earnmoney.help2u.xyz Open in urlscan Pro
2a00:1450:4001:818::2013 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://earnmoney.help2u.xyz/
Effective URL:
https://earnmoney.help2u.xyz/p/earn-money-online.html
Submission: On January 09 via automatic, source certstream-suspicious (January 9th 2021, 11:32:31 am UTC)

Summary HTTP 49 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 15 domains to perform 49 HTTP transactions. The main IP is 2a00:1450:4001:818::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is earnmoney.help2u.xyz.
TLS certificate: Issued by R3 on January 9th 2021. Valid for: 3 months.

This is the only time earnmoney.help2u.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2a00:1450:400... 2a00:1450:4001:818::2013	15169 (GOOGLE) (GOOGLE)
1 16	2a00:1450:400... 2a00:1450:4001:814::2009	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:d59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.95.12.219 23.95.12.219	36352 (AS-COLOCR...) (AS-COLOCROSSING)
6	147.135.220.104 147.135.220.104	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e6:... 2606:4700:e6::ac40:c511	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3038::6815:ea5e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3035::6812:3916	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3032::ac43:98f7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3036::681f:5195	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:814::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
49	13

3 2a00:1450:4001:818::2013 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

earnmoney.help2u.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:814::2009 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:d59 (United States)

ASN13335 (CLOUDFLARENET, US)

adbtc.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.95.12.219 (Buffalo, United States)

ASN36352 (AS-COLOCROSSING, US)
PTR: 23-95-12-219-host.colocrossing.com

traffic2bitcoin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad2bitcoin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 147.135.220.104 (Beaurevoir, France)

ASN16276 (OVH, FR)
PTR: ns3074226.ip-147-135-220.eu

g.cash-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e6::ac40:c511 (United States)

ASN13335 (CLOUDFLARENET, US)

mdgzg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:ea5e (United States)

ASN13335 (CLOUDFLARENET, US)

mediacpm.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::6812:3916 (United States)

ASN13335 (CLOUDFLARENET, US)

cpm-ad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::ac43:98f7 (United States)

ASN13335 (CLOUDFLARENET, US)

nevtkm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::681f:5195 (United States)

ASN13335 (CLOUDFLARENET, US)

adz2you.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200d (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	blogger.com 1 redirects www.blogger.com	72 KB
6	cash-ads.com g.cash-ads.com	1 KB
6	blogblog.com resources.blogblog.com	2 KB
6	google.com 1 redirects apis.google.com accounts.google.com	98 KB
4	mdgzg.com mdgzg.com
3	adz2you.net adz2you.net
3	nevtkm.com nevtkm.com
3	cpm-ad.com cpm-ad.com
3	mediacpm.pl mediacpm.pl
3	help2u.xyz 1 redirects earnmoney.help2u.xyz	14 KB
1	gstatic.com www.gstatic.com	26 KB
1	googlesyndication.com pagead2.googlesyndication.com	172 B
1	ad2bitcoin.com ad2bitcoin.com	31 KB
1	traffic2bitcoin.com traffic2bitcoin.com	53 KB
1	adbtc.top adbtc.top
49	15

	Domain	Requested by
10	www.blogger.com	1 redirects earnmoney.help2u.xyz apis.google.com www.blogger.com
6	g.cash-ads.com	earnmoney.help2u.xyz g.cash-ads.com
6	resources.blogblog.com	earnmoney.help2u.xyz
5	apis.google.com	earnmoney.help2u.xyz apis.google.com
4	mdgzg.com	earnmoney.help2u.xyz
3	adz2you.net	earnmoney.help2u.xyz
3	nevtkm.com	earnmoney.help2u.xyz
3	cpm-ad.com	earnmoney.help2u.xyz
3	mediacpm.pl	earnmoney.help2u.xyz
3	earnmoney.help2u.xyz	1 redirects earnmoney.help2u.xyz
1	www.gstatic.com	apis.google.com
1	accounts.google.com	1 redirects
1	pagead2.googlesyndication.com	earnmoney.help2u.xyz
1	ad2bitcoin.com	earnmoney.help2u.xyz
1	traffic2bitcoin.com	earnmoney.help2u.xyz
1	adbtc.top	earnmoney.help2u.xyz
49	16

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
ref.adbtc.top
traffic2bitcoin.com
ad2bitcoin.com

Subject Issuer	Validity	Valid
earnmoney.help2u.xyz R3	`2021-01-09` - `2021-04-09`	3 months	crt.sh
*.blogger.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-07` - `2021-08-07`	a year	crt.sh
traffic2bitcoin.com cPanel, Inc. Certification Authority	`2021-01-02` - `2021-04-02`	3 months	crt.sh
ad2bitcoin.com cPanel, Inc. Certification Authority	`2021-01-02` - `2021-04-02`	3 months	crt.sh
g.cash-ads.com Let's Encrypt Authority X3	`2020-11-25` - `2021-02-23`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh

This page contains 22 frames:

Primary Page: https://earnmoney.help2u.xyz/p/earn-money-online.html
Frame ID: 4EE05B939DC95F961DA12EFBC057E562
Requests: 28 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=5887582937580633815&blogName=Help2U&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://earnmoney.help2u.xyz/search&blogLocale=en&v=2&homepageUrl=https://earnmoney.help2u.xyz/&targetPageID=4887046802813293142&blogPostOrPageUrl=https://earnmoney.help2u.xyz/p/earn-money-online.html&vt=4095801570301846850&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.SnHyU412DY0.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g%2Fm%3D__features__
Frame ID: DC5F43DD3106D6ABF0D23105E33CB69B
Requests: 1 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=3u16G%2F9YNhPU41RDGlyqQwFoopFQvY9Jr%2BDcrE3z1%2BM%3D
Frame ID: 65FA63116C2D01EB15B31022D0841AD7
Requests: 1 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=3u16G%2F9YNhPU41RDGlyqQxvZD2hWjkkyZxna2n2%2FUBg%3D
Frame ID: 4205EC6D13013EAF7339F0397E0A6821
Requests: 1 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=3u16G%2F9YNhPU41RDGlyqQ0dWEpZe8yQsSbMjViTADvM%3D
Frame ID: BB171A8CE945E9543C0B9F129BBF95D7
Requests: 1 HTTP requests in this frame

Frame: https://mdgzg.com/serve/show.php?a=2319&b=728x90
Frame ID: 10CBCFC581EBADE59F0D8C652257BDDD
Requests: 1 HTTP requests in this frame

Frame: https://mediacpm.pl/serve/show.php?a=26355&b=728x90
Frame ID: 6D2D83191169B84AAECE7F1EE8AA608E
Requests: 1 HTTP requests in this frame

Frame: https://cpm-ad.com/serve/show.php?a=4745&b=728x90
Frame ID: 01D4C839244D28F7F58BC07042764834
Requests: 1 HTTP requests in this frame

Frame: https://nevtkm.com/serve/show.php?a=4870&b=728x90
Frame ID: 4B25B5EE5DC005AF40FF4F03DABBDC81
Requests: 1 HTTP requests in this frame

Frame: https://mdgzg.com/serve/show.php?a=2319&b=468x60
Frame ID: 327841F90EAA62626097A83E6A453604
Requests: 1 HTTP requests in this frame

Frame: https://adz2you.net/serve/show.php?a=6569&b=468x60
Frame ID: F23AE4DDEB56B8106A2C18311A2928D7
Requests: 1 HTTP requests in this frame

Frame: https://mdgzg.com/serve/show.php?a=2319&b=160x600
Frame ID: 7300A1FA44D95FD07494EFBEB572A341
Requests: 1 HTTP requests in this frame

Frame: https://mediacpm.pl/serve/show.php?a=26355&b=160x600
Frame ID: A351385E494662BE513F75C4F53C6EC3
Requests: 1 HTTP requests in this frame

Frame: https://nevtkm.com/serve/show.php?a=4870&b=160x600
Frame ID: F6225A58DE2D65AFFB4372DC289D070B
Requests: 1 HTTP requests in this frame

Frame: https://cpm-ad.com/serve/show.php?a=4745&b=160x600
Frame ID: C8C601A7CCFF52E46A26681D173C7760
Requests: 1 HTTP requests in this frame

Frame: https://mdgzg.com/serve/show.php?a=2319&b=300x250
Frame ID: 72459A56B2DE9F320B871FD1ADE1D39E
Requests: 1 HTTP requests in this frame

Frame: https://mediacpm.pl/serve/show.php?a=26355&b=300x250
Frame ID: DBB9909CB6E2F24512754D88D13B1908
Requests: 1 HTTP requests in this frame

Frame: https://cpm-ad.com/serve/show.php?a=4745&b=300x250
Frame ID: 5F823C0F5791D092CA128B921B16D78F
Requests: 1 HTTP requests in this frame

Frame: https://nevtkm.com/serve/show.php?a=4870&b=300x250
Frame ID: 98C1BAB02FF322DB0E3CCC35D5EBA136
Requests: 1 HTTP requests in this frame

Frame: https://adz2you.net/serve/show.php?a=6569&b=300x250
Frame ID: FB71A422A020D39718F2B1B73B073693
Requests: 1 HTTP requests in this frame

Frame: https://adz2you.net/serve/show.php?a=6569&b=125x125
Frame ID: 63B8151BA121DFCE8686088313EC4F09
Requests: 1 HTTP requests in this frame

Frame: https://www.blogger.com/comment-iframe.g?blogID=5887582937580633815&pageID=4887046802813293142&blogspotRpcToken=9833803&bpli=1
Frame ID: DAA532A4A45E7C05004795E941300A50
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://earnmoney.help2u.xyz/ HTTP 301
https://earnmoney.help2u.xyz/p/earn-money-online.html Page URL

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Blogger$/i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Page Statistics

49
Requests

100 %
HTTPS

86 %
IPv6

15
Domains

16
Subdomains

13
IPs

3
Countries

296 kB
Transfer

684 kB
Size

4
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/rearrange?blogID=5887582937580633815&widgetType=PageList&widgetId=PageList1&action=editWidget&sectionId=crosscol
Title:

Search URL Search Domain Scan URL

URL: https://ref.adbtc.top/1514518

Search URL Search Domain Scan URL

URL: https://traffic2bitcoin.com/index.php?ref=satyabratonline

Search URL Search Domain Scan URL

URL: https://ad2bitcoin.com/index.php?ref=satyabratonline

Search URL Search Domain Scan URL

URL: https://www.blogger.com/page-edit.g?blogID=5887582937580633815&pageID=4887046802813293142&from=pencil
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5887582937580633815&pageID=4887046802813293142&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5887582937580633815&pageID=4887046802813293142&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5887582937580633815&pageID=4887046802813293142&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5887582937580633815&pageID=4887046802813293142&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=5887582937580633815&pageID=4887046802813293142&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/comment-iframe.g?blogID=5887582937580633815&pageID=4887046802813293142&blogspotRpcToken=9833803

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/15385565754039458113
Title: AYUSHJANSEWA

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=5887582937580633815&widgetType=Profile&widgetId=Profile1&action=editWidget&sectionId=sidebar-left-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=5887582937580633815&widgetType=BlogArchive&widgetId=BlogArchive1&action=editWidget&sectionId=sidebar-left-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=5887582937580633815&widgetType=HTML&widgetId=HTML1&action=editWidget&sectionId=footer-1
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/rearrange?blogID=5887582937580633815&widgetType=Attribution&widgetId=Attribution1&action=editWidget&sectionId=footer-3
Title:

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://earnmoney.help2u.xyz/ HTTP 301
https://earnmoney.help2u.xyz/p/earn-money-online.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://www.blogger.com/comment-iframe.g?blogID=5887582937580633815&pageID=4887046802813293142&blogspotRpcToken=9833803 HTTP 302
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D5887582937580633815%26pageID%3D4887046802813293142%26blogspotRpcToken%3D9833803%26bpli%3D1&followup=https://www.blogger.com/comment-iframe.g?blogID%3D5887582937580633815%26pageID%3D4887046802813293142%26blogspotRpcToken%3D9833803%26bpli%3D1&passive=true&go=true HTTP 302
https://www.blogger.com/comment-iframe.g?blogID=5887582937580633815&pageID=4887046802813293142&blogspotRpcToken=9833803&bpli=1

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request earn-money-online.html Show response
earnmoney.help2u.xyz/p/
Redirect Chain

https://earnmoney.help2u.xyz/
https://earnmoney.help2u.xyz/p/earn-money-online.html

53 KB
12 KB

272ms
270ms

Document
text/html

2a00:1450:4001:818::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f27a80b9606f52276c922913115169ff24a3403ac8db20e2f87f9ca6f32123aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: earnmoney.help2u.xyz
:scheme: https
:path: /p/earn-money-online.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-robots-tag: all,noodp
content-type: text/html; charset=UTF-8
expires: Sat, 09 Jan 2021 11:32:12 GMT
date: Sat, 09 Jan 2021 11:32:12 GMT
cache-control: private, max-age=0
last-modified: Thu, 01 Oct 2020 17:04:11 GMT
etag: W/"47eb98e77c0a4e5e01f780fda0136c3ea2ac531c3704fdb0663d0420de23cab8"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11841
server: GSE

Redirect headers

content-type: text/html; charset=UTF-8
location: /p/earn-money-online.html
content-encoding: gzip
date: Sat, 09 Jan 2021 11:32:12 GMT
expires: Sat, 09 Jan 2021 11:32:12 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 172
server: GSE

GET
H2 200 3416767676-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 36 KB
8 KB 27ms
7ms Stylesheet
text/css 2a00:1450:4001:814::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3416767676-css_bundle_v2.css

Requested by

Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c91afadbe63dd834aac00b49bc715795da58970e7d500c4bd8f50ed713c77880

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 08:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Jan 2021 22:21:11 GMT
server: sffe
age: 12578
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7982
x-xss-protection: 0
expires: Sun, 09 Jan 2022 08:02:34 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 49 KB
19 KB 48ms
27ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90364f9e89de88e01f85441ad4f682cef06a7d643a338d423019076a403b32f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+My3uIjaI1MeKnOXhBmlPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "ce489fde74c25a877295fbc1287705bd"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-+My3uIjaI1MeKnOXhBmlPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sat, 09 Jan 2021 11:32:13 GMT

GET
H2 200 icon18_wrench_allbkg.png
resources.blogblog.com/img/ 475 B
612 B 7ms
5ms Image
image/png 2a00:1450:4001:814::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_wrench_allbkg.png

Requested by

Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 17:38:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Jan 2021 09:14:19 GMT
server: sffe
age: 323611
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 475
x-xss-protection: 0
expires: Tue, 12 Jan 2021 17:38:41 GMT

GET
H2 403 banner_468x60.jpg
adbtc.top/promo/ 0
0 62ms
37ms Image
text/html 2606:4700:20::681a:d59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adbtc.top/promo/banner_468x60.jpg
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:d59 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK 468.png
traffic2bitcoin.com/banners/ 53 KB
53 KB 566ms
179ms Image
image/png 23.95.12.219
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://traffic2bitcoin.com/banners/468.png
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.95.12.219 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-12-219-host.colocrossing.com
Software: Apache /
Resource Hash: 92a346340df7310f5e48d710ae157dbf32ccddcd0512ace010c3bf8a39d1a9b9

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 09 Jan 2021 11:32:12 GMT
Last-Modified: Tue, 13 Nov 2018 10:16:49 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 54205
Content-Type: image/png

GET
H/1.1 200
OK 468x60.gif
ad2bitcoin.com/banners/ 31 KB
31 KB 567ms
181ms Image
image/gif 23.95.12.219
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad2bitcoin.com/banners/468x60.gif
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.95.12.219 Buffalo, United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: 23-95-12-219-host.colocrossing.com
Software: Apache /
Resource Hash: 97896e492ce6b806d7449272d7a2eaeefb5c9fd8f290ee89a2c63f62b3c06bea

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 09 Jan 2021 11:32:12 GMT
Last-Modified: Fri, 01 Mar 2019 09:49:06 GMT
Server: Apache
Connection: close
Accept-Ranges: bytes
Content-Length: 31510
Content-Type: image/gif

GET
H2 200 banner.php Show response
g.cash-ads.com/ 211 B
372 B 95ms
29ms Script
text/html 147.135.220.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/banner.php?uid=4491&size=2

Requested by

Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

147.135.220.104 Beaurevoir, France, ASN16276 (OVH, FR),

Reverse DNS

ns3074226.ip-147-135-220.eu

Software

nginx /

Resource Hash

f96ff397a06f459aa5c30d53813342a60758c64bfa5f7187a5aff79a71445506

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-encoding: gzip
server: nginx
x-frame-options: deny
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 200 banner.php Show response
g.cash-ads.com/ 209 B
369 B 95ms
29ms Script
text/html 147.135.220.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/banner.php?uid=4491&size=1

Requested by

Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

147.135.220.104 Beaurevoir, France, ASN16276 (OVH, FR),

Reverse DNS

ns3074226.ip-147-135-220.eu

Software

nginx /

Resource Hash

1dd1bcb1be15d9905d4962f84765e0814b3aa07d643826bc61fa957a3d82d594

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-encoding: gzip
server: nginx
x-frame-options: deny
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 200 banner.php Show response
g.cash-ads.com/ 208 B
369 B 95ms
30ms Script
text/html 147.135.220.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/banner.php?uid=4491&size=4

Requested by

Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

147.135.220.104 Beaurevoir, France, ASN16276 (OVH, FR),

Reverse DNS

ns3074226.ip-147-135-220.eu

Software

nginx /

Resource Hash

b113ad392e9d9e3b2f7d9e2aaa1a3b15d1e6c2834babf66c36ee3448da183a27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-encoding: gzip
server: nginx
x-frame-options: deny
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15768000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
281 B 7ms
6ms Image
image/gif 2a00:1450:4001:814::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 10:19:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Jan 2021 18:16:13 GMT
server: sffe
age: 263560
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162
x-xss-protection: 0
expires: Wed, 13 Jan 2021 10:19:32 GMT

GET
H3-Q050 200 3858658042-comment_from_post_iframe.js Show response
www.blogger.com/static/v1/jsbin/ 13 KB
5 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:814::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/jsbin/3858658042-comment_from_post_iframe.js

Requested by

Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a09131f2885086eb3dea6a379c43e58c88e683b99fb7cf9cefde399dfd68d0ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Jan 2021 17:15:45 GMT
server: sffe
age: 313535
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5121
x-xss-protection: 0
expires: Wed, 05 Jan 2022 20:26:38 GMT

GET
H2 200 cookienotice.js Show response
earnmoney.help2u.xyz/js/ 6 KB
2 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:818::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://earnmoney.help2u.xyz/js/cookienotice.js

Requested by

Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 11:32:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Jan 2021 20:16:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 2026
x-xss-protection: 0
expires: Sat, 16 Jan 2021 11:32:12 GMT

GET
H3-Q050 200 2566653647-widgets.js Show response
www.blogger.com/static/v1/widgets/ 142 KB
52 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:814::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/2566653647-widgets.js

Requested by

Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

816a527542ad79e1d70328d4a48bcda30a029d1fedbbc7edd628aa2c86a546af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 00:18:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Jan 2021 17:15:45 GMT
server: sffe
age: 299601
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52709
x-xss-protection: 0
expires: Thu, 06 Jan 2022 00:18:52 GMT

GET
H3-Q050 200 authorization.css
www.blogger.com/dyn-css/ 1 B
665 B 134ms
120ms Stylesheet
text/css 2a00:1450:4001:814::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5887582937580633815&zx=2b0e67d9-2ab6-43e6-96fb-94b1c24dbebc

Requested by

Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 09 Jan 2021 11:32:13 GMT
server: GSE
date: Sat, 09 Jan 2021 11:32:13 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.SnHyU412DY0.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g/ 138 KB
48 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.SnHyU412DY0.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e51f1f53f9449e241d46c551d63b14e91cb113480b04fd4e0e49d3b8c96505e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 04 Jan 2021 20:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 01 Dec 2020 23:44:49 GMT
server: sffe
age: 400964
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49563
x-xss-protection: 0
expires: Tue, 04 Jan 2022 20:09:29 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.SnHyU412DY0.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g/ 54 KB
18 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.SnHyU412DY0.O/m=gapi_iframes,gapi_iframes_style_bubble/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a2ebb29be35e23d1aed3ca59399bdf62ae3506c55a3f1ac8256d8f5395935f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 01 Dec 2020 23:44:49 GMT
server: sffe
age: 145401
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17824
x-xss-protection: 0
expires: Fri, 07 Jan 2022 19:08:52 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
172 B 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 11:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 602
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Jan 2021 11:22:11 GMT

GET
H3-Q050 200 white80.png
resources.blogblog.com/blogblog/data/1kt/transparent/ 96 B
221 B 7ms
7ms Image
image/png 2a00:1450:4001:814::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/transparent/white80.png

Requested by

Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e232a3693a281342acc16b293dddeafcf91579f1b52df2cf22303b17c2a0e57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 13:11:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 Jan 2021 19:11:17 GMT
server: sffe
age: 80419
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96
x-xss-protection: 0
expires: Fri, 15 Jan 2021 13:11:54 GMT

GET
H3-Q050 200 header_gradient_shade.png
resources.blogblog.com/blogblog/data/1kt/transparent/ 424 B
526 B 7ms
7ms Image
image/png 2a00:1450:4001:814::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/transparent/header_gradient_shade.png

Requested by

Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bf4e9296165fffe3661a6a978e175f37f9ff65e6ac2beb9f40a92e2d96710c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 16:17:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 20:36:13 GMT
server: sffe
age: 155708
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 424
x-xss-protection: 0
expires: Thu, 14 Jan 2021 16:17:05 GMT

GET
H3-Q050 200 tabs_gradient_shade.png
resources.blogblog.com/blogblog/data/1kt/transparent/ 185 B
287 B 8ms
8ms Image
image/png 2a00:1450:4001:814::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/transparent/tabs_gradient_shade.png

Requested by

Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f9fb5396ea8566bb59a43a174a5ec23bf4e04ec9cc18b85b69af22d9206ddd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 06 Jan 2021 18:47:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 Jan 2021 13:18:42 GMT
server: sffe
age: 233107
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 185
x-xss-protection: 0
expires: Wed, 13 Jan 2021 18:47:06 GMT

GET
H3-Q050 200 navbar.g
www.blogger.com/ Frame DC5F 0
0 567ms
566ms Document
text/html 2a00:1450:4001:814::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=5887582937580633815&blogName=Help2U&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://earnmoney.help2u.xyz/search&blogLocale=en&v=2&homepageUrl=https://earnmoney.help2u.xyz/&targetPageID=4887046802813293142&blogPostOrPageUrl=https://earnmoney.help2u.xyz/p/earn-money-online.html&vt=4095801570301846850&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.SnHyU412DY0.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.SnHyU412DY0.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g/cb=gapi.loaded_0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /navbar.g?targetBlogID=5887582937580633815&blogName=Help2U&publishMode=PUBLISH_MODE_HOSTED&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://earnmoney.help2u.xyz/search&blogLocale=en&v=2&homepageUrl=https://earnmoney.help2u.xyz/&targetPageID=4887046802813293142&blogPostOrPageUrl=https://earnmoney.help2u.xyz/p/earn-money-online.html&vt=4095801570301846850&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.SnHyU412DY0.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 09 Jan 2021 11:32:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 2626
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
g.cash-ads.com/ Frame 65FA 0
0 57ms
57ms Document
text/html 147.135.220.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/?nc=3u16G%2F9YNhPU41RDGlyqQwFoopFQvY9Jr%2BDcrE3z1%2BM%3D

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner.php?uid=4491&size=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

147.135.220.104 Beaurevoir, France, ASN16276 (OVH, FR),

Reverse DNS

ns3074226.ip-147-135-220.eu

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: g.cash-ads.com
:scheme: https
:path: /?nc=3u16G%2F9YNhPU41RDGlyqQwFoopFQvY9Jr%2BDcrE3z1%2BM%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

server: nginx
date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 /
g.cash-ads.com/ Frame 4205 0
0 59ms
58ms Document
text/html 147.135.220.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/?nc=3u16G%2F9YNhPU41RDGlyqQxvZD2hWjkkyZxna2n2%2FUBg%3D

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner.php?uid=4491&size=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

147.135.220.104 Beaurevoir, France, ASN16276 (OVH, FR),

Reverse DNS

ns3074226.ip-147-135-220.eu

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: g.cash-ads.com
:scheme: https
:path: /?nc=3u16G%2F9YNhPU41RDGlyqQxvZD2hWjkkyZxna2n2%2FUBg%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

server: nginx
date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 /
g.cash-ads.com/ Frame BB17 0
0 60ms
59ms Document
text/html 147.135.220.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/?nc=3u16G%2F9YNhPU41RDGlyqQ0dWEpZe8yQsSbMjViTADvM%3D

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner.php?uid=4491&size=4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

147.135.220.104 Beaurevoir, France, ASN16276 (OVH, FR),

Reverse DNS

ns3074226.ip-147-135-220.eu

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: g.cash-ads.com
:scheme: https
:path: /?nc=3u16G%2F9YNhPU41RDGlyqQ0dWEpZe8yQsSbMjViTADvM%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

server: nginx
date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 show.php
mdgzg.com/serve/ Frame 10CB 0
0 451ms
185ms Document
text/html 2606:4700:e6::ac40:c511
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mdgzg.com/serve/show.php?a=2319&b=728x90
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c511 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: mdgzg.com
:scheme: https
:path: /serve/show.php?a=2319&b=728x90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6c2ba8418553f92475e1d56708b8e66d1610191933; expires=Mon, 08-Feb-21 11:32:13 GMT; path=/; domain=.mdgzg.com; HttpOnly; SameSite=Lax
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
cf-request-id: 07888427c000002be9b2884000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ViE3LIwxSECZXcdyOf6iXfnFgqZOzu0e9rJBE9LD30vl6eXToDbqYq4ugunVjo6blCsz6kTOgZtbdXTn1gRBeZde2fmreDpOW9gLXZr0PvSFNp%2Ba3Lk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60edd61f9c0b2be9-FRA
content-encoding: br

GET
H2 200 show.php
mediacpm.pl/serve/ Frame 6D2D 0
0 446ms
104ms Document
text/html 2606:4700:3038::6815:ea5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mediacpm.pl/serve/show.php?a=26355&b=728x90
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: mediacpm.pl
:scheme: https
:path: /serve/show.php?a=26355&b=728x90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6358d2e4ff41dc2dae2562a599ff8f6e1610191933; expires=Mon, 08-Feb-21 11:32:13 GMT; path=/; domain=.mediacpm.pl; HttpOnly; SameSite=Lax; Secure __cf_bm=613d398f594035a0976f5f0ff5a8ea35298efabe-1610191933-1800-AdcbElUQeqJDPsQOjSLNK+AFmCo8kBEEbK0Ht+Z0EsVB/KRtuK+nj4NMQwCpD9qqZS3SfObwx8O45/L8Aygtr/g=; path=/; expires=Sat, 09-Jan-21 12:02:13 GMT; domain=.mediacpm.pl; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
cf-request-id: 07888427c10000beba1332f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MnPSeetl%2BNs70%2FEyNfsAmLTJguXZgL3KITB2N2IMFo1D9vyCb762%2BoCV4knZk0%2BjpmtCB%2FyHaMHOz5sTJ4Gpq7bmvASeyabxaJe1UQEzZrhuNEUxns6jFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60edd61f9ad7beba-FRA
content-encoding: br

GET
H2 200 show.php
cpm-ad.com/serve/ Frame 01D4 0
0 452ms
113ms Document
text/html 2606:4700:3035::6812:3916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm-ad.com/serve/show.php?a=4745&b=728x90
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: cpm-ad.com
:scheme: https
:path: /serve/show.php?a=4745&b=728x90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d8055841d5f332e5a7f9666b7044407171610191933; expires=Mon, 08-Feb-21 11:32:13 GMT; path=/; domain=.cpm-ad.com; HttpOnly; SameSite=Lax __cf_bm=ab11e49839b80bcd2304cbb5fca4c6777d89bef8-1610191933-1800-AQs31dk0hc18FQmTsEIewt0YlkS/jdfVvP8YgTU+Yz3ugnLdxHWfk9JRkcoH2n5iefKFm7FCJKNPKShunp4jdHI=; path=/; expires=Sat, 09-Jan-21 12:02:13 GMT; domain=.cpm-ad.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
cf-request-id: 07888427c20000d6b5ac18f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NT6YQ%2BLW2D8LeQhTuYtuNemX8LGDvRPoNqNHuwFG9%2F67EieSXtUh1l3hhn1SwzAQ5hUTwKDfpsMooHQwCImqrlXKH8Hyw88mTkthqBe7XKUYTe57pcjr"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60edd61f99bcd6b5-FRA
content-encoding: br

GET
H2 200 show.php
nevtkm.com/serve/ Frame 4B25 0
0 650ms
311ms Document
text/html 2606:4700:3032::ac43:98f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nevtkm.com/serve/show.php?a=4870&b=728x90
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:98f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: nevtkm.com
:scheme: https
:path: /serve/show.php?a=4870&b=728x90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df9218700bde51a2783daa713befdd9831610191933; expires=Mon, 08-Feb-21 11:32:13 GMT; path=/; domain=.nevtkm.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
cf-request-id: 07888428100000e0036704f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eeJuorKvRwEPIpPscQ0zEZWhUAFl9A6Ajq%2FaHNt1DxfvhDHiMRcp1%2FdaiOuCuqV8MkvvIyLy2WnjyaS2a5KPy9rYF8o1yqlOSI6nHIacEUv%2B32p9z9ib"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60edd6201f44e003-FRA
content-encoding: br

GET
H2 200 show.php
mdgzg.com/serve/ Frame 3278 0
0 442ms
183ms Document
text/html 2606:4700:e6::ac40:c511
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mdgzg.com/serve/show.php?a=2319&b=468x60
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c511 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: mdgzg.com
:scheme: https
:path: /serve/show.php?a=2319&b=468x60
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6c2ba8418553f92475e1d56708b8e66d1610191933; expires=Mon, 08-Feb-21 11:32:13 GMT; path=/; domain=.mdgzg.com; HttpOnly; SameSite=Lax
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
cf-request-id: 07888427c000002be9c2a00000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wsoimKRWKeSoMqEO%2FkRFya0XVXWxQXaimchw%2Blb8cukaXedxlPdj%2FK8bzb1XUPpN5DX7VvCbn%2FTUrcCqzrihWHTfSILvAqRIe7bKtakREMN%2BqyAKJzM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60edd61f9c0e2be9-FRA
content-encoding: br

GET
H2 200 show.php
adz2you.net/serve/ Frame F23A 0
0 542ms
207ms Document
text/html 2606:4700:3036::681f:5195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adz2you.net/serve/show.php?a=6569&b=468x60
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: adz2you.net
:scheme: https
:path: /serve/show.php?a=6569&b=468x60
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d089183ec7086f7bec660bdc444d56b611610191933; expires=Mon, 08-Feb-21 11:32:13 GMT; path=/; domain=.adz2you.net; HttpOnly; SameSite=Lax __cf_bm=0fe5426d837a24e7f375bcbc4b6d9088dc7f1805-1610191933-1800-AdstDOSTBK4baH1IWxSkvGQa5llV7HEgYLICpYV3LwVejvGbyhFylOh4GCyC1Vaz4hEvNTZUmxhoDIxqC3YEDgk=; path=/; expires=Sat, 09-Jan-21 12:02:13 GMT; domain=.adz2you.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
cf-request-id: 078884281100004a733cb0a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HUtvm3Ptnw4AModtl98GWoLSeneZc0uVzLB8VHWfL%2F%2F2yNAS3%2FttRCfZLi8BNwfwMLBn6wlJMlpaocGcYCTUzwISCpCs7Sbhz580qdlRowhHyQQh%2FYD2Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60edd62018d94a73-FRA
content-encoding: br

GET
H2 200 show.php
mdgzg.com/serve/ Frame 7300 0
0 443ms
187ms Document
text/html 2606:4700:e6::ac40:c511
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mdgzg.com/serve/show.php?a=2319&b=160x600
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c511 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: mdgzg.com
:scheme: https
:path: /serve/show.php?a=2319&b=160x600
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6c2ba8418553f92475e1d56708b8e66d1610191933; expires=Mon, 08-Feb-21 11:32:13 GMT; path=/; domain=.mdgzg.com; HttpOnly; SameSite=Lax
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
cf-request-id: 07888427c000002be9edb9e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z7Tdxz%2FPk7eyoU6ZMjaMlCR10Y4gbpANVwocPE2QA6zFE%2FizkKA6MkdIy4ClIvUzR03vkAvT1CIItR1jZuP%2BdOCyq43stoRYXvjNtrLKygY74i9dYQo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60edd61f9c102be9-FRA
content-encoding: br

GET
H2 200 show.php
mediacpm.pl/serve/ Frame A351 0
0 502ms
204ms Document
text/html 2606:4700:3038::6815:ea5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mediacpm.pl/serve/show.php?a=26355&b=160x600
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: mediacpm.pl
:scheme: https
:path: /serve/show.php?a=26355&b=160x600
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6358d2e4ff41dc2dae2562a599ff8f6e1610191933; expires=Mon, 08-Feb-21 11:32:13 GMT; path=/; domain=.mediacpm.pl; HttpOnly; SameSite=Lax; Secure __cf_bm=6be0d2c4536607012d3f6d4909f2444be502e3f7-1610191933-1800-ATy3Sa6AbbSTybhp6dxJP97dfnfy4Xn2Jxxj3LNPIGqS8CUvrsdQW+F3MFS9h/njX9fX8XhOzL4U+fnBbu2Y14M=; path=/; expires=Sat, 09-Jan-21 12:02:13 GMT; domain=.mediacpm.pl; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
cf-request-id: 07888428100000beba0898b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fNQmvNPbeHwfEckM7XNfjGWio5Xr5Nn2Jh0K2dyjTA0IsMZIn66OJUQWu%2Fet8ujbbd4wAMwAUbrBQ7ADR%2FCn%2BWv1wrR4yR%2FhQNeQTOQU2m8MZDGjxzTa5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60edd6201b26beba-FRA
content-encoding: br

GET
H2 200 show.php
nevtkm.com/serve/ Frame F622 0
0 610ms
312ms Document
text/html 2606:4700:3032::ac43:98f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nevtkm.com/serve/show.php?a=4870&b=160x600
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:98f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: nevtkm.com
:scheme: https
:path: /serve/show.php?a=4870&b=160x600
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df9218700bde51a2783daa713befdd9831610191933; expires=Mon, 08-Feb-21 11:32:13 GMT; path=/; domain=.nevtkm.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
cf-request-id: 07888428140000e003958af000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QvOMcb%2FIENmpV9hBJnmnps%2BbPSbbsDT2aVRVDBRSnLyjlQsaath%2FI7vd%2FvFupUN19UqVMnLBssPnUH%2FobUDIJq6bKeZEz8TX6TwbwxfQmgX2cErGdOGO"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60edd6202f4ce003-FRA
content-encoding: br

GET
H2 200 show.php
cpm-ad.com/serve/ Frame C8C6 0
0 586ms
301ms Document
text/html 2606:4700:3035::6812:3916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm-ad.com/serve/show.php?a=4745&b=160x600
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: cpm-ad.com
:scheme: https
:path: /serve/show.php?a=4745&b=160x600
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d8055841d5f332e5a7f9666b7044407171610191933; expires=Mon, 08-Feb-21 11:32:13 GMT; path=/; domain=.cpm-ad.com; HttpOnly; SameSite=Lax __cf_bm=0c3238630bfc3e16d1dcf815e07b800947798e3b-1610191933-1800-AeEiLJf1GLBm8sO94gXOIXXY10pjW5/dOCs6gNFMmDeLzMC2w3I+Im6IzSV9WPkPijtKyWBDnU1xcHauK2gObls=; path=/; expires=Sat, 09-Jan-21 12:02:13 GMT; domain=.cpm-ad.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
cf-request-id: 07888428100000d6b528857000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QXnxZV2Zjgb4mMkeYDgYZ%2F8RnlmmTwatRz0PRbWsoFI8%2B2ssYll1271htQzPbgN1Co8rJRpk%2FUTNaQCrWbWSyk4O1iv5gS8TxjYpXhdNYIYefPnIZPMu"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60edd6201aa5d6b5-FRA
content-encoding: br

GET
H2 200 show.php
mdgzg.com/serve/ Frame 7245 0
0 485ms
201ms Document
text/html 2606:4700:e6::ac40:c511
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mdgzg.com/serve/show.php?a=2319&b=300x250
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c511 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: mdgzg.com
:scheme: https
:path: /serve/show.php?a=2319&b=300x250
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6c2ba8418553f92475e1d56708b8e66d1610191933; expires=Mon, 08-Feb-21 11:32:13 GMT; path=/; domain=.mdgzg.com; HttpOnly; SameSite=Lax
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
cf-request-id: 078884281100002be9f509b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wNM8ps6bffJaAAhR2PqoGwr%2B%2BcH20i8GvUdqZAmUj4jyClCBjd%2BKwA2j%2FAIlj8GQr3rlN6CEzgXlZ69Rt7oNIio6GSFsNlZ8CH3wa%2B8eSXYwQxKL7m0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60edd6201d112be9-FRA
content-encoding: br

GET
H2 200 show.php
mediacpm.pl/serve/ Frame DBB9 0
0 485ms
203ms Document
text/html 2606:4700:3038::6815:ea5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mediacpm.pl/serve/show.php?a=26355&b=300x250
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ea5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: mediacpm.pl
:scheme: https
:path: /serve/show.php?a=26355&b=300x250
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6358d2e4ff41dc2dae2562a599ff8f6e1610191933; expires=Mon, 08-Feb-21 11:32:13 GMT; path=/; domain=.mediacpm.pl; HttpOnly; SameSite=Lax; Secure __cf_bm=696b1141cbc1fc6dfca7715fbe79053a48a78e8e-1610191933-1800-AY5z7+4/MDrd39l0o7dvlnY1V7HlYiDkZYdzVGYT0vTZmfAt9dIT+Ara365tewHRwtJkYl7TFNRHrvEUVxvdsxM=; path=/; expires=Sat, 09-Jan-21 12:02:13 GMT; domain=.mediacpm.pl; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
cf-request-id: 07888428100000beba1a877000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UdEm6oA8509KAIlaJY5uZndjltySz4q0zQwgpnQCwLSliE6DzesAo7JFTT7HF1SERKxq7WUmDzIAqucfOpM0rFG3Zw88fBldBZNZAQI7Isg4T%2FcllLkQ8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60edd6201b27beba-FRA
content-encoding: br

GET
H2 200 show.php
cpm-ad.com/serve/ Frame 5F82 0
0 482ms
200ms Document
text/html 2606:4700:3035::6812:3916
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm-ad.com/serve/show.php?a=4745&b=300x250
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6812:3916 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: cpm-ad.com
:scheme: https
:path: /serve/show.php?a=4745&b=300x250
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d8055841d5f332e5a7f9666b7044407171610191933; expires=Mon, 08-Feb-21 11:32:13 GMT; path=/; domain=.cpm-ad.com; HttpOnly; SameSite=Lax __cf_bm=3f343c189341a32408b4af74d881f4d7d9f9e5e5-1610191933-1800-AdBE0BmpBJNgQ0fmXodGl+cY4f1dbg8MQQoMfbpJJV//sqyODgZO1HD90TGUXBg7ZgIulDRI3mO6cCBTeEumzcA=; path=/; expires=Sat, 09-Jan-21 12:02:13 GMT; domain=.cpm-ad.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
cf-request-id: 07888428100000d6b51c003000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l3dZMYGsYKw1DJlwdmbNncqpeMIrzO9%2FlrwgN4fOvPJwD8rafDoD%2FKyLWOHp72ucmZvy2aHgROZ419nNb4aTNmPpxXlC868SsEj20vdOvSaHs0xcXd3k"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60edd6201aa7d6b5-FRA
content-encoding: br

GET
H2 200 show.php
nevtkm.com/serve/ Frame 98C1 0
0 595ms
315ms Document
text/html 2606:4700:3032::ac43:98f7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nevtkm.com/serve/show.php?a=4870&b=300x250
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:98f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: nevtkm.com
:scheme: https
:path: /serve/show.php?a=4870&b=300x250
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df9218700bde51a2783daa713befdd9831610191933; expires=Mon, 08-Feb-21 11:32:13 GMT; path=/; domain=.nevtkm.com; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
cf-request-id: 07888428100000e003a6a60000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RR0ZLi0Veal9%2B%2BT34zoPgHFFzKWf%2FfXvWQTS6qPMMz4Bq6FkFJwpDwO3Bu71gj%2BVJqMr8LTq0k1jRzgfMey8soPIecjBd6YkwlF1Xi86sMmX6aCu8Kht"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60edd6201f46e003-FRA
content-encoding: br

GET
H2 200 show.php
adz2you.net/serve/ Frame FB71 0
0 404ms
205ms Document
text/html 2606:4700:3036::681f:5195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adz2you.net/serve/show.php?a=6569&b=300x250
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: adz2you.net
:scheme: https
:path: /serve/show.php?a=6569&b=300x250
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d089183ec7086f7bec660bdc444d56b611610191933; expires=Mon, 08-Feb-21 11:32:13 GMT; path=/; domain=.adz2you.net; HttpOnly; SameSite=Lax __cf_bm=933763ce3516be4d7cf4e86f3ccbf21c57d22782-1610191933-1800-AVvfiEqYhY655BdyMftsSqh0teeDaLc3rXGi9ZH9TznoTT54ULxQ0/SIS6VfixiW1IB4JBbUm1JIu/dK4nkWxrQ=; path=/; expires=Sat, 09-Jan-21 12:02:13 GMT; domain=.adz2you.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
cf-request-id: 078884281100004a734d80a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F4a5FVKZ9M4iOiDSnMrLe2Hsyn11Vg3i21GMHFAgPhLnD9olmSkYmcjmS4q9vhxym7DSN0IAtDSpW9DdRsHOF2EnDx95PlJMIghAQnBgVFgeq5BfMQ2QKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60edd62018de4a73-FRA
content-encoding: br

GET
H2 200 show.php
adz2you.net/serve/ Frame 63B8 0
0 494ms
303ms Document
text/html 2606:4700:3036::681f:5195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adz2you.net/serve/show.php?a=6569&b=125x125
Requested by: Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5195 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

:method: GET
:authority: adz2you.net
:scheme: https
:path: /serve/show.php?a=6569&b=125x125
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html

Response headers

date: Sat, 09 Jan 2021 11:32:13 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d089183ec7086f7bec660bdc444d56b611610191933; expires=Mon, 08-Feb-21 11:32:13 GMT; path=/; domain=.adz2you.net; HttpOnly; SameSite=Lax __cf_bm=4b29c39256db559d1eebc63984a95528f3897a86-1610191933-1800-AZcsW34AiqPiM7CwkF3HLpykHu+ZnWBh/I9A3pMT6slnB3FYpeZuDQMnSLZCyHphfMY1KQZD7NUecScKPF5372M=; path=/; expires=Sat, 09-Jan-21 12:02:13 GMT; domain=.adz2you.net; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cf-cache-status: DYNAMIC
cf-request-id: 078884281100004a733b81e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uVNTXqn1Z3fBGPgv2PLRjE2kAHtdM5umuojacAvI8EbNqkcVsPm%2FM9tEQ4h%2BpUObF8%2FjVRCKANNSmxDJ4e3DUFJ%2FSCuiAxMp9stOtaihlt8amH1O819Bpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60edd62018db4a73-FRA
content-encoding: br

GET
H3-Q050 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 56ms
55ms Image
image/png 2a00:1450:4001:814::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3416767676-css_bundle_v2.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.blogger.com/static/v1/widgets/3416767676-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 05 Jan 2021 20:04:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 05 Jan 2021 11:19:06 GMT
server: sffe
age: 314891
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5080
x-xss-protection: 0
expires: Tue, 12 Jan 2021 20:04:02 GMT

GET
H3-Q050

200

comment-iframe.g
www.blogger.com/ Frame DAA5
Redirect Chain

https://www.blogger.com/comment-iframe.g?blogID=5887582937580633815&pageID=4887046802813293142&blogspotRpcToken=9833803
https://accounts.google.com/ServiceLogin?continue=https://www.blogger.com/comment-iframe.g?blogID%3D5887582937580633815%26pageID%3D4887046802813293142%26blogspotRpcToken%3D9833803%26bpli%3D1&follow...
https://www.blogger.com/comment-iframe.g?blogID=5887582937580633815&pageID=4887046802813293142&blogspotRpcToken=9833803&bpli=1

0
0

384ms
298ms

Document
text/html

2a00:1450:4001:814::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/comment-iframe.g?blogID=5887582937580633815&pageID=4887046802813293142&blogspotRpcToken=9833803&bpli=1

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/jsbin/3858658042-comment_from_post_iframe.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.blogger.com
:scheme: https
:path: /comment-iframe.g?blogID=5887582937580633815&pageID=4887046802813293142&blogspotRpcToken=9833803&bpli=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 09 Jan 2021 11:32:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1706
server: GSE
set-cookie: S=blogger=KvneJUURfsDYNEAeUoTvUmdR0LXSPdQbcS1e9Qro2vA; Domain=.blogger.com; Path=/; Secure; HttpOnly; Priority=LOW; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 09 Jan 2021 11:32:13 GMT
location: https://www.blogger.com/comment-iframe.g?blogID=5887582937580633815&pageID=4887046802813293142&blogspotRpcToken=9833803&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'report-sample' 'nonce-rISd3LNCkc8pv5H1PvMtcQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 255
server: GSE
set-cookie: __Host-GAPS=1:5afbJlQl_e-GOJHm3g7uVJBBVr2ztw:km6rfMO6DtWdTvQX;Path=/;Expires=Mon, 09-Jan-2023 11:32:13 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 logo-16.png
www.blogger.com/img/ 279 B
380 B 105ms
6ms Image
image/png 2a00:1450:4001:814::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/logo-16.png

Requested by

Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 07:51:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 Jan 2021 15:11:51 GMT
server: sffe
age: 99627
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 279
x-xss-protection: 0
expires: Fri, 15 Jan 2021 07:51:46 GMT

GET
H3-Q050 200 black50.png
resources.blogblog.com/blogblog/data/1kt/transparent/ 96 B
198 B 107ms
7ms Image
image/png 2a00:1450:4001:814::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/transparent/black50.png

Requested by

Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

380be71e72fb28899a6cf71bad4434677a6df3a2fcce56d23c28bc4794549047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 08 Jan 2021 13:51:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 Jan 2021 08:21:47 GMT
server: sffe
age: 78073
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96
x-xss-protection: 0
expires: Fri, 15 Jan 2021 13:51:00 GMT

GET
H3-Q050 200 cb=gapi.loaded_2 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.SnHyU412DY0.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g/ 24 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.SnHyU412DY0.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g/cb=gapi.loaded_2

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57794b700c320fe497a0dcf0578c9e0f889499d9794bf5d8458c4da2c6b74b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 01 Dec 2020 23:44:49 GMT
server: sffe
age: 145401
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8489
x-xss-protection: 0
expires: Fri, 07 Jan 2022 19:08:52 GMT

GET
H3-Q050 200 authorization.css
www.blogger.com/dyn-css/ 1 B
649 B 362ms
197ms Stylesheet
text/css 2a00:1450:4001:814::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=5887582937580633815&zx=2b0e67d9-2ab6-43e6-96fb-94b1c24dbebc

Requested by

Host: earnmoney.help2u.xyz
URL: https://earnmoney.help2u.xyz/p/earn-money-online.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sat, 09 Jan 2021 11:32:13 GMT
server: GSE
date: Sat, 09 Jan 2021 11:32:13 GMT
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: text/css; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 70 KB
26 KB 110ms
6ms Script
text/javascript 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.SnHyU412DY0.O/m=profile/exm=gapi_iframes,gapi_iframes_style_bubble,plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g/cb=gapi.loaded_2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eace67ffe427f8e9c8b07912afc29ecb91f52dfb1cbc60ea3811b15cde32f834

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 09 Jan 2021 10:55:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Jan 2021 23:38:15 GMT
server: sffe
age: 2216
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25946
x-xss-protection: 0
expires: Sat, 09 Jan 2021 11:45:18 GMT

GET
H3-Q050 200 cb=gapi.loaded_3 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.SnHyU412DY0.O/m=gapi_iframes_style_slide_menu/exm=gapi_iframes,gapi_iframes_style_bubble,plusone,profile/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCOb... 8 KB
3 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.SnHyU412DY0.O/m=gapi_iframes_style_slide_menu/exm=gapi_iframes,gapi_iframes_style_bubble,plusone,profile/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g/cb=gapi.loaded_3

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf1465948bf88033efa2613f4b9362cdddd702b4107f39d0aafb6023419a4efe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://earnmoney.help2u.xyz/p/earn-money-online.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 07 Jan 2021 19:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 01 Dec 2020 23:44:49 GMT
server: sffe
age: 145401
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3117
x-xss-protection: 0
expires: Fri, 07 Jan 2022 19:08:53 GMT

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adz2you.net/	1970-01-19 15:16:33	Name: __cf_bm Value: 4b29c39256db559d1eebc63984a95528f3897a86-1610191933-1800-AZcsW34AiqPiM7CwkF3HLpykHu+ZnWBh/I9A3pMT6slnB3FYpeZuDQMnSLZCyHphfMY1KQZD7NUecScKPF5372M=
.cpm-ad.com/	1970-01-19 15:16:33	Name: __cf_bm Value: 0c3238630bfc3e16d1dcf815e07b800947798e3b-1610191933-1800-AeEiLJf1GLBm8sO94gXOIXXY10pjW5/dOCs6gNFMmDeLzMC2w3I+Im6IzSV9WPkPijtKyWBDnU1xcHauK2gObls=
.mediacpm.pl/	1970-01-19 15:16:33	Name: __cf_bm Value: 6be0d2c4536607012d3f6d4909f2444be502e3f7-1610191933-1800-ATy3Sa6AbbSTybhp6dxJP97dfnfy4Xn2Jxxj3LNPIGqS8CUvrsdQW+F3MFS9h/njX9fX8XhOzL4U+fnBbu2Y14M=
.blogger.com/	1969-12-31 23:59:59	Name: S Value: blogger=KvneJUURfsDYNEAeUoTvUmdR0LXSPdQbcS1e9Qro2vA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ad2bitcoin.com
adbtc.top
adz2you.net
apis.google.com
cpm-ad.com
earnmoney.help2u.xyz
g.cash-ads.com
mdgzg.com
mediacpm.pl
nevtkm.com
pagead2.googlesyndication.com
resources.blogblog.com
traffic2bitcoin.com
www.blogger.com
www.gstatic.com
147.135.220.104
23.95.12.219
2606:4700:20::681a:d59
2606:4700:3032::ac43:98f7
2606:4700:3035::6812:3916
2606:4700:3036::681f:5195
2606:4700:3038::6815:ea5e
2606:4700:e6::ac40:c511
2a00:1450:4001:800::200e
2a00:1450:4001:802::2002
2a00:1450:4001:814::2003
2a00:1450:4001:814::2009
2a00:1450:4001:814::200d
2a00:1450:4001:818::2013
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
1dd1bcb1be15d9905d4962f84765e0814b3aa07d643826bc61fa957a3d82d594
380be71e72fb28899a6cf71bad4434677a6df3a2fcce56d23c28bc4794549047
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3e51f1f53f9449e241d46c551d63b14e91cb113480b04fd4e0e49d3b8c96505e
4bf4e9296165fffe3661a6a978e175f37f9ff65e6ac2beb9f40a92e2d96710c3
57794b700c320fe497a0dcf0578c9e0f889499d9794bf5d8458c4da2c6b74b47
6e232a3693a281342acc16b293dddeafcf91579f1b52df2cf22303b17c2a0e57
816a527542ad79e1d70328d4a48bcda30a029d1fedbbc7edd628aa2c86a546af
90364f9e89de88e01f85441ad4f682cef06a7d643a338d423019076a403b32f0
92a346340df7310f5e48d710ae157dbf32ccddcd0512ace010c3bf8a39d1a9b9
97896e492ce6b806d7449272d7a2eaeefb5c9fd8f290ee89a2c63f62b3c06bea
9f9fb5396ea8566bb59a43a174a5ec23bf4e04ec9cc18b85b69af22d9206ddd6
a09131f2885086eb3dea6a379c43e58c88e683b99fb7cf9cefde399dfd68d0ff
b113ad392e9d9e3b2f7d9e2aaa1a3b15d1e6c2834babf66c36ee3448da183a27
b5a2ebb29be35e23d1aed3ca59399bdf62ae3506c55a3f1ac8256d8f5395935f
c91afadbe63dd834aac00b49bc715795da58970e7d500c4bd8f50ed713c77880
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
cca664ca16fde285160e80eae6ba4501c27b1dd1ce09aec1e84caa74b5baff53
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
cf1465948bf88033efa2613f4b9362cdddd702b4107f39d0aafb6023419a4efe
d172d750493be64a7ed84dec1dd2a0d787ba42f78bc694b0858f152c52b6620b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eace67ffe427f8e9c8b07912afc29ecb91f52dfb1cbc60ea3811b15cde32f834
f27a80b9606f52276c922913115169ff24a3403ac8db20e2f87f9ca6f32123aa
f96ff397a06f459aa5c30d53813342a60758c64bfa5f7187a5aff79a71445506

earnmoney.help2u.xyz Open in urlscan Pro 2a00:1450:4001:818::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

100 %HTTPS

86 %IPv6

15 Domains

16 Subdomains

13 IPs

3 Countries

296 kBTransfer

684 kBSize

4 Cookies

18 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

earnmoney.help2u.xyz Open in urlscan Pro
2a00:1450:4001:818::2013 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

86 %
IPv6

15
Domains

16
Subdomains

13
IPs

3
Countries

296 kB
Transfer

684 kB
Size

4
Cookies

49 HTTP transactions
0 data transactions