;1495;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.4.29:0
File type ASCII text, with very long lines (4214), with CRLF line terminators
Hash 7b20f56a7d94d2f3a4fe37943e5a8816
76b276995068483de5397819cf6ae0e3575ab4e6
ad675d718e6a0396db99e7c75b7d18126818561d679cd5de0609f4b551bb217b
GET /adfserve/?CC=1&bn=60455003;rtbwp=5EU2bw4CpjdC5yJS-ICQQazboUFQG3yp0;rtbdata=6hySndOYzXXnEGulUL3rh4UeiuAaehu8rPLYxlb9MRMCEh_N-el6OTRRtJvKKd9itbcaYc5Ijtl0bCeW9ZRngL3jQqLQmhjAiyAzaoLQwJzJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHYOarLjpVPM0rj6TxyUDP-6YJsT30rWEH4oJR2Kb0Ai-uHcYBs3hhsDAJWZJdi2Yxjsr3fZYx5kCnqGuhAbga6kWLg8AcERWAmqq0Gg2xcaynvpUcyTYEYKYJsT30rWEHsuNCl23SN2k1;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=c56NYr6cpeF42u1ywTJ-2nsP3fIkO90dL-6WflhvywOAeEqjmpoUBJG4dWAZeGGwwz0LEq8kKVy19B5mc2XK0zwVKlk5WTFFPEVeBDRpCx39Fp0pMJHbPcJWE5FEhONnDHDQf38ksPojoJBZwzakMnIdGo7xesFhEe-9e9bwzYS487kQPD7qPMfMEX5By_Xskui0bMBUl7HpTfHgdI9wegO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=8x;1495;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 3176
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60455003A502848A10148559A85009; domain=adform.net; expires=Mon, 09-Jan-2023 23:36:49 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj1243aSNSe2onVg1x3AUaMEmRi_FH3IvYbggS0qMKyINrkjpE4NLSXbGgXpvr3uH1KgeKhYEIhFC_qaUh8odQbK6YvLgHI3z87JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rpb7VU2FtoZK2hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=zU0iGqPF5wp42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyvfxUAZ6Z5_-3BN6vaHD9C7ewUwHnT5GR5glKuzz9wEbpBf-ksOYoL_xTvZmM5kPQSl50qRhil9RKsCimDwgQEUSb4Ldq17Ye487kQPD7qPMfMEX5By_Xskui0bMBUl7EQKTQnL4h_UQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=9x;300;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.4.29200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj1243aSNSe2onVg1x3AUaMEmRi_FH3IvYbggS0qMKyINrkjpE4NLSXbGgXpvr3uH1KgeKhYEIhFC_qaUh8odQbK6YvLgHI3z87JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rpb7VU2FtoZK2hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=zU0iGqPF5wp42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyvfxUAZ6Z5_-3BN6vaHD9C7ewUwHnT5GR5glKuzz9wEbpBf-ksOYoL_xTvZmM5kPQSl50qRhil9RKsCimDwgQEUSb4Ldq17Ye487kQPD7qPMfMEX5By_Xskui0bMBUl7EQKTQnL4h_UQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=9x;300;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.4.29:0
File type ASCII text, with very long lines (4181), with CRLF line terminators
Hash 655bf675f5a3ff3653ad5c9328aded7d
3612ccfa494ac66041c568b3ea7123a262b05811
0e7b90853ecf4a92c7a7b815b0c324fe2e684330c7d0966e1960ddbfc6c30878
GET /adfserve/?CC=1&bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=TJ4qHFkmLj1243aSNSe2onVg1x3AUaMEmRi_FH3IvYbggS0qMKyINrkjpE4NLSXbGgXpvr3uH1KgeKhYEIhFC_qaUh8odQbK6YvLgHI3z87JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rpb7VU2FtoZK2hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=zU0iGqPF5wp42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVyvfxUAZ6Z5_-3BN6vaHD9C7ewUwHnT5GR5glKuzz9wEbpBf-ksOYoL_xTvZmM5kPQSl50qRhil9RKsCimDwgQEUSb4Ldq17Ye487kQPD7qPMfMEX5By_Xskui0bMBUl7EQKTQnL4h_UQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=9x;300;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 3195
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60454987A502848A10148559A85009; domain=adform.net; expires=Mon, 09-Jan-2023 23:36:49 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=hPzTdJMDKIhew3tOOAjulZ0UmQHsDbLTeLQEbZJ1HS12urk0KCfKdbkjpE4NLSXb7jPEOIC80v3h-Vy5Ljz3nHCGylMl_gDsjdDb3oFK-SfJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rp-gvPvkwtJDKhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=f_kA1Kj8lPd42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwLVILThQzFEIGuh_Ja4Cfd4-wkLdhrPXZ3nKmBOAYeKe5sTEU_7Sp4IN0JON9GMlM_wTIzZ0kNzpoa5ew0Mk5gPPvKF55b-aW487kQPD7qPMfMEX5By_Xskui0bMBUl7GGFRt4XmwqlQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=10x;6172;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.4.29200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=hPzTdJMDKIhew3tOOAjulZ0UmQHsDbLTeLQEbZJ1HS12urk0KCfKdbkjpE4NLSXb7jPEOIC80v3h-Vy5Ljz3nHCGylMl_gDsjdDb3oFK-SfJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rp-gvPvkwtJDKhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=f_kA1Kj8lPd42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwLVILThQzFEIGuh_Ja4Cfd4-wkLdhrPXZ3nKmBOAYeKe5sTEU_7Sp4IN0JON9GMlM_wTIzZ0kNzpoa5ew0Mk5gPPvKF55b-aW487kQPD7qPMfMEX5By_Xskui0bMBUl7GGFRt4XmwqlQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=10x;6172;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.4.29:0
File type ASCII text, with very long lines (4182), with CRLF line terminators
Hash 911c4d78209d2a4c06f60acbe900332f
972be8f3c6fefdf4867ced1eafa230d203d7cc13
3befae1bf2f4944d22320798d0d242d6389dc1924bc4339d1491c6448bcd7847
GET /adfserve/?CC=1&bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=hPzTdJMDKIhew3tOOAjulZ0UmQHsDbLTeLQEbZJ1HS12urk0KCfKdbkjpE4NLSXb7jPEOIC80v3h-Vy5Ljz3nHCGylMl_gDsjdDb3oFK-SfJdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rp-gvPvkwtJDKhzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g1pRK-QdmoCG7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=f_kA1Kj8lPd42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwLVILThQzFEIGuh_Ja4Cfd4-wkLdhrPXZ3nKmBOAYeKe5sTEU_7Sp4IN0JON9GMlM_wTIzZ0kNzpoa5ew0Mk5gPPvKF55b-aW487kQPD7qPMfMEX5By_Xskui0bMBUl7GGFRt4XmwqlQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=10x;6172;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 3195
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60454987A502848A10148559A85009; domain=adform.net; expires=Mon, 09-Jan-2023 23:36:49 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=hPzTdJMDKIi4ElP_ualM7Mrk3_k94ym0zdJAskLfXAdXYiRhovL8qzZ9JNJrNRQTDC8jHSIOehIZemqKoG_AbARNdQMlWFivlgH_BfgScL7JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rpa5jfBcHF0N6hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=N5eGJ5ePRrt42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwPMNKRfdFmvbeD7rK_Cn1OEv-QMrNUYLbcDhw1y6NQtBUPJKls5bfWFMSc8Zk1CSQG1j2rymXXpwG0Ck-snHuYI3ktrFS0E_C487kQPD7qPMfMEX5By_Xskui0bMBUl7GZftuWHsjmswO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=11x;6385;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.4.29200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=hPzTdJMDKIi4ElP_ualM7Mrk3_k94ym0zdJAskLfXAdXYiRhovL8qzZ9JNJrNRQTDC8jHSIOehIZemqKoG_AbARNdQMlWFivlgH_BfgScL7JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rpa5jfBcHF0N6hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=N5eGJ5ePRrt42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwPMNKRfdFmvbeD7rK_Cn1OEv-QMrNUYLbcDhw1y6NQtBUPJKls5bfWFMSc8Zk1CSQG1j2rymXXpwG0Ck-snHuYI3ktrFS0E_C487kQPD7qPMfMEX5By_Xskui0bMBUl7GZftuWHsjmswO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=11x;6385;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.4.29:0
File type ASCII text, with very long lines (4182), with CRLF line terminators
Hash 4f57a8f27236951f04e96bb610f52483
b315372568e4865e78874e8488fac1bb931aa869
beec2f8390e7c96a8ada7ebe5c22530806a04991b4050ea22c4071f0fff376b4
GET /adfserve/?CC=1&bn=60455003;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=hPzTdJMDKIi4ElP_ualM7Mrk3_k94ym0zdJAskLfXAdXYiRhovL8qzZ9JNJrNRQTDC8jHSIOehIZemqKoG_AbARNdQMlWFivlgH_BfgScL7JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6Rpa5jfBcHF0N6hzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=N5eGJ5ePRrt42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwPMNKRfdFmvbeD7rK_Cn1OEv-QMrNUYLbcDhw1y6NQtBUPJKls5bfWFMSc8Zk1CSQG1j2rymXXpwG0Ck-snHuYI3ktrFS0E_C487kQPD7qPMfMEX5By_Xskui0bMBUl7GZftuWHsjmswO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=11x;6385;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 3189
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60455003A502848A10148559A85009; domain=adform.net; expires=Mon, 09-Jan-2023 23:36:49 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
tags.crwdcntrl.net/lt/c/16589/sync.min.js
54.230.111.37200 OK 13 kB URL HTTP/2 tags.crwdcntrl.net/lt/c/16589/sync.min.js
IP 54.230.111.37:0
File type ASCII text, with very long lines (32554), with CRLF line terminators
Hash fe1a3a2584fd2a61575701f3446cab8b
247d49bb495c7e2bae7a4ec730ccb91856738794
2f56fef0f4fc461563eb37b2d434a5ca5665f98e76a44241ffc8e89728067bff
GET /lt/c/16589/sync.min.js HTTP/1.1
Host: tags.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 05 Jan 2023 20:08:05 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 20:15:08 GMT
cache-control: max-age: 86400
etag: W/"87ee016ad429d1c83712b8d81ccb3c59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: teF8vOA6ubm2utAxseMirC48IJ44LGJuOsa10ZL_tbaJvyy3QiUsjg==
age: 12101
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 3059666d0f43b6b90746dc07557c5d04
76a98da419ac4a86a642ed854d23b39058168a1a
f58d99b53331271b7eb5c647e5a22586f47708dce2a8be9be57b314a83b19d31
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 23:36:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 12 Jan 2023 21:21:55 GMT
ETag: "76a98da419ac4a86a642ed854d23b39058168a1a"
Last-Modified: Sun, 08 Jan 2023 21:21:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1908
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7868c1ef0d2bb527-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash fa5c856060c7791c8656033443ab1164
402199d1ad60adec4ec032e690b38f839d6dc9b1
f8abf722630eea96652d3e527794779a09ababbd2f59259f11def6ab31981533
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 23:36:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 12 Jan 2023 20:23:09 GMT
ETag: "402199d1ad60adec4ec032e690b38f839d6dc9b1"
Last-Modified: Sun, 08 Jan 2023 20:23:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 54
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7868c1ef4afafab4-OSL
dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
85.114.159.93302 Found 0 B URL HTTP/1.1 dsp.adfarm1.adition.com/cookie/?ssp=5&gdpr=0&gdpr_consent=
IP 85.114.159.93:0
ASN #24961 myLoc managed IT AG
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie/?ssp=5&gdpr=0&gdpr_consent= HTTP/1.1
Host: dsp.adfarm1.adition.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 08 Jan 2023 23:36:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=7186429512656287899; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7186429512656287899&gdpr=0&gdpr_consent=
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 5c4f9c3557fb57db85bdb139f0bc57a7
fd80083ab1fc1c8f57639daa3b035a18f2ec76e7
9f3f989ba265c94acc84f5e681ce1e9d4b252af92b82697d362e046ec1ea5d3a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 08 Jan 2023 23:36:49 GMT
Last-Modified: Sun, 08 Jan 2023 21:47:16 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XaY4DXkozT8j3nLTz-E5o-vbbcHt93rFc8dfb5wyhvywYCagVHTBXw==
Age: 6573
track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=dvkQKAjbaCW6oJwTNcPk60LlocPe_mmQq60Wy9XjE35TX2s5MTTt6Z7RJsIFLDe-sGjlo-kjc-pcHlnxQ0nrwBYEVQkE22ClXCDwZaoSfM_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpetPb8ioLD8ahzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=KmEOL73XhVN42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwRw-RsTjuYZFQGe9UQZCv2iFKv5O9U2dLAT_0Nrxu5N_Xusikcmh4hDp1TxySiGxia28qOXZAZ6kQWsazIeyr7VXntnN0t5Hy487kQPD7qPMfMEX5By_Xskui0bMBUl7E1vpTF6F-QCQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=13x;2642;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.4.29200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=dvkQKAjbaCW6oJwTNcPk60LlocPe_mmQq60Wy9XjE35TX2s5MTTt6Z7RJsIFLDe-sGjlo-kjc-pcHlnxQ0nrwBYEVQkE22ClXCDwZaoSfM_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpetPb8ioLD8ahzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=KmEOL73XhVN42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwRw-RsTjuYZFQGe9UQZCv2iFKv5O9U2dLAT_0Nrxu5N_Xusikcmh4hDp1TxySiGxia28qOXZAZ6kQWsazIeyr7VXntnN0t5Hy487kQPD7qPMfMEX5By_Xskui0bMBUl7E1vpTF6F-QCQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=13x;2642;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.4.29:0
File type ASCII text, with very long lines (4182), with CRLF line terminators
Hash 11de3e7dbd01abfd89c52fd48d790082
80bcf5dc1a4b4548a4d5eaf10fe0bcb3a41c954d
58c8578b0522d89a4b0a316e06a97c8a633a5460a27a0dc492bb137bab77eaf9
GET /adfserve/?CC=1&bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=dvkQKAjbaCW6oJwTNcPk60LlocPe_mmQq60Wy9XjE35TX2s5MTTt6Z7RJsIFLDe-sGjlo-kjc-pcHlnxQ0nrwBYEVQkE22ClXCDwZaoSfM_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpetPb8ioLD8ahzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=KmEOL73XhVN42u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwRw-RsTjuYZFQGe9UQZCv2iFKv5O9U2dLAT_0Nrxu5N_Xusikcmh4hDp1TxySiGxia28qOXZAZ6kQWsazIeyr7VXntnN0t5Hy487kQPD7qPMfMEX5By_Xskui0bMBUl7E1vpTF6F-QCQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=13x;2642;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 3191
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60454987A502848A10148559A85009; domain=adform.net; expires=Mon, 09-Jan-2023 23:36:49 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
3.33.220.150200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
IP 3.33.220.150:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=6hySndOYzXXLeunpPblOPm8lQE-cghf5ElSLfMgFkm1_n13lPNgUQjkgZx8X_JVdnYjOtW6ltt7cKc6ua77bQA6h88kqn18fYpQoHSxMgc_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpIlzt2H_iB9ChzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=d79Uj5n25D942u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwKvtA_be1ZdS-wbruhBjOb1kl4nQ3hp2DQjaSJINKaTLtzELY4z-4O5_Uft1s-GSgr26xtEKj-NjOPtYacrAAW0LHhy7V-3YW487kQPD7qPMfMEX5By_Xskui0bMBUl7Fz8lrJGBhmqQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=14x;10005;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
37.157.4.29200 OK 3.2 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=6hySndOYzXXLeunpPblOPm8lQE-cghf5ElSLfMgFkm1_n13lPNgUQjkgZx8X_JVdnYjOtW6ltt7cKc6ua77bQA6h88kqn18fYpQoHSxMgc_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpIlzt2H_iB9ChzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=d79Uj5n25D942u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwKvtA_be1ZdS-wbruhBjOb1kl4nQ3hp2DQjaSJINKaTLtzELY4z-4O5_Uft1s-GSgr26xtEKj-NjOPtYacrAAW0LHhy7V-3YW487kQPD7qPMfMEX5By_Xskui0bMBUl7Fz8lrJGBhmqQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=14x;10005;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f
IP 37.157.4.29:0
File type ASCII text, with very long lines (4182), with CRLF line terminators
Hash 9725c148fa4f8389240b10e727bc6150
a8001695aea20912d3abdd812f42f826610fdd99
2d4bf77d1061f61b6fef1751e08abd83f2c867cf98722523eada20b8208d862e
GET /adfserve/?CC=1&bn=60454987;rtbwp=hQsNFrjG1locjMMMuXjVNqzboUFQG3yp0;rtbdata=6hySndOYzXXLeunpPblOPm8lQE-cghf5ElSLfMgFkm1_n13lPNgUQjkgZx8X_JVdnYjOtW6ltt7cKc6ua77bQA6h88kqn18fYpQoHSxMgc_JdVNPTLJm4SM9Afw9re89ztqshedlpVDFfFhzcFQfELZ0IU3-RCnHHtO7eaQvurkSijFvN9IZghOzbJHWu6RpIlzt2H_iB9ChzGbpxVViSZA3rxS2iG_tovtpqV_-lm3Sm_MygVJ8g3QDHc3nbD_M7epW6WxFInlaJUERr2HfA-FBboVeNKvP0;;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=d79Uj5n25D942u1ywTJ-2kN-5aGzml3TuHungJIMfbFNcVi1s3jvQZG4dWAZeGGwwz0LEq8kKVwKvtA_be1ZdS-wbruhBjOb1kl4nQ3hp2DQjaSJINKaTLtzELY4z-4O5_Uft1s-GSgr26xtEKj-NjOPtYacrAAW0LHhy7V-3YW487kQPD7qPMfMEX5By_Xskui0bMBUl7Fz8lrJGBhmqQO8_7rsP1jj0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=14x;10005;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3a%2f%2fflashnetic.com%2f HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: text/javascript; charset=utf-8
content-length: 3192
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: OMIUNIBET_NO=60454987A502848A10148559A85009; domain=adform.net; expires=Mon, 09-Jan-2023 23:36:49 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/esp.js
104.22.53.86200 OK 17 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/esp.js
IP 104.22.53.86:0
File type ASCII text, with very long lines (59374)
Hash 0439282a2fef6180eb6fcda7854f17fe
594f3b03235b94509259c53b2a7a508deafc7ebe
f06b11284968d6486120ae4e76a2cffe1913a0ecde5553727336b309633b1022
GET /api/1.0/esp.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:48 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: br8ocj5fWmQgOqNy/Y5LiIH5q+MAwLmtxoIHmumKrdJnVOflpFk2DrvLlhRMxH1N156iQZCmWrRJmSpedVGlPA==
x-amz-request-id: 9KT5DTFKEWY7HC5S
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
etag: W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 715
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7868c1e5a8231bfe-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 82256afbab895fe0744d55d7c5a0c991
5b8cd7464bfb2bf3f6338fb9d9614c7310ab2680
3bd999a07c1cc9634529e23eed155d82b7966368da0988f357a84c498935cef9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103796
Date: Sun, 08 Jan 2023 23:36:49 GMT
Etag: "63ba3348-1d7"
Expires: Tue, 10 Jan 2023 04:26:45 GMT
Last-Modified: Sun, 08 Jan 2023 03:06:48 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TzjnSAwAof-t9xEbNV_k70o8U7SLScban3feQxOf12WQA9M4LYut3Q==
Age: 4797
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 7f492172dea36e21332a376a4fac0aa1
fee9169be3b11a24afef27d041c427361091245d
6ac0f60a6ab0f1a149a82db5bbc8e27e8360631ab595c04bbf8e2643e98467d5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 23:36:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 07 Jan 2023 15:11:54 GMT
Expires: Sat, 14 Jan 2023 15:11:53 GMT
Etag: "fee9169be3b11a24afef27d041c427361091245d"
Cache-Control: max-age=487503,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7868c1ef0e9d0b55-OSL
ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001673220997-UVFZKA3T-VBO0
44.241.175.242302 Found 473 B URL HTTP/2 ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001673220997-UVFZKA3T-VBO0
IP 44.241.175.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (363)
Hash 91bc36959cdba1f401156084aea856da
bb8f4d9d8232cd96e8fef7e0c5fe91c8e718f757
320f5b84b24694870e380e5f34eeaa8e12fe852a7c59ff6cdeb99b905af10de7
GET /api/v1/g_hosted?id=AU1D-0100-001673220997-UVFZKA3T-VBO0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: text/html; charset=utf-8
content-length: 473
location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3MzIyMDk5Ny1VVkZaS0EzVC1WQk8w
server: nginx/1.20.0
set-cookie: au_id=AU1D-0100-001673220997-UVFZKA3T-VBO0; Expires=Tue, 07 Jan 2025 23:36:49 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
g_hosted=; Expires=Tue, 07 Jan 2025 23:36:49 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001673220997-UVFZKA3T-VBO0
44.241.175.242200 OK 0 B URL HTTP/2 ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001673220997-UVFZKA3T-VBO0
IP 44.241.175.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/ip_match?id=AU1D-0100-001673220997-UVFZKA3T-VBO0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: text/html; charset=utf-8
content-length: 0
server: nginx/1.20.0
X-Firefox-Spdy: h2
visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent=
185.255.84.152307 Temporary Redirect 0 B URL HTTP/2 visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent=
IP 185.255.84.152:0
ASN #200271 Iguane Solutions SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
expires: 0
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=82945d77ef210f9469c228b0927ee470&gdpr=0&gdpr_consent=0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=82945d77ef210f9469c228b0927ee470; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Sun, 08 Jan 2023 23:36:49 GMT
content-length: 0
x-envoy-upstream-service-time: 1
server: ayl-lb-fra02
X-Firefox-Spdy: h2
a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
54.237.145.190302 0 B URL HTTP/1.1 a.audrte.com/get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
IP 54.237.145.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get?p=M501991648&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D141%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP/1.1
Host: a.audrte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Date: Sun, 08 Jan 2023 23:36:50 GMT
Location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=l5hR06VL6kKTqmbCbPECtsDCQ&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648
Server: nginx/1.18.0
Set-Cookie: arcki2=l5hR06VL6kKTqmbCbPECtsDCQ!20220908!1673221010006!ip#91.90.42.154; Max-Age=1296000; Expires=Mon, 23-Jan-2023 23:36:50 GMT; Domain=audrte.com; Path=/; Secure; HttpOnly; SameSite=none; Secure
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 0
Connection: keep-alive
static.criteo.net/js/ld/publishertag.ids.js
178.250.0.130200 OK 62 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.ids.js
IP 178.250.0.130:0
Hash f90733d0b958b3c31b82f6e77640ac36
6c5a1f59bb6eadc87cf9ee88e672c37369148c14
cb2b05c274560c516e4a3b25fc63bbb4df69c314c13c0c617d79b34af5b6409c
GET /js/ld/publishertag.ids.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:48 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-9c1f"
expires: Mon, 09 Jan 2023 23:36:48 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash d063408096e342cfb138b586f0f60396
651350496ff9eb8afe8b241e44007f32ed55bc73
e9e324e8c1544c83ab6d16b2335cfd0d76c7807335bca01269e3059e2426d3dd
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 08 Jan 2023 23:36:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 08 Jan 2023 22:39:15 GMT
Expires: Mon, 09 Jan 2023 22:39:15 GMT
ETag: "651350496ff9eb8afe8b241e44007f32ed55bc73"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001673220997-UVFZKA3T-VBO0&gdpr=0
3.33.220.150200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001673220997-UVFZKA3T-VBO0&gdpr=0
IP 3.33.220.150:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001673220997-UVFZKA3T-VBO0&gdpr=0 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:50 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 08f10f5007c6b7099933d99f846ff8f1
c679f72904910876670716aa44ffb6220196b0b8
9c6623aa6466afe26db737a82035ec24b11f556922a96854b2537afa91dc703d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6192
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:50 GMT
Last-Modified: Sun, 08 Jan 2023 21:53:38 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b4355a51800288c6c14f79a933f23a0f
46f6bbd30164cd6f56d91931bcd978992988c870
76b46d71d3e73214e3fac22306dc04f2d9543a5fbac21244eb57a1689eae0f49
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4625
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:50 GMT
Last-Modified: Sun, 08 Jan 2023 22:19:45 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001673220997-UVFZKA3T-VBO0&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001673220997-UVFZKA3T-VBO0%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
35.227.248.159302 Found 0 B URL HTTP/2 pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001673220997-UVFZKA3T-VBO0&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001673220997-UVFZKA3T-VBO0%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
IP 35.227.248.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001673220997-UVFZKA3T-VBO0&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001673220997-UVFZKA3T-VBO0%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP/1.1
Host: pixel.tapad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 08 Jan 2023 23:36:50 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie: TapAd_TS=1673221010290;Expires=Thu, 09 Mar 2023 23:36:50 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
TapAd_DID=56a7d59a-d9a4-47da-9011-4085bb7b8247;Expires=Thu, 09 Mar 2023 23:36:50 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001673220997-UVFZKA3T-VBO0&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001673220997-UVFZKA3T-VBO0%26tapad_id%3D%24%7BTA_DEVICE_ID%7D
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001673220997-UVFZKA3T-VBO0&gdpr=0
213.19.162.90204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001673220997-UVFZKA3T-VBO0&gdpr=0
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=50242&puid=AU1D-0100-001673220997-UVFZKA3T-VBO0&gdpr=0 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: deb9f124eecce7a554c70ca983265c95
secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001673220997-UVFZKA3T-VBO0&adnxs_id=$UID&gdpr=0
37.252.171.21307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001673220997-UVFZKA3T-VBO0&adnxs_id=$UID&gdpr=0
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001673220997-UVFZKA3T-VBO0&adnxs_id=$UID&gdpr=0 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:50 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001673220997-UVFZKA3T-VBO0%26adnxs_id%3D%24UID%26gdpr%3D0
AN-X-Request-Uuid: d60a5754-cf7b-4d9f-a1cd-0c33f8f4fdb5
Set-Cookie: uuid2=4106427467153444236; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 08-Apr-2023 23:36:50 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001673220997-UVFZKA3T-VBO0%26sas_uid%3D%5bsas_uid%5d&gdpr=0
185.86.137.132302 Found 0 B URL HTTP/1.1 sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001673220997-UVFZKA3T-VBO0%26sas_uid%3D%5bsas_uid%5d&gdpr=0
IP 185.86.137.132:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001673220997-UVFZKA3T-VBO0%26sas_uid%3D%5bsas_uid%5d&gdpr=0 HTTP/1.1
Host: sync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
content-length: 0
date: Sun, 08 Jan 2023 23:36:49 GMT
cache-control: no-cache,no-store
location: https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001673220997-UVFZKA3T-VBO0&sas_uid=[sas_uid]&gdpr=0&cklb=1
pragma: no-cache
set-cookie: TestIfCookie=ok; expires=Mon, 01 Jan 0001 00:00:00 GMT; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 08 Jan 2024 23:36:50 GMT; domain=.smartadserver.com; path=/
pbw=%24b%3d12100%3b%24o%3d11100; expires=Mon, 08 Jan 2024 23:36:50 GMT; domain=.smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 08f10f5007c6b7099933d99f846ff8f1
c679f72904910876670716aa44ffb6220196b0b8
9c6623aa6466afe26db737a82035ec24b11f556922a96854b2537afa91dc703d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6192
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:50 GMT
Last-Modified: Sun, 08 Jan 2023 21:53:38 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b51fec706ea68d44785693cc59e73194
ab6db2b26ebfe886c9485adae8f973b904c3eb61
721d5ef2e964219190a3cf0554cf100b82e1a3322630ff44175c02a57cae0450
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2344
Cache-Control: max-age=148135
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:50 GMT
Etag: "63baea11-1d7"
Expires: Tue, 10 Jan 2023 16:45:45 GMT
Last-Modified: Sun, 08 Jan 2023 16:06:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019
216.58.211.3200 OK 14 kB URL HTTP/2 www.gstatic.com/mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019
IP 216.58.211.3:0
File type C++ source, ASCII text, with very long lines (1833)
Hash 5ecfc563c0b88ed44090a2776f05c75e
ec0d2777673e0efcb3b5e4c252c4cb4e248eba19
046597e9372e67a235803498661594732aad533d42cf89afe2ef3994a2b1a60f
GET /mysidia/148b897ed20242fb53e65c70a8c63c89.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://31edf8a0b4b1f1d9cbc65751203a28a1.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 14307
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Jan 2023 02:18:40 GMT
expires: Wed, 05 Apr 2023 02:18:40 GMT
cache-control: public, max-age=7776000
age: 335890
last-modified: Fri, 09 Dec 2022 19:06:26 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
216.58.211.3200 OK 205 B URL HTTP/2 www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
IP 216.58.211.3:0
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 4087858e2c9db9aa8f6a840aedcfb533
d1ffe861da6bd0e95fd1a365b0c3d3ceb6cd58a3
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
GET /images/icons/material/system/2x/feedback_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://31edf8a0b4b1f1d9cbc65751203a28a1.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 06:39:49 GMT
expires: Sun, 07 Jan 2024 06:39:49 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 147421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
216.58.211.3200 OK 604 B URL HTTP/2 www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
IP 216.58.211.3:0
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 7bd42e5a35b5fb3ff852d6ea9191ca83
8a141eb392a05a2dea3dcd83b97940ef70a81ebc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
GET /images/icons/material/system/2x/settings_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://31edf8a0b4b1f1d9cbc65751203a28a1.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 14:25:54 GMT
expires: Sun, 07 Jan 2024 14:25:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 119456
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/xbbe/pixel?d=CLSPmdgCENe9--oCGLTOvtwBMAE&v=APEucNVUDDIwQg_X2jWD8G7dyO14swwvzbgp2gtY0OGbYu4IGnpowNbStLl1IhyZzlDVw3n-gI3d0dE2BQN_4HMtOeTLltuZJw
142.250.74.66200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CLSPmdgCENe9--oCGLTOvtwBMAE&v=APEucNVUDDIwQg_X2jWD8G7dyO14swwvzbgp2gtY0OGbYu4IGnpowNbStLl1IhyZzlDVw3n-gI3d0dE2BQN_4HMtOeTLltuZJw
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CLSPmdgCENe9--oCGLTOvtwBMAE&v=APEucNVUDDIwQg_X2jWD8G7dyO14swwvzbgp2gtY0OGbYu4IGnpowNbStLl1IhyZzlDVw3n-gI3d0dE2BQN_4HMtOeTLltuZJw HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://31edf8a0b4b1f1d9cbc65751203a28a1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 08 Jan 2023 23:36:50 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 08-Jan-2023 23:51:50 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 08 Jan 2023 23:36:50 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BB1yDi2k5hKK9XBnPXVxclq0yDWm-91-J18tckpXPjSV6kEwdyhDMd-7ms6afcz5dMMbclEHVHC-k-fIcYumg62S_Ntg&cry=1&dbm_d=AKAmf-CAE0CI1JH--0TSZgvXiic7rGT4Agsyrdkcljxm-NhBDpA4eZrV34znFw4pfqR1_1X5j5jGn5eONvhjV4lgoW3zidMjRigYqnY5FfwyBP7p5hjF9qxs17DLe1lYZ7udZrrjyDH-eTut7xGKylMmSa5UOJaQB1xOPGoHC14GNZfLlASltpfZECbae9eWpler5hCn6QIgIuLPmisu5GJ7fBS_vUdRcZwnBXLfdcnu5_H5epvcXNuIKxI7E4-0Tx5ThwD8l5wRlQaoYI9loY7-7zHuxT_-Q546BGwZyhGdBbabQUVSIEoj1v4z7M50EqQoT9UmHkJhoBTwGCfr45lo6E-FK12aF3kBTHrjcFEG6DapCtSOUypwEhUdNzB0NpckCSHvcCogEww7Ulx_X3AwsRZ91i7IugsmMvZAakGk0uTLnwoJhd-waNcdcVUgrV3xvL8Qw5Fpp-4jDhoS6LvfjMiCRqDve9zG06b96DpZ_yC6hhcCF9uk5U2A5G4IGXsavZ8l41Ch8o5MBRwdcapuQiElA4ochQozjYOy_KcZ0BuDAj89dFUQPmc49YCvqNjIa-3ksIXqhMXXLZL1U_pJnVGPN_6Ga7pPbOVfZvzXpTDh8x8cSt5EYFvKA_Srdas-NXAE2llBavDvuBj6ihMmYypGiSvsDuz8kYR1_nI7fDlU44ZdEMLRdpcrsy9W6G5TQ2iruipZjfG3iSJ6O8LZcYnMIbisPlgIiDcO12KXl2uT068bABqevgp8CHXQ2QSG5ej7EYNNAm4HvfiGf7dLY65UaLyYwI4qzY1OEZGw9eGDm-355K-EJrPHT6EPOMZYIA20dAXYbnNE41VCPA0kqyCM-DvoA_FXbZ7VAj40xLlWCC5ZVNv8pZFO3lSlWYF-iQ00todq0loSMhUHZpX3FlbdWQKsOG9CW0cEW3xyldnNWmJp40bhVEfuXGgvyr1vocYf9WkLLKV077Zid2G_kF0ChDCbpsu48iWOrsxKNMSoID5hdQSBZutFWEifzyN6wOj-v-TldPhnjF9oPKhIw6SLA-7bX1RLRnV9wFrzwyBvmSSXr45Nt9Vxf3j4hckKIeilNyCIVtG-O6Dxa4QxfCa-iN9Rx_RUwbNXRwJhD8TlfW2GPbaTRIDwvciWYmXTisOutCkJPdvFm7BWxba-oiphDDjTjn8nh75Tkvf6ngSn3jUPGejy571BQiKsIklMGgDF6HIbjdCDjoh6Z2j1vjnSUY4XJNBPAuPK1YQN8jSWjPEfmSOvEmHycm6nLwb5sNConp-9Th6fp65ctzsfg3zf3O8Y_G8szrdXVl6h0Wj2KEDhbJg77D3UZp6bGA9DjuJA9kEv4EsHVwLpCHgwG1Us_Mv0ofUERGyNkOSYDUCDaGQPzOja-K2kRfRfXp6yNxuDwGk1eBKIpIo3WzLUxerotqM_-v8RIQnXsZ4lIM_oWFE2d9MTBhDX_bBXsmysZs6gTPc-rjGLGr_dyNQdcFrHTqU4l4dTnmGwNi0QfdVtHx4b8hNcsRuf-5rFSwMEVy6Dy-xJGcuhmKSeIam4gWbIf-pw8uuVHhWh2IWhpoiP84NlA8BWnzg8M4shJCyApxs6iddRsL0FWqP36GgepTv4zRatTb0-Z6KiPGC6Mn3mtoquBncqmoNMYSmK_Bd8QTc9KgupMQ6ouQzQu87sXZGJOtT9DFBAc8QYUBPqioIxJ1rcEAW4sK8IoTgoi-XRKUA9SDtxNw2GU7lcXIeQmUWVat3qbUGRSq8kZOVMt9huOGaEUiV1fawaDwCgu3eOEdCpUBMetlrfubY15WuBdNEeAeppwEJzNrvBW84QmsJz9AzFbA_eiV0CksUy_7hZTHUEHyAF3GpWdmkbdQvLZRzl6KU3VaoumRHVX23n9ZvCJ8oORb8RiqDue3D8X-9_d9jAexFk8ppWs20JZTCw-JVqqFQuiIbeW0Zm-Ddn9HwXiMfW-oJltfDkSgeXs_tnA1TLMUCrUpdUpi0GhmCwzQKaKHbuEzgh-XZTJMR_gVCRlDlh1xaTo48dYqaLhxnwJI4Di3Fz6N4-kMuOb5SBqJC3Ks-m3HouZ72tppVWpG55-6zWFG4RIfs8GP7YnQ1KQI-Lhmw-c16T9B2KGQn8FYxx_sLjtTiz6FtaVEIfWyYskwtUjaBaqXam3J45E58zW7oJDIoxUq_tIcaEOAT-47InHLLJm4zQxG2pFEgtQQWpz9EItobHOczKHqxCrygUELd-LhKml1GvQkv56xFeODWsSjRWinBNbT2XAX46kD7KXI6DB-sB1hXGfAhYSSUTEzR5YzZm4o7T6atCV_lt767cqvHTBfcy1an9_nWOqemfuo5x5VC1fE8XtgSvnTxJgx2mOaFnUvkMfwpYqHahUMGDfmHo3RZzFp7MHjqoxhXZgiqjzhalMn1d2eygEu_qhYGoYq8pfh1wi77cuLRfG8TYmMvH8Cbm5CxMpe-1rf7e5vJ5wCSF5jsYp9yOPllSZxjdjmyS0Jz1HL-h9Kr5U0c2AvmF73yEYZ2n4To5IOowOj80cuuPeJwKCXCQHiZtbdcEpcFlGDouP91UQ9QmOJ-gCMUaQ7UDEvAKmAOIpB0YJ7JtByacl8EotTgo6oQJ7kZGkgN5kpw8MF02ZqFQK2FovAWnEE3V-Q5REkONAdCfs3UQkataCt5BC4MdoGDbys1b8ber-P738qJLU3f7n5zLPmCWjqCXSlI-y0-VFzmvH3IARztouWcdA3xSkIR-tNo0iRJTxZZVJrfp0AUKwowJNwTsPpkJs8BKdQsETulSwLwYhmt2u58LuVepWIzKIIJTi-WTZG8EL8DQvvJF8H_mKt-Dg3i6aR7AeoJG3j09WuF89RkFXAyKt7XKbrowF65T5PoMa2zVLexEeZiSaY69Bp7enCz3lo5VmDparudHX1eNtWCuq0sbqu3R2250xlesz0ttUHbtStoCFXpuD2LEoL-oGmkQvp1kYW_Mk2FOUqDYmS1VADM-x6APZjl95FjUkYMdGGf_7H8svGZBQP-dvn4hinW1kbMw8tmcJaMHN1krdEhsCyzt8vqPTIev23Tbf8NEI9bJGmNTbT-MpDWkLVUhpIAKBP8KObpLTQioA1v28EBrj-L90x_MKqEbH0fsG2KxFuYeywsYhsc6e48sESUWFasR0JVmFZ6NvCCFwcn15YZZKGspqxTrX0NSCYvi3Lc2-P1k7ub68cZ34KlMkYSL6Btaa0_Q9Tgt7jeDirSKBHHkYMsU8bq1UWVAZy_qSnn9v5t2-reR9E0g9vv0npubEG_vhuxorroVo7uOeHxRSWzV9CtgcmazhceUBRlPH-QKaaFyF_fpQUGGysQ2PqrUPUKz09re7TH_FmUYq6_xV6JKtLTBIu4DB_CcaATRzEDfSOw9Eovlk29W0K4e6jWvlg&cid=CAQSTADq26N9L18Kxwam_pQHqiyFSYJXu_w5pkVpcryJLhrYHHd64tUeBglnwceWd8xCy3JlDKh2A9mYYfZrMlH-PvINOnCrYYnoG_DQvqUYASAT&rfl=1%2Chttps%253A%252F%252Fearnme.club%252F%240
142.250.74.66200 OK 30 kB URL HTTP/2 googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BB1yDi2k5hKK9XBnPXVxclq0yDWm-91-J18tckpXPjSV6kEwdyhDMd-7ms6afcz5dMMbclEHVHC-k-fIcYumg62S_Ntg&cry=1&dbm_d=AKAmf-CAE0CI1JH--0TSZgvXiic7rGT4Agsyrdkcljxm-NhBDpA4eZrV34znFw4pfqR1_1X5j5jGn5eONvhjV4lgoW3zidMjRigYqnY5FfwyBP7p5hjF9qxs17DLe1lYZ7udZrrjyDH-eTut7xGKylMmSa5UOJaQB1xOPGoHC14GNZfLlASltpfZECbae9eWpler5hCn6QIgIuLPmisu5GJ7fBS_vUdRcZwnBXLfdcnu5_H5epvcXNuIKxI7E4-0Tx5ThwD8l5wRlQaoYI9loY7-7zHuxT_-Q546BGwZyhGdBbabQUVSIEoj1v4z7M50EqQoT9UmHkJhoBTwGCfr45lo6E-FK12aF3kBTHrjcFEG6DapCtSOUypwEhUdNzB0NpckCSHvcCogEww7Ulx_X3AwsRZ91i7IugsmMvZAakGk0uTLnwoJhd-waNcdcVUgrV3xvL8Qw5Fpp-4jDhoS6LvfjMiCRqDve9zG06b96DpZ_yC6hhcCF9uk5U2A5G4IGXsavZ8l41Ch8o5MBRwdcapuQiElA4ochQozjYOy_KcZ0BuDAj89dFUQPmc49YCvqNjIa-3ksIXqhMXXLZL1U_pJnVGPN_6Ga7pPbOVfZvzXpTDh8x8cSt5EYFvKA_Srdas-NXAE2llBavDvuBj6ihMmYypGiSvsDuz8kYR1_nI7fDlU44ZdEMLRdpcrsy9W6G5TQ2iruipZjfG3iSJ6O8LZcYnMIbisPlgIiDcO12KXl2uT068bABqevgp8CHXQ2QSG5ej7EYNNAm4HvfiGf7dLY65UaLyYwI4qzY1OEZGw9eGDm-355K-EJrPHT6EPOMZYIA20dAXYbnNE41VCPA0kqyCM-DvoA_FXbZ7VAj40xLlWCC5ZVNv8pZFO3lSlWYF-iQ00todq0loSMhUHZpX3FlbdWQKsOG9CW0cEW3xyldnNWmJp40bhVEfuXGgvyr1vocYf9WkLLKV077Zid2G_kF0ChDCbpsu48iWOrsxKNMSoID5hdQSBZutFWEifzyN6wOj-v-TldPhnjF9oPKhIw6SLA-7bX1RLRnV9wFrzwyBvmSSXr45Nt9Vxf3j4hckKIeilNyCIVtG-O6Dxa4QxfCa-iN9Rx_RUwbNXRwJhD8TlfW2GPbaTRIDwvciWYmXTisOutCkJPdvFm7BWxba-oiphDDjTjn8nh75Tkvf6ngSn3jUPGejy571BQiKsIklMGgDF6HIbjdCDjoh6Z2j1vjnSUY4XJNBPAuPK1YQN8jSWjPEfmSOvEmHycm6nLwb5sNConp-9Th6fp65ctzsfg3zf3O8Y_G8szrdXVl6h0Wj2KEDhbJg77D3UZp6bGA9DjuJA9kEv4EsHVwLpCHgwG1Us_Mv0ofUERGyNkOSYDUCDaGQPzOja-K2kRfRfXp6yNxuDwGk1eBKIpIo3WzLUxerotqM_-v8RIQnXsZ4lIM_oWFE2d9MTBhDX_bBXsmysZs6gTPc-rjGLGr_dyNQdcFrHTqU4l4dTnmGwNi0QfdVtHx4b8hNcsRuf-5rFSwMEVy6Dy-xJGcuhmKSeIam4gWbIf-pw8uuVHhWh2IWhpoiP84NlA8BWnzg8M4shJCyApxs6iddRsL0FWqP36GgepTv4zRatTb0-Z6KiPGC6Mn3mtoquBncqmoNMYSmK_Bd8QTc9KgupMQ6ouQzQu87sXZGJOtT9DFBAc8QYUBPqioIxJ1rcEAW4sK8IoTgoi-XRKUA9SDtxNw2GU7lcXIeQmUWVat3qbUGRSq8kZOVMt9huOGaEUiV1fawaDwCgu3eOEdCpUBMetlrfubY15WuBdNEeAeppwEJzNrvBW84QmsJz9AzFbA_eiV0CksUy_7hZTHUEHyAF3GpWdmkbdQvLZRzl6KU3VaoumRHVX23n9ZvCJ8oORb8RiqDue3D8X-9_d9jAexFk8ppWs20JZTCw-JVqqFQuiIbeW0Zm-Ddn9HwXiMfW-oJltfDkSgeXs_tnA1TLMUCrUpdUpi0GhmCwzQKaKHbuEzgh-XZTJMR_gVCRlDlh1xaTo48dYqaLhxnwJI4Di3Fz6N4-kMuOb5SBqJC3Ks-m3HouZ72tppVWpG55-6zWFG4RIfs8GP7YnQ1KQI-Lhmw-c16T9B2KGQn8FYxx_sLjtTiz6FtaVEIfWyYskwtUjaBaqXam3J45E58zW7oJDIoxUq_tIcaEOAT-47InHLLJm4zQxG2pFEgtQQWpz9EItobHOczKHqxCrygUELd-LhKml1GvQkv56xFeODWsSjRWinBNbT2XAX46kD7KXI6DB-sB1hXGfAhYSSUTEzR5YzZm4o7T6atCV_lt767cqvHTBfcy1an9_nWOqemfuo5x5VC1fE8XtgSvnTxJgx2mOaFnUvkMfwpYqHahUMGDfmHo3RZzFp7MHjqoxhXZgiqjzhalMn1d2eygEu_qhYGoYq8pfh1wi77cuLRfG8TYmMvH8Cbm5CxMpe-1rf7e5vJ5wCSF5jsYp9yOPllSZxjdjmyS0Jz1HL-h9Kr5U0c2AvmF73yEYZ2n4To5IOowOj80cuuPeJwKCXCQHiZtbdcEpcFlGDouP91UQ9QmOJ-gCMUaQ7UDEvAKmAOIpB0YJ7JtByacl8EotTgo6oQJ7kZGkgN5kpw8MF02ZqFQK2FovAWnEE3V-Q5REkONAdCfs3UQkataCt5BC4MdoGDbys1b8ber-P738qJLU3f7n5zLPmCWjqCXSlI-y0-VFzmvH3IARztouWcdA3xSkIR-tNo0iRJTxZZVJrfp0AUKwowJNwTsPpkJs8BKdQsETulSwLwYhmt2u58LuVepWIzKIIJTi-WTZG8EL8DQvvJF8H_mKt-Dg3i6aR7AeoJG3j09WuF89RkFXAyKt7XKbrowF65T5PoMa2zVLexEeZiSaY69Bp7enCz3lo5VmDparudHX1eNtWCuq0sbqu3R2250xlesz0ttUHbtStoCFXpuD2LEoL-oGmkQvp1kYW_Mk2FOUqDYmS1VADM-x6APZjl95FjUkYMdGGf_7H8svGZBQP-dvn4hinW1kbMw8tmcJaMHN1krdEhsCyzt8vqPTIev23Tbf8NEI9bJGmNTbT-MpDWkLVUhpIAKBP8KObpLTQioA1v28EBrj-L90x_MKqEbH0fsG2KxFuYeywsYhsc6e48sESUWFasR0JVmFZ6NvCCFwcn15YZZKGspqxTrX0NSCYvi3Lc2-P1k7ub68cZ34KlMkYSL6Btaa0_Q9Tgt7jeDirSKBHHkYMsU8bq1UWVAZy_qSnn9v5t2-reR9E0g9vv0npubEG_vhuxorroVo7uOeHxRSWzV9CtgcmazhceUBRlPH-QKaaFyF_fpQUGGysQ2PqrUPUKz09re7TH_FmUYq6_xV6JKtLTBIu4DB_CcaATRzEDfSOw9Eovlk29W0K4e6jWvlg&cid=CAQSTADq26N9L18Kxwam_pQHqiyFSYJXu_w5pkVpcryJLhrYHHd64tUeBglnwceWd8xCy3JlDKh2A9mYYfZrMlH-PvINOnCrYYnoG_DQvqUYASAT&rfl=1%2Chttps%253A%252F%252Fearnme.club%252F%240
IP 142.250.74.66:0
File type ASCII text, with very long lines (65508), with no line terminators
Hash 6ce3aab4cf492a1d1738d0d83d4e6a95
7a662469e274889f9c0b7a921b71c5f18baf00fc
e7a47d5ec1d0b85aad42b0c886d3137623ed3e4ceac18a77d783ccaa243d13c1
GET /dbm/ad?dbm_c=AKAmf-BB1yDi2k5hKK9XBnPXVxclq0yDWm-91-J18tckpXPjSV6kEwdyhDMd-7ms6afcz5dMMbclEHVHC-k-fIcYumg62S_Ntg&cry=1&dbm_d=AKAmf-CAE0CI1JH--0TSZgvXiic7rGT4Agsyrdkcljxm-NhBDpA4eZrV34znFw4pfqR1_1X5j5jGn5eONvhjV4lgoW3zidMjRigYqnY5FfwyBP7p5hjF9qxs17DLe1lYZ7udZrrjyDH-eTut7xGKylMmSa5UOJaQB1xOPGoHC14GNZfLlASltpfZECbae9eWpler5hCn6QIgIuLPmisu5GJ7fBS_vUdRcZwnBXLfdcnu5_H5epvcXNuIKxI7E4-0Tx5ThwD8l5wRlQaoYI9loY7-7zHuxT_-Q546BGwZyhGdBbabQUVSIEoj1v4z7M50EqQoT9UmHkJhoBTwGCfr45lo6E-FK12aF3kBTHrjcFEG6DapCtSOUypwEhUdNzB0NpckCSHvcCogEww7Ulx_X3AwsRZ91i7IugsmMvZAakGk0uTLnwoJhd-waNcdcVUgrV3xvL8Qw5Fpp-4jDhoS6LvfjMiCRqDve9zG06b96DpZ_yC6hhcCF9uk5U2A5G4IGXsavZ8l41Ch8o5MBRwdcapuQiElA4ochQozjYOy_KcZ0BuDAj89dFUQPmc49YCvqNjIa-3ksIXqhMXXLZL1U_pJnVGPN_6Ga7pPbOVfZvzXpTDh8x8cSt5EYFvKA_Srdas-NXAE2llBavDvuBj6ihMmYypGiSvsDuz8kYR1_nI7fDlU44ZdEMLRdpcrsy9W6G5TQ2iruipZjfG3iSJ6O8LZcYnMIbisPlgIiDcO12KXl2uT068bABqevgp8CHXQ2QSG5ej7EYNNAm4HvfiGf7dLY65UaLyYwI4qzY1OEZGw9eGDm-355K-EJrPHT6EPOMZYIA20dAXYbnNE41VCPA0kqyCM-DvoA_FXbZ7VAj40xLlWCC5ZVNv8pZFO3lSlWYF-iQ00todq0loSMhUHZpX3FlbdWQKsOG9CW0cEW3xyldnNWmJp40bhVEfuXGgvyr1vocYf9WkLLKV077Zid2G_kF0ChDCbpsu48iWOrsxKNMSoID5hdQSBZutFWEifzyN6wOj-v-TldPhnjF9oPKhIw6SLA-7bX1RLRnV9wFrzwyBvmSSXr45Nt9Vxf3j4hckKIeilNyCIVtG-O6Dxa4QxfCa-iN9Rx_RUwbNXRwJhD8TlfW2GPbaTRIDwvciWYmXTisOutCkJPdvFm7BWxba-oiphDDjTjn8nh75Tkvf6ngSn3jUPGejy571BQiKsIklMGgDF6HIbjdCDjoh6Z2j1vjnSUY4XJNBPAuPK1YQN8jSWjPEfmSOvEmHycm6nLwb5sNConp-9Th6fp65ctzsfg3zf3O8Y_G8szrdXVl6h0Wj2KEDhbJg77D3UZp6bGA9DjuJA9kEv4EsHVwLpCHgwG1Us_Mv0ofUERGyNkOSYDUCDaGQPzOja-K2kRfRfXp6yNxuDwGk1eBKIpIo3WzLUxerotqM_-v8RIQnXsZ4lIM_oWFE2d9MTBhDX_bBXsmysZs6gTPc-rjGLGr_dyNQdcFrHTqU4l4dTnmGwNi0QfdVtHx4b8hNcsRuf-5rFSwMEVy6Dy-xJGcuhmKSeIam4gWbIf-pw8uuVHhWh2IWhpoiP84NlA8BWnzg8M4shJCyApxs6iddRsL0FWqP36GgepTv4zRatTb0-Z6KiPGC6Mn3mtoquBncqmoNMYSmK_Bd8QTc9KgupMQ6ouQzQu87sXZGJOtT9DFBAc8QYUBPqioIxJ1rcEAW4sK8IoTgoi-XRKUA9SDtxNw2GU7lcXIeQmUWVat3qbUGRSq8kZOVMt9huOGaEUiV1fawaDwCgu3eOEdCpUBMetlrfubY15WuBdNEeAeppwEJzNrvBW84QmsJz9AzFbA_eiV0CksUy_7hZTHUEHyAF3GpWdmkbdQvLZRzl6KU3VaoumRHVX23n9ZvCJ8oORb8RiqDue3D8X-9_d9jAexFk8ppWs20JZTCw-JVqqFQuiIbeW0Zm-Ddn9HwXiMfW-oJltfDkSgeXs_tnA1TLMUCrUpdUpi0GhmCwzQKaKHbuEzgh-XZTJMR_gVCRlDlh1xaTo48dYqaLhxnwJI4Di3Fz6N4-kMuOb5SBqJC3Ks-m3HouZ72tppVWpG55-6zWFG4RIfs8GP7YnQ1KQI-Lhmw-c16T9B2KGQn8FYxx_sLjtTiz6FtaVEIfWyYskwtUjaBaqXam3J45E58zW7oJDIoxUq_tIcaEOAT-47InHLLJm4zQxG2pFEgtQQWpz9EItobHOczKHqxCrygUELd-LhKml1GvQkv56xFeODWsSjRWinBNbT2XAX46kD7KXI6DB-sB1hXGfAhYSSUTEzR5YzZm4o7T6atCV_lt767cqvHTBfcy1an9_nWOqemfuo5x5VC1fE8XtgSvnTxJgx2mOaFnUvkMfwpYqHahUMGDfmHo3RZzFp7MHjqoxhXZgiqjzhalMn1d2eygEu_qhYGoYq8pfh1wi77cuLRfG8TYmMvH8Cbm5CxMpe-1rf7e5vJ5wCSF5jsYp9yOPllSZxjdjmyS0Jz1HL-h9Kr5U0c2AvmF73yEYZ2n4To5IOowOj80cuuPeJwKCXCQHiZtbdcEpcFlGDouP91UQ9QmOJ-gCMUaQ7UDEvAKmAOIpB0YJ7JtByacl8EotTgo6oQJ7kZGkgN5kpw8MF02ZqFQK2FovAWnEE3V-Q5REkONAdCfs3UQkataCt5BC4MdoGDbys1b8ber-P738qJLU3f7n5zLPmCWjqCXSlI-y0-VFzmvH3IARztouWcdA3xSkIR-tNo0iRJTxZZVJrfp0AUKwowJNwTsPpkJs8BKdQsETulSwLwYhmt2u58LuVepWIzKIIJTi-WTZG8EL8DQvvJF8H_mKt-Dg3i6aR7AeoJG3j09WuF89RkFXAyKt7XKbrowF65T5PoMa2zVLexEeZiSaY69Bp7enCz3lo5VmDparudHX1eNtWCuq0sbqu3R2250xlesz0ttUHbtStoCFXpuD2LEoL-oGmkQvp1kYW_Mk2FOUqDYmS1VADM-x6APZjl95FjUkYMdGGf_7H8svGZBQP-dvn4hinW1kbMw8tmcJaMHN1krdEhsCyzt8vqPTIev23Tbf8NEI9bJGmNTbT-MpDWkLVUhpIAKBP8KObpLTQioA1v28EBrj-L90x_MKqEbH0fsG2KxFuYeywsYhsc6e48sESUWFasR0JVmFZ6NvCCFwcn15YZZKGspqxTrX0NSCYvi3Lc2-P1k7ub68cZ34KlMkYSL6Btaa0_Q9Tgt7jeDirSKBHHkYMsU8bq1UWVAZy_qSnn9v5t2-reR9E0g9vv0npubEG_vhuxorroVo7uOeHxRSWzV9CtgcmazhceUBRlPH-QKaaFyF_fpQUGGysQ2PqrUPUKz09re7TH_FmUYq6_xV6JKtLTBIu4DB_CcaATRzEDfSOw9Eovlk29W0K4e6jWvlg&cid=CAQSTADq26N9L18Kxwam_pQHqiyFSYJXu_w5pkVpcryJLhrYHHd64tUeBglnwceWd8xCy3JlDKh2A9mYYfZrMlH-PvINOnCrYYnoG_DQvqUYASAT&rfl=1%2Chttps%253A%252F%252Fearnme.club%252F%240 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://31edf8a0b4b1f1d9cbc65751203a28a1.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 08 Jan 2023 23:36:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 30404
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 08-Jan-2023 23:51:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.sunmedia.tv/integrations/f8503832-54f6-457c-a1c4-6afc0491ccc9/f8503832-54f6-457c-a1c4-6afc0491ccc9.js
141.94.102.46200 OK 66 kB URL HTTP/1.1 static.sunmedia.tv/integrations/f8503832-54f6-457c-a1c4-6afc0491ccc9/f8503832-54f6-457c-a1c4-6afc0491ccc9.js
IP 141.94.102.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a2561e22ecff5454de2ed35d39f2e1bf
8106751401950d7ff5ee73840864364812835609
4781d74c9b44f73dfce10a46bfa38af00f926eba89b196251a2070cbbe86a9ce
GET /integrations/f8503832-54f6-457c-a1c4-6afc0491ccc9/f8503832-54f6-457c-a1c4-6afc0491ccc9.js HTTP/1.1
Host: static.sunmedia.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://53eda6597f415e99eb89fc8ab81540ca.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 23:36:50 GMT
Content-Type: application/javascript
Content-Length: 65720
Connection: keep-alive
Last-Modified: Tue, 20 Dec 2022 14:53:59 GMT
Content-Encoding: gzip
Cache-control: max-age=0, s-maxage=2592001
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
X-Device: mobile
Accept-Ranges: bytes
Age: 5096
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
www.youronlinechoices.com/wp-content/plugins/optout/callback/?status=nocookie&token=5oSzmH0V6ivKTk5gVbLnox1oQYs
40.85.112.191200 OK 795 B URL HTTP/1.1 www.youronlinechoices.com/wp-content/plugins/optout/callback/?status=nocookie&token=5oSzmH0V6ivKTk5gVbLnox1oQYs
IP 40.85.112.191:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document, ASCII text
Hash 0b4f64df361f9ddbea039261d933ee32
fdbe923ca3a33b059755af77978a6133bb2851c5
7ce39b672bd1fbf293246b2e04686e08a46043371ced161a35841e8fa54c9a1c
GET /wp-content/plugins/optout/callback/?status=nocookie&token=5oSzmH0V6ivKTk5gVbLnox1oQYs HTTP/1.1
Host: www.youronlinechoices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 08 Jan 2023 23:36:50 GMT
Server: Apache/2.4.29 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1
X-Powered-By: PHP/7.4.16
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=631138519; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;
Content-Length: 795
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7186429512656287899&gdpr=0&gdpr_consent=
185.86.139.114200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=49&partneruserid=7186429512656287899&gdpr=0&gdpr_consent=
IP 185.86.139.114:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=49&partneruserid=7186429512656287899&gdpr=0&gdpr_consent= HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Sun, 08 Jan 2023 23:36:50 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=7475810137270249516; expires=Thu, 08 Feb 2024 23:36:51 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 08 Feb 2024 23:36:51 GMT; domain=smartadserver.com; path=/
csync=49:7186429512656287899; expires=Mon, 08 Jan 2024 23:36:51 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=82945d77ef210f9469c228b0927ee470&gdpr=0&gdpr_consent=0
185.86.139.114200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=82945d77ef210f9469c228b0927ee470&gdpr=0&gdpr_consent=0
IP 185.86.139.114:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?issi=1&partnerid=117&partneruserid=82945d77ef210f9469c228b0927ee470&gdpr=0&gdpr_consent=0 HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Sun, 08 Jan 2023 23:36:51 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=3339782409615960096; expires=Thu, 08 Feb 2024 23:36:51 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 08 Feb 2024 23:36:51 GMT; domain=smartadserver.com; path=/
csync=117:82945d77ef210f9469c228b0927ee470; expires=Mon, 08 Jan 2024 23:36:51 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=l5hR06VL6kKTqmbCbPECtsDCQ&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648
185.86.139.114302 Found 0 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?issi=1&partnerid=141&partneruserid=l5hR06VL6kKTqmbCbPECtsDCQ&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648
IP 185.86.139.114:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redir/?issi=1&partnerid=141&partneruserid=l5hR06VL6kKTqmbCbPECtsDCQ&gdpr=0&gdpr_consent=&redirurl=https%3A%2F%2Fa.audrte.com%2Fmatch%3Fuid%3DSMART_USER_ID%26p%3DM501991648 HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
content-length: 0
date: Sun, 08 Jan 2023 23:36:51 GMT
cache-control: no-cache,no-store
location: https://a.audrte.com/match?uid=2720033141497653253&p=M501991648&gdpr=0&gdpr_consent=
pragma: no-cache
set-cookie: pid=2720033141497653253; expires=Thu, 08 Feb 2024 23:36:51 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Thu, 08 Feb 2024 23:36:51 GMT; domain=smartadserver.com; path=/
csync=141:l5hR06VL6kKTqmbCbPECtsDCQ; expires=Mon, 08 Jan 2024 23:36:51 GMT; domain=smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
a.ad.gt/api/v1/u/matches/405?_it=amazon
52.11.149.250200 OK 3.7 kB URL HTTP/2 a.ad.gt/api/v1/u/matches/405?_it=amazon
IP 52.11.149.250:0
File type C source, ASCII text, with very long lines (2298)
Hash c07f40a890c248a0e55d738fdccecb99
8f7b3150fca7962c81887a2f28b7bb575122284f
51589f079ce0ffdeaa7a0b260492aa95a90eb5bb78acc63bbbad56d12d2ab7dc
GET /api/v1/u/matches/405?_it=amazon HTTP/1.1
Host: a.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:48 GMT
content-type: application/javascript
server: nginx/1.20.0
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 128 B IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with no line terminators
Hash cc3a59eedf8900fa6d343af70f4e6c0e
537d7b45e47abeec3ca110ce6347642d1d03d1ca
8bd09b0f15b8d50a7072862d96b02f7b5d2c72e539749e558560a713d7767b08
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=F1wxcl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFhUTE3eGpDTHY4bVM2JTJGd1FBMFgzUUU4dkdmRjAlMkY4NHFBVHFMbVpkJTJGZUw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:50 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=mcG0T180M0RITmhlJTJCZkMwOUJGQlhaMUN2czFhUTE3eGpDTHY4bVM2JTJGd1FBMFgzVE9JdXVGRWs1aW55cUY3V2RxN2pIRg; expires=Fri, 02 Feb 2024 23:36:51 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 335705
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001673220997-UVFZKA3T-VBO0%26adnxs_id%3D%24UID%26gdpr%3D0
37.252.171.21302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001673220997-UVFZKA3T-VBO0%26adnxs_id%3D%24UID%26gdpr%3D0
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001673220997-UVFZKA3T-VBO0%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 08 Jan 2023 23:36:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001673220997-UVFZKA3T-VBO0&adnxs_id=0&gdpr=0
AN-X-Request-Uuid: 6d16b87e-cfa7-4f63-b18f-86955e0d7504
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001673220997-UVFZKA3T-VBO0&sas_uid=[sas_uid]&gdpr=0&cklb=1
185.86.137.132200 OK 0 B URL HTTP/1.1 sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001673220997-UVFZKA3T-VBO0&sas_uid=[sas_uid]&gdpr=0&cklb=1
IP 185.86.137.132:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001673220997-UVFZKA3T-VBO0&sas_uid=[sas_uid]&gdpr=0&cklb=1 HTTP/1.1
Host: sync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
date: Sun, 08 Jan 2023 23:36:51 GMT
tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=560535348159&google_error=3
20.73.234.141200 1 B URL HTTP/1.1 tracker.neodatagroup.com/cm?pv=dbm&sid=1&rt=img&rnd=560535348159&google_error=3
IP 20.73.234.141:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /cm?pv=dbm&sid=1&rt=img&rnd=560535348159&google_error=3 HTTP/1.1
Host: tracker.neodatagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Cookie: cProfile=AQMLJ3zPvgXXAAAAAAAEAAABhahX198AB2RlZmF1bHQ=; cP=AVcDCyd8z74F1wAAAAABqYWp; tr=loCAwICAgdoANDMwYjI3N2NjZmJlMDVkN19kMmM0NDE1ZS1jYmFlLTRiYWMtOWRkNC1jODc3NDA5NWE0OWbOY7tTkQ==; cOptout=0|yocToken:5oSzmH0V6ivKTk5gVbLnox1oQYs
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Sun, 08 Jan 2023 23:36:52 GMT
Content-Type: image/gif;charset=UTF-8
Content-Length: 1
Connection: keep-alive
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"; policyref="/ad/w3c/p3p.xml"
Access-Control-Allow-Origin: *
Set-Cookie: cP=AVcDCyd8z74F1wAAAAABqYWp; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 08 Jan 2024 23:36:52 GMT;
tr=loCAwIGjREJNAICB2gA0MzBiMjc3Y2NmYmUwNWQ3X2QyYzQ0MTVlLWNiYWUtNGJhYy05ZGQ0LWM4Nzc0MDk1YTQ5Zs5ju1OR; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 08 Jan 2024 23:36:52 GMT;
tr=loCAwIGjREJNzmO8pRSAgdoANDMwYjI3N2NjZmJlMDVkN19kMmM0NDE1ZS1jYmFlLTRiYWMtOWRkNC1jODc3NDA5NWE0OWbOY7tTkQ==; path=/; domain=.neodatagroup.com; SameSite=None; Secure; expires=Mon, 08 Jan 2024 23:36:52 GMT;
dnacdn.net/dna
178.250.0.157200 OK 176 B IP 178.250.0.157:0
Hash e1c7b2c944dc78d43c8b230e51e06cb4
cd34921c11216452e7bc75eb8fc5ee6cf601636f
f80afb416371556f71072db19c87181ba01b8a1d0a74c486924d27b4658b7aef
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=mcG0T180M0RITmhlJTJCZkMwOUJGQlhaMUN2czFhUTE3eGpDTHY4bVM2JTJGd1FBMFgzVE9JdXVGRWs1aW55cUY3V2RxN2pIRg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:52 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=6i3SLV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFhUTE3eGpDTHY4bVM2JTJGd1FBMFgzVDluaW1Bcks0V0ZzbkEzcld1RWlacA; expires=Fri, 02 Feb 2024 23:36:52 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 329247
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001673220997-UVFZKA3T-VBO0
185.64.189.110302 Found 15 kB URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001673220997-UVFZKA3T-VBO0
IP 185.64.189.110:0
Hash f8c882d61f487b236976c846205c3228
e04ba08fd0f73d81b36304950594483d9e0334dd
a7e72470dfcef5ead0ea9e388489189e5cc14ba56640cc629c48c27ffe736f43
GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001673220997-UVFZKA3T-VBO0 HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sun, 08 Jan 2023 23:36:50 GMT
set-cookie: KTPCACOOKIE=true; domain=pubmatic.com; secure; expires=Sat, 08-Apr-2023 23:36:50 GMT; path=/
location: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001673220997-UVFZKA3T-VBO0
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 267f690139bbb6fa1667cb2b8aea347b
81419a3d376c1c4aa742847e029189b55741a10b
9a5fb66a4fa8249e396b5b21a613f9ea60478026a638622ae9b5ac3060afb53c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ids.ad.gt/api/v1/ppnt_match?uid=ZCEMmdxlPx9Q&ev=1&pid=562316&id=AU1D-0100-001673220997-UVFZKA3T-VBO0
44.241.175.242200 OK 136 kB URL HTTP/2 ids.ad.gt/api/v1/ppnt_match?uid=ZCEMmdxlPx9Q&ev=1&pid=562316&id=AU1D-0100-001673220997-UVFZKA3T-VBO0
IP 44.241.175.242:0
File type GIF image data, version 89a, 1 x 1\012- data
Size 136 kB (135573 bytes)
Hash 1ead2c52700bee25b11a8276356a01e8
cb1cf227427dc78a2038ca056dd9fca9cc885b8a
e84f5bb23ed863b41f657f6da3156293b54a513b62c10c6c8e62bcfc4e4864af
GET /api/v1/ppnt_match?uid=ZCEMmdxlPx9Q&ev=1&pid=562316&id=AU1D-0100-001673220997-UVFZKA3T-VBO0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://earnme.club/
Connection: keep-alive
Cookie: au_id=AU1D-0100-001673220997-UVFZKA3T-VBO0; g_hosted=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:52 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Mon, 09 Jan 2023 11:36:52 GMT
set-cookie: au_id=AU1D-0100-001673220997-UVFZKA3T-VBO0; Expires=Tue, 07 Jan 2025 23:36:52 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
178.250.2.146200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
IP 178.250.2.146:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 336d3e015f987a65d205999a49be4805
57a3f572cd89347b5ead196670776134f1f0f69e
9621f1cc5441ed0d364b0fb9986a8c6742af2c5c356e6e4edb432728fe319ff3
GET /syncframe?origin=publishertag&topUrl=earnme.club HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:48 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=75f93cda-9048-4700-9a92-994cc52b05c1; expires=Fri, 02 Feb 2024 23:36:49 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 748684
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 267f690139bbb6fa1667cb2b8aea347b
81419a3d376c1c4aa742847e029189b55741a10b
9a5fb66a4fa8249e396b5b21a613f9ea60478026a638622ae9b5ac3060afb53c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash b4f8faa421b52f296ce394b0f490eabd
243a5fbdda6c8b724278f3d3aa785cdb9e2e4c1d
9731b8b37f341aa97b3c1cfd4cec700201ce5b5dbe57c82ef2188899f77870ae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4377
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:52 GMT
Last-Modified: Sun, 08 Jan 2023 22:23:55 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash b4f8faa421b52f296ce394b0f490eabd
243a5fbdda6c8b724278f3d3aa785cdb9e2e4c1d
9731b8b37f341aa97b3c1cfd4cec700201ce5b5dbe57c82ef2188899f77870ae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4397
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 23:36:52 GMT
Last-Modified: Sun, 08 Jan 2023 22:23:35 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313
static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?ref=https%3A%2F%2F53eda6597f415e99eb89fc8ab81540ca.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1
141.94.102.46200 OK 1.6 kB URL HTTP/1.1 static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?ref=https%3A%2F%2F53eda6597f415e99eb89fc8ab81540ca.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1
IP 141.94.102.46:0
File type ASCII text, with very long lines (3471), with no line terminators
Hash 50599b9643f617d2342a633b55656365
9b030cb8fd664d09d8a4cf4a2d31df2149c92d78
0e044e959c4a15e8e023471b246e000315d9542f201523ebfd5409e761969a19
GET /AdBlockDetection/adblockDetector.min.js?ref=https%3A%2F%2F53eda6597f415e99eb89fc8ab81540ca.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1 HTTP/1.1
Host: static.sunmedia.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://53eda6597f415e99eb89fc8ab81540ca.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 08 Jan 2023 23:36:53 GMT
Content-Type: application/javascript
Content-Length: 1634
Connection: keep-alive
Last-Modified: Mon, 21 Dec 2020 17:00:21 GMT
Content-Encoding: gzip
Cache-control: max-age=3600, s-maxage=2592000
X-Device: mobile
Accept-Ranges: bytes
Age: 5098
TP-Cache: HIT
Vary: Accept-Encoding
p.ad.gt/api/v1/p/405
104.22.5.69200 OK 0 B IP 104.22.5.69:0
GET /api/v1/p/405 HTTP/1.1
Host: p.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: application/javascript
last-modified: Thu, 05 Jan 2023 23:00:22 GMT
cache-control: public, max-age=43200
expires: Mon, 09 Jan 2023 11:36:49 GMT
etag: W/"1672959622.0-40632-3373272138"
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 7868c1ec5cf5fab8-OSL
X-Firefox-Spdy: h2
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
143.204.46.73200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 143.204.46.73:0
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 02:54:08 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Yq112GHcWuvA4K9GeU_iV6vQ_EN2RW8xkclzfsFwzaLrSQrs648XIw==
age: 74558
X-Firefox-Spdy: h2
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gBBwADA/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
37.157.5.71200 OK 0 B URL HTTP/2 s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/2gBBwADA/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
IP 37.157.5.71:0
GET /stoat/626/s1.adform.net/load/v/0.0.226/e/2gBBwADA/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard HTTP/1.1
Host: s1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:52 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
cache-control: public, max-age=100000
expires: Thu, 22 Dec 2022 16:33:36 GMT
x-cache-status: STALE
content-encoding: gzip
X-Firefox-Spdy: h2
bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001673220997-UVFZKA3T-VBO0
198.148.27.140302 Found 0 B URL HTTP/2 bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001673220997-UVFZKA3T-VBO0
IP 198.148.27.140:0
GET /bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001673220997-UVFZKA3T-VBO0 HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-6449ff7c76-x6kfv
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://ids.ad.gt/api/v1/ppnt_match?uid=ZCEMmdxlPx9Q&ev=1&pid=562316&id=AU1D-0100-001673220997-UVFZKA3T-VBO0
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=ZCEMmdxlPx9Q;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Wed, 03-Jan-2024 23:36:50 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=fde0b5373d5eeb0a; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
c.amazon-adsystem.com/aax2/apstag.js
143.204.46.73200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP 143.204.46.73:0
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 08 Jan 2023 23:00:57 GMT
last-modified: Thu, 22 Dec 2022 18:13:53 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
via: 1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront), 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
etag: W/"b2496fcafcf1daf6223aefe99a0cf048"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-C1
x-amz-cf-id: lnqkFJ-rRJRctgopHflMtErrjroXcDyedruT65hmTjOLTfpls6_fXw==
age: 2148
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=vruhfle&e=1833548723549
54.230.111.81200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=vruhfle&e=1833548723549
IP 54.230.111.81:0
GET /r/p.html?f=vruhfle&e=1833548723549 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FNggRcCWr60F8zhTPs2WqjagqwG48VZMkWNJr-K9VwBTIihjg7uVQQ==
age: 65161
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=xwjqfun&e=1833548723549
54.230.111.81200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=xwjqfun&e=1833548723549
IP 54.230.111.81:0
GET /r/p.html?f=xwjqfun&e=1833548723549 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oVQ8VDnULjUmp6KHE8aM4wNdA097babZ1kQ04WAuD46oQjVIkQmBFA==
age: 65161
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1
IP 178.250.2.146:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://earnme.club
server-processing-duration-in-ticks: 547176
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fearnme.club%2F&domain=earnme.club&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:46 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://earnme.club
server-processing-duration-in-ticks: 562333
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.29200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.29:0
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 603
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:45 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://earnme.club
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=grkpcufm&e=1833548723549
54.230.111.81200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=grkpcufm&e=1833548723549
IP 54.230.111.81:0
GET /r/p.html?f=grkpcufm&e=1833548723549 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JlHeISqf3tAihE1OdO1LqlIAjtSdu8xdJqcrCBlLEzJJPXU_FW4SPg==
age: 65161
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=405
104.26.11.25200 OK 0 B URL HTTP/2 cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=405
IP 104.26.11.25:0
GET /hadron.js?url=https%3A%2F%2Fearnme.club%2Fgalaxy-m32-from-samsung%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=405 HTTP/1.1
Host: cdn.hadronid.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:45 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"2280e2148e4ee3c06f679f8fac039778"
last-modified: Fri, 18 Nov 2022 10:57:44 GMT
x-amz-id-2: AlHhfnaYFu7DcAqm/AZXcFZz8Z4At5Hcn9XqhUxeA24L5T6B/l+VTePOXZCvBx0dhJEtzYQ2PVA=
x-amz-request-id: FNK044PCM9Y7VVCR
cache-control: max-age=3600
cf-cache-status: HIT
age: 4613
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FezBrZ90o5ed2A1%2BmmrYSgWIHhXYvuV4WVczBZkrxSQrj%2Fgmkdd%2FeLgMJQ6zhLdy3%2BGM2B8HYM7k5ocwe%2FW8W%2FB%2F84UZhnhbG6FlrJTyU1Tk0eZoK5iwQVi9bKY2KazsSUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7868c1d5c966b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=fcstem&e=1833548723549
54.230.111.81200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=fcstem&e=1833548723549
IP 54.230.111.81:0
GET /r/p.html?f=fcstem&e=1833548723549 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xg-yW6lhhETQfq7E72v3txZu0IefejzMPkGKqwpnqk9jyxJiMGiTfQ==
age: 65161
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
tags.crwdcntrl.net/lt/c/16576/sync.min.js
54.230.111.37200 OK 0 B URL HTTP/2 tags.crwdcntrl.net/lt/c/16576/sync.min.js
IP 54.230.111.37:0
GET /lt/c/16576/sync.min.js HTTP/1.1
Host: tags.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 20:15:08 GMT
cache-control: max-age: 86400
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UYrhzJp4wj-QosABOBqd23m_emhafgqhjDrF4uxCLt5pfGEoDCec9w==
age: 12099
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.132.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.132.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.132.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:48 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Mon, 09 Jan 2023 23:36:48 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.52200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.52:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:52 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 89090
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=qzexrxy&e=1833548723549
54.230.111.81200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=qzexrxy&e=1833548723549
IP 54.230.111.81:0
GET /r/p.html?f=qzexrxy&e=1833548723549 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: msZkBnOrNp-qNPpSHVFvCBo0cKpg3Ry-1E5QwYlyEcVMPguPKHxj6Q==
age: 65161
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=kshzzjq&e=1833548723549
54.230.111.81200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=kshzzjq&e=1833548723549
IP 54.230.111.81:0
GET /r/p.html?f=kshzzjq&e=1833548723549 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OpvPyTsCXrt48dOEdohc_TTGbASVPzyNNdnSIFvKZmlA1oIusTssag==
age: 65161
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001673220997-UVFZKA3T-VBO0&halo_id=0606ki76edgclakaj8l66j78k86lgh8hlgg0yu20mkqi0eyew4000w24y400qs4s0
44.241.175.242200 OK 0 B URL HTTP/2 ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001673220997-UVFZKA3T-VBO0&halo_id=0606ki76edgclakaj8l66j78k86lgh8hlgg0yu20mkqi0eyew4000w24y400qs4s0
IP 44.241.175.242:0
GET /api/v1/halo_match?id=AU1D-0100-001673220997-UVFZKA3T-VBO0&halo_id=0606ki76edgclakaj8l66j78k86lgh8hlgg0yu20mkqi0eyew4000w24y400qs4s0 HTTP/1.1
Host: ids.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: image/gif
server: nginx/1.20.0
cache-control: public, max-age=43200
expires: Mon, 09 Jan 2023 11:36:49 GMT
set-cookie: au_id=AU1D-0100-001673220997-UVFZKA3T-VBO0; Expires=Tue, 07 Jan 2025 23:36:49 GMT; Domain=.ad.gt; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=piiivn&e=1833548723549
54.230.111.81200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=piiivn&e=1833548723549
IP 54.230.111.81:0
GET /r/p.html?f=piiivn&e=1833548723549 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ThojpZVO2hGQ0bMxPnkJ_UEjXWge1r7eXOYBfg3D1u91Q3c4gtmVLw==
age: 65161
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.29200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.29:0
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=wweytjoq&e=1833548723549
54.230.111.81200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=wweytjoq&e=1833548723549
IP 54.230.111.81:0
GET /r/p.html?f=wweytjoq&e=1833548723549 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 00fZid2WazajHEotPPaSl40NOlMujlIXnlGNGTXZob2aKpORtAz8qg==
age: 65161
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.29200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.29:0
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 547
Origin: https://flashnetic.com
Connection: keep-alive
Referer: https://flashnetic.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:47 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://flashnetic.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertagids&topUrl=earnme.club
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertagids&topUrl=earnme.club
IP 178.250.2.146:0
GET /syncframe?origin=publishertagids&topUrl=earnme.club HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:48 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=8cb2b480-869a-4085-84c0-6f2d85191b06; expires=Fri, 02 Feb 2024 23:36:49 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 555302
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.130.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.130.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.130.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: text/javascript
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
etag: W/"6326273b-16120"
expires: Mon, 09 Jan 2023 23:36:49 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cloudflare.com/cdn-cgi/trace
104.16.133.229200 OK 0 B URL HTTP/2 cloudflare.com/cdn-cgi/trace
IP 104.16.133.229:0
GET /cdn-cgi/trace HTTP/1.1
Host: cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:44 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 7868c1ce8bc40afa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=earnme.club&url=https://earnme.club/galaxy-m32-from-samsung/
172.67.23.234200 OK 0 B URL HTTP/2 id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=earnme.club&url=https://earnme.club/galaxy-m32-from-samsung/
IP 172.67.23.234:0
OPTIONS /v1/hadron.json?_it=amazon&partner_id=405&sync=0&domain=earnme.club&url=https://earnme.club/galaxy-m32-from-samsung/ HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://earnme.club/
Origin: https://earnme.club
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:46 GMT
content-type: application/json
cache-control: public,max-age=30
access-control-allow-origin: https://earnme.club
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
vary: Origin
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7868c1db3f620b06-OSL
X-Firefox-Spdy: h2
flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=4744491673220991818
54.230.111.81200 OK 0 B URL HTTP/2 flashnetic.com/t.js?i=tvdi2ru09cf0ymc0mwei9&cb=4744491673220991818
IP 54.230.111.81:0
GET /t.js?i=tvdi2ru09cf0ymc0mwei9&cb=4744491673220991818 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 11 Nov 2022 10:14:17 GMT
x-amz-version-id: _w3ae0RYCGBlDTPjQPIQB8LKoj64xOVc
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 17:57:30 GMT
etag: W/"57c945f3c1feba973398debac47b1341"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OmMWUdiCGupM1Q7EQhMdQXxnoJ_YaDjP1rP6ytY8k6SYSb9284fdmg==
age: 20355
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=emjfsxfi&e=1833548723549
54.230.111.81200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=emjfsxfi&e=1833548723549
IP 54.230.111.81:0
GET /r/p.html?f=emjfsxfi&e=1833548723549 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xmTjlVj_xUFZUjJNR0-MJwUcZDr-6tqurRBsiLO9lL4bib3EeyvbMA==
age: 65161
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=6i3SLV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czFhUTE3eGpDTHY4bVM2JTJGd1FBMFgzVDluaW1Bcks0V0ZzbkEzcld1RWlacA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:52 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=BDYOQ180M0RITmhlJTJCZkMwOUJGQlhaMUN2czFhUTE3eGpDTHY4bVM2JTJGd1FBMFgzUXhUSlFMb2M4SHJjUDNiNmEya2g5OA; expires=Fri, 02 Feb 2024 23:36:53 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 312378
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=1.3.4
216.58.207.202200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=1.3.4
IP 216.58.207.202:0
GET /css?family=Source+Sans+Pro%3Aregular%2Citalic%2C700%2C300%26subset%3Dlatin%2C&ver=1.3.4 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 08 Jan 2023 23:36:44 GMT
date: Sun, 08 Jan 2023 23:36:44 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.adapex.io/hb/aaw.emc.js
104.21.6.49200 OK 0 B URL HTTP/2 cdn.adapex.io/hb/aaw.emc.js
IP 104.21.6.49:0
GET /hb/aaw.emc.js HTTP/1.1
Host: cdn.adapex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:44 GMT
content-type: application/javascript
last-modified: Tue, 03 Jan 2023 07:47:25 GMT
vary: Accept-Encoding
etag: W/"63b3dd8d-89bd6"
expires: Mon, 09 Jan 2023 07:48:28 GMT
cache-control: public, max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 7098
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tLPIuTeFkUxM5PwvBmOEmwlhx5%2BQ3ogoFdGt8NfqgieyTWtUYRddGleuJ0j71%2FTDGMcynMJ3upQu8H3Tld%2FU6YI2A0JUCZ%2FWzoHyD7OUofxVgK%2BP8jsPCWMHsrKUx3g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7868c1cd1f9a0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://earnme.club
Connection: keep-alive
Referer: https://earnme.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 23:36:50 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Mon, 09 Jan 2023 23:36:50 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=earnme.club
IP 178.250.2.146:0
GET /syncframe?origin=publishertag&topUrl=earnme.club HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 08 Jan 2023 23:36:49 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=5a8531f5-000c-4263-8d25-3a82cbb8e7eb; expires=Fri, 02 Feb 2024 23:36:49 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 499930
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=bcjywvj&e=1833548723549
54.230.111.81200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=bcjywvj&e=1833548723549
IP 54.230.111.81:0
GET /r/p.html?f=bcjywvj&e=1833548723549 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hdelhNYiIBpzfYdZaAGuxUK-ES3pJWw5jk31SrQOPNyHEWRpIiDHBQ==
age: 65161
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
flashnetic.com/r/p.html?f=kzdpjt&e=1833548723549
54.230.111.81200 OK 0 B URL HTTP/2 flashnetic.com/r/p.html?f=kzdpjt&e=1833548723549
IP 54.230.111.81:0
GET /r/p.html?f=kzdpjt&e=1833548723549 HTTP/1.1
Host: flashnetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://earnme.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 25 Oct 2022 13:58:03 GMT
x-amz-version-id: 6P847P_3pwRq3kg1dbhEI8vZo9rD1MSu
server: AmazonS3
content-encoding: gzip
date: Sun, 08 Jan 2023 05:30:45 GMT
etag: W/"1d799671c4d6a9304651b1b9d6a783fb"
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kLZXmNZbawGZEKMMwm492WkSZKnp3R5LUA149ZHx96WBzOT7Vvq11Q==
age: 65161
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2